EUVD-2026-17067

A Privilege Dropping / Lowering Errors/Time-of-check Time-of-use TOCTOU Race Condition vulnerability in cosmic-greeter can allow an attacker to regain privileges that should have been dropped and abuse them in the racy checking logic. This issue affects cosmic-greeter before...

CVE-2026-25704

A Privilege Dropping / Lowering Errors/Time-of-check Time-of-use TOCTOU Race Condition vulnerability in cosmic-greeter can allow an attacker to regain privileges that should have been dropped and abuse them in the racy checking logic. This issue affects cosmic-greeter before...

PT-2026-28805

Name of the Vulnerable Software and Affected Versions cosmic-greeter versions prior to https://github.Com/pop-os/cosmic-greeter/pull/426 Description A Time-of-check Time-of-use TOCTOU race condition exists in cosmic-greeter. This condition can allow an attacker to regain privileges that should ha...

CVE-2026-21882

theshit is a command-line utility that automatically detects and fixes common mistakes in shell commands. Prior to version 0.2.0, improper privilege dropping allows local privilege escalation via command re-execution. This issue has been patched in version 0.2.0...

CVE-2026-21882

CVE-2026-21882 affects theshit, a command-line utility that detects and fixes shell command mistakes. In versions prior to 0.2.0, improper privilege dropping enables local privilege escalation via command re-execution. The issue is demonstrated as a local attack with high impact on confidentialit...

CVE-2026-21882 theshit's Improper Privilege Dropping Allows Local Privilege Escalation via Command Re-execution

theshit is a command-line utility that automatically detects and fixes common mistakes in shell commands. Prior to version 0.2.0, improper privilege dropping allows local privilege escalation via command re-execution. This issue has been patched in version 0.2.0...

CVE-2026-21882 theshit's Improper Privilege Dropping Allows Local Privilege Escalation via Command Re-execution

theshit is a command-line utility that automatically detects and fixes common mistakes in shell commands. Prior to version 0.2.0, improper privilege dropping allows local privilege escalation via command re-execution. This issue has been patched in version 0.2.0...

PT-2026-22690

Name of the Vulnerable Software and Affected Versions theshit versions prior to 0.2.0 Description theshit is a command-line utility designed to detect and correct common errors in shell commands. A flaw in privilege handling prior to version 0.2.0 allows for local privilege escalation through...

MiracleLinux 7 : zsh-5.0.2-34.el7.2 (AXSA:2020-4510:02)

The remote MiracleLinux 7 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2020-4510:02 advisory. zsh: insecure dropping of privileges when unsetting PRIVILEGED option CVE-2019-20044 Tenable has extracted the preceding description block directly from the...

CLSA-2025-1761673667 Fix CVE(s): CVE-2019-20044

SECURITY UPDATE: insecure privilege dropping vulnerability - debian/patches/CVE-2019-20044-.patch: improve error handling in setopt command, add OpenSSH-based setresuid/setresgid wrappers, simplify and secure privilege dropping logic, add comprehensive tests for PRIVILEGED option - CVE-2019-20044...

EUVD-2011-3314

Malware in sbrugna...

EUVD-2010-3428

Malware in sbrugna...

EUVD-2010-3429

Malware in sbrugna...

EUVD-2021-9472

Malicious code in bioql PyPI...

CVE-2021-22326

A component of the HarmonyOS has a Privilege Dropping / Lowering Errors vulnerability. Local attackers may exploit this vulnerability to obtain Kernel space read/write capability...

CVE-2011-3350

masqmail 0.2.21 through 0.2.30 improperly calls seteuid in src/log.c and src/masqmail.c that results in improper privilege dropping...

[SECURITY] [DSA 5896-1] trafficserver security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5896-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff April 05, 2025 https://www.debian.org/security/faq -...

RHEL 4 : krb5 (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 4 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - krb5, krb5-appl: ftpd incorrect group privilege dropping MITKRB5-SA-2011-005 CVE-2011-1526 - krb5: SPNEGO...

USN-6656-2: PostgreSQL vulnerability

USN-6656-1 fixed several vulnerabilities in PostgreSQL. This update provides the corresponding updates for Ubuntu 16.04 LTS Original advisory details: It was discovered that PostgreSQL incorrectly handled dropping privileges when handling REFRESH MATERIALIZED VIEW CONCURRENTLY commands. If a user...

Ubuntu: Security Advisory (USN-6656-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...