Exploit for CVE-2026-31431

CopyFail: CVE-2026-31431 Python implementation of copy.fail...

CVE-2026-29123 Multiple SUID Root Binaries in `xd` User Home Directory Leading to Potential Local Privilege Escalation

A SUID root-owned binary in /home/xd/terminal/XDTerminal in International Data Casting IDC SFX2100 on Linux allows a local actor to potentially preform local privilege escalation depending on conditions of the system via execution of the affected SUID binary. This can be via PATH hijacking, symli...

CVE-2026-29123 Multiple SUID Root Binaries in `xd` User Home Directory Leading to Potential Local Privilege Escalation

A SUID root-owned binary in /home/xd/terminal/XDTerminal in International Data Casting IDC SFX2100 on Linux allows a local actor to potentially preform local privilege escalation depending on conditions of the system via execution of the affected SUID binary. This can be via PATH hijacking, symli...

EUVD-2019-14054

Malware in sbrugna...

EUVD-2022-40317

Malicious code in bioql PyPI...

Huawei EulerOS: Security Advisory for libguestfs-winsupport (EulerOS-SA-2019-2253)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Buffer Overflows And Privilege Escalation

libguestfs-winsupport is vulnerable to heap-based buffer overflow. An attacker can run /bin/ntfs-3g with a malicious file, even causing local access escalation attack if the /bin/ntfs-3g is a setuid-root binary...

CVE-2016-10729

An issue was discovered in Amanda 3.3.1. A user with backup privileges can trivially compromise a client installation. The "runtar" setuid root binary does not check for additional arguments supplied after --create, allowing users to manipulate commands and perform command injection as root...

SUSE SLES11 Security Update : kernel (SUSE-SU-2018:2907-1)

The SUSE Linux Enterprise 11 SP3 kernel was updated to receive various security and bugfixes. The following security bugs were fixed : CVE-2018-14634: Prevent integer overflow in createelftables that allowed a local attacker to exploit this vulnerability via a SUID-root binary and obtain full roo...

Local-Privilege Escalation Flaw in Linux Kernel Allows Root Access

A local-privilege escalation vulnerability in the Linux kernel affects all current versions of Red Hat Enterprise Linux and CentOS, even in their default/minimal installations. It would allow an attacker to obtain full administrator privileges over the targeted system, and from there potentially...

MGASA-2017-0171 Updated smb4k packages fix security vulnerability

Smb4k contains a logic flaw in which mount helper binary does not properly verify the mount command it is being asked to run. This allows calling any other binary as root since the mount helper is typically installed as suid CVE-2017-8849...

Apple Mac OSX / iOS - SUID Binary Logic Error Kernel Code Execution

Exploit for multiple platform in category local exploits Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=676 tl;dr The code responsible for loading a suid-binary following a call to the execve syscall invalidates the task port after first swapping the new vmmap into the old task...

kernel: race condition between chown() and execve()

A race condition flaw was found between the chown and execve system calls. When changing the owner of a setuid user binary to root, the race condition could momentarily make the binary setuid root. A local, unprivileged user could potentially use this flaw to escalate their privileges on the syst...

Apple Mac OSX Install.Framework - SUID Root Runner Binary Privilege Escalation

Source: https://code.google.com/p/google-security-research/issues/detail?id=478 The Install.framework runner suid root binary does not correctly account for the fact that Distributed Objects can be connected to by multiple clients at the same time. By connecting two proxy objects to an...

Sun Cobalt RaQ 4.0 Predictable Temporary Filename Symbolic Link Attack Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/5529/info A vulnerability has been reported in Cobalt RaQ that may allow attackers to obtain elevated privileges. The vulnerability exists in the /usr/lib/authenticate utility which is used by Apache for authentication...

FreeBSD 3.3,Linux Mandrake 7.0 'xsoldier' Buffer Overflow Vulnerability (2)

No description provided by source. source: http://www.securityfocus.com/bid/871/info Certain versions of FreeBSD 3.3 Confirmed and Linux Mandrake confirmed ship with a vulnerable binary in their X11 games package. The binary/game in question, xsoldier, is a setuid root binary meant to be run via ...

Debian 2.2,S.u.S.E 6.3/6.4/7.0 man -l Format String Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/2327/info man is the manual page viewing program, available with the Linux Operating System in this implementation. It is freely distributed and openly maintained. A problem with the man command may allow for the elevatio...

Tarantella Enterprise 3 gunzip Race Condition Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/3966/info Tarantella Enterprise 3 is vulnerable to a race condition during the installation process. During installation, a root owned binary is created in /tmp the directory specified by the $TMPDIR environment variable...

Superuser unsanitized environment vulnerability on Android <= 4.2.x

Vulnerable releases of several common Android Superuser packages may allow malicious Android applications to execute arbitrary commands as root without notifying the device owner: - ChainsDD Superuser current releases, including v3.1.3 - CyanogenMod/ClockWorkMod/Koush Superuser current releases,...

IBM AIX 5.3 libc MALLOCDEBUG File Overwrite Vulnerability

No description provided by source. !/bin/bash \ / /| | | | \ | | | | | | \ | | | | | | \ \ | | \ | | | | \ | | \ \ | | | \ | |/ / |/ http://root-the.net + IBM AIX libc MALLOCDEBUG File Overwrite Vulnerability + Refer : securitytracker.com/id?1022261 + Exploit : Affix [email protected] + Tested on...