Huawei EulerOS: Security Advisory for cloud-init (EulerOS-SA-2025-2380)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EUVD-2023-42853

Malicious code in bioql PyPI...

EUVD-2023-28212

Malicious code in bioql PyPI...

CVE-2025-8647

Kenwood DMX958XR Firmware Update Command Injection Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of Kenwood DMX958XR devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within t...

CBL Mariner 2.0 Security Update: sudo (CVE-2025-32463)

The version of sudo installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-32463 advisory. - Sudo before 1.9.17p1 allows local users to obtain root access because /etc/nsswitch.conf from a user- controll...

CVE-2020-29575

The official elixir Docker images before 1.8.0-alpine Alpine specific contain a blank password for a root user. Systems using the elixir Linux Docker container deployed by affected versions of the Docker image may allow a remote attacker to achieve root access with a blank password...

CVE-2024-54188

Infoblox NETMRI before 7.6.1 has a vulnerability allowing remote authenticated users to read arbitrary files with root access...

CVE-1999-0813

Cfingerd with ALLOWEXECUTION enabled does not properly drop privileges when it executes a program on behalf of the user, allowing local users to gain root privileges...

Security Bulletin: IBM Cloud Kubernetes Service is affected by a containerd security vulnerability (CVE-2024-40635)

Summary IBM Cloud Kubernetes Service is affected by a security vulnerability found in containerd where containers launched with a User set as a UID:GID larger than the maximum 32-bit signed integer can cause an overflow condition where the container ultimately runs as root UID 0. This could cause...

Ubuntu: Security Advisory (USN-7374-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-7374-1: containerd vulnerability

Benjamin Koltermann discovered that containerd incorrectly handled large user id values. This could result in containers possibly being run as root, contrary to expectations...

WAVLINK WN701AE Hardcoded Vulnerability

WAVLINK WN701AE is a router developed by China RuiYin Technology WAVLINK. The WAVLINK WN701AE suffers from a hard-coded vulnerability that can be exploited by an attacker to submit a special request to access the system as root...

CVE-2017-18509

An issue was discovered in net/ipv6/ip6mr.c in the Linux kernel before 4.11. By setting a specific socket option, an attacker can control a pointer in kernel land and cause an inetcsklistenstop general protection fault, or potentially execute arbitrary code under certain circumstances. The issue...

CVE-2004-1764

Buffer overflow in CDE libDtSvc on HP-UX B.11.00, B.11.04, B.11.11, and B.11.22 allows local users to gain root privileges via unknown vectors...

CVE-2002-1250

Buffer overflow in Abuse 2.00 and earlier allows local users to gain root privileges via a long -net command line argument...

sudo upgrade fixes a potential vulnerability

New sudo packages are available to fix a security problem which may allow users to become root, or to execute arbitrary code as root. Here's the information from the Slackware 8.0 ChangeLog: ---------------------------- Thu Apr 25 12:00:50 PDT 2002 patches/packages/sudo.tgz: Upgraded to sudo-1.6....

Дырка в Sawmill

Специальным образом сконструированный GET-запрос позволяет прочитать первую строчку любого файла, причем приложение запускается от root...

Sun Workshop 5.0 - Licensing Manager Symlink

source: https://www.securityfocus.com/bid/998/info A vulnerability exists in the installation of licenses for Sun's WorkShop 5.0 compilers, and other Sun products which use the FlexLM license management system. As part of the installation process, the 'lit' program is run. This program insecurely...