33 matches found
CVE-2022-40297
UBports Ubuntu Touch 16.04 allows the screen-unlock passcode to be used for a privileged shell via Sudo. This passcode is only four digits, far below typical length/complexity for a user account's password. NOTE: a third party states "The described attack cannot be executed as demonstrated...
CVE-2022-40297
UBports Ubuntu Touch 16.04 allows the screen-unlock passcode to be used for a privileged shell via Sudo. This passcode is only four digits, far below typical length/complexity for a user account's password. NOTE: a third party states "The described attack cannot be executed as demonstrated...
PT-2022-25333 · Ubports · Ubports Ubuntu Touch
Name of the Vulnerable Software and Affected Versions: UBports Ubuntu Touch version 16.04 Description: The issue allows the screen-unlock passcode to be used for a privileged shell via Sudo. This passcode is only four digits, which is far below the typical length and complexity for a user account...
CVE-2021-41016
A improper neutralization of special elements used in a command 'command injection' in Fortinet FortiExtender version 7.0.1 and below, 4.2.3 and below, 4.1.7 and below allows an authenticated attacker to execute privileged shell commands via CLI commands including special characters...
CVE-2021-41016
A improper neutralization of special elements used in a command 'command injection' in Fortinet FortiExtender version 7.0.1 and below, 4.2.3 and below, 4.1.7 and below allows an authenticated attacker to execute privileged shell commands via CLI commands including special characters...
Command injection
A improper neutralization of special elements used in a command 'command injection' in Fortinet FortiExtender version 7.0.1 and below, 4.2.3 and below, 4.1.7 and below allows an authenticated attacker to execute privileged shell commands via CLI commands including special characters...
CVE-2021-41016
A improper neutralization of special elements used in a command 'command injection' in Fortinet FortiExtender version 7.0.1 and below, 4.2.3 and below, 4.1.7 and below allows an authenticated attacker to execute privileged shell commands via CLI commands including special characters...
Motorola MM1000 操作系统命令注入漏洞
The Motorola MM1000 is a network adapter from Motorola USA. A security vulnerability exists in the Motorola MM1000 that could allow privileged shell access and/or arbitrary privileged command execution on the adapter...
CVE-2021-26089
An improper symlink following in FortiClient for Mac 6.4.3 and below may allow an non-privileged user to execute arbitrary privileged shell commands during installation phase...
CVE-2021-26089
An improper symlink following in FortiClient for Mac 6.4.3 and below may allow an non-privileged user to execute arbitrary privileged shell commands during installation phase...
Samsung - seiren Kernel Driver Buffer Overflow
Samsung - seiren Kernel Driver Buffer Overflow Source: https://code.google.com/p/google-security-research/issues/detail?id=491 The Exynos Seiren Audio driver has a device endpoint /dev/seiren that is accessible by either the system user or the audio group such as the mediaserver. It was found tha...
CVE-1999-1585
The 1 rcS and 2 mountall programs in Sun Solaris 2.x, possibly before 2.4, start a privileged shell on the system console if fsck fails while the system is booting, which allows attackers with physical access to gain root privileges...
tcpwrapper-backdoor.txt
Date: Thu, 21 Jan 1999 11:38:17 -0500 From: Wietse Venema To: [email protected] Subject: backdoored tcp wrapper source code TCP Wrappers is a widely-used security tool to protect UNIX systems against intrusion. In has an estimated installed base of millions. Today someone replaced the tcp...