Lucene search
K

1283 matches found

Positive Technologies
Positive Technologies
added 2026/01/01 12:0 a.m.3 views

PT-2026-6750

Name of the Vulnerable Software and Affected Versions Asterisk versions prior to 20.7-cert9 Asterisk versions prior to 20.18.2 Asterisk versions prior to 21.12.1 Asterisk versions prior to 22.8.2 Asterisk versions prior to 23.2.2 Description The asterisk/contrib/scripts/ast coredumper script runs...

5.7AI score0.00173EPSS
Exploits0References7
Cvelist
Cvelist
added 2025/12/30 7:15 p.m.25 views

CVE-2025-69257 theshit vulnerable to unsafe loading of user-owned Python rules when running as root.

theshit is a command-line utility that automatically detects and fixes common mistakes in shell commands. Prior to version 0.1.1, the application loads custom Python rules and configuration files from user-writable locations e.g., /.config/theshit/ without validating ownership or permissions when...

6.7CVSS0.0012EPSS
Exploits0References2
Packet Storm
Packet Storm
added 2025/12/17 12:0 a.m.172 views

📄 Ilevia EVE X1/X5 Server 4.7.18.0.eden Root Privilege Escalation

A critical privilege escalation vulnerability exists in Ilevia EVE X1/X5 Server versions 4.7.18.0.eden and below. This is a proof of concept exploit written in PHP...

9.8CVSS7.2AI score0.07285EPSS
Exploits5
NVD
NVD
added 2025/12/16 1:15 a.m.6 views

CVE-2025-67736

The FreePBX module tts Text to Speech for FreePBX, an open-source web-based graphical user interface GUI that manages Asterisk. Versions prior to 16.0.5 and 17.0.5 are vulnerable to SQL injection by authenticated users with administrator access. Authenticated users with administrative access to t...

8.6CVSS0.06127EPSS
Exploits0References2
CVE
CVE
added 2025/12/12 8:57 p.m.14 views

CVE-2025-43467

CVE-2025-43467 affects macOS Tahoe prior to 26.1. The vulnerability is an undercheck flaw that could allow an unprivileged app to gain root privileges via local access. Apple’s security content notes the fix is in macOS Tahoe 26.1 with improved checks; Red Hat/NVD entries corroborate a root-privi...

7.8CVSS6.1AI score0.00166EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 2025/12/12 6:30 p.m.6 views

EUVD-2025-203095

An eval injection in the malware de-obfuscation routines of CloudLinux ai-bolit before v32.7.4 allows attackers to overwrite arbitrary files as root via scanning a crafted file...

8.8CVSS6.7AI score0.00251EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/12/11 12:0 a.m.7 views

PT-2025-50728

Name of the Vulnerable Software and Affected Versions cPanel versions 110 through 132 Description A directory traversal issue exists within the Team Manager API. This allows for the overwriting of arbitrary files, potentially leading to privilege escalation to the root user. Recommendations Updat...

8.8CVSS7AI score0.00709EPSS
Exploits0References6
CVE
CVE
added 2025/12/11 12:0 a.m.21 views

CVE-2025-66429

The CVE-2025-66429 issue affects cPanel versions 110–132, where a directory traversal in the Team Manager API can overwrite arbitrary files, enabling privilege escalation to root. Documented impact is high (CVE score 8.8). Exploitation status isn’t provided in the sources. Remediation guidance ap...

8.8CVSS7AI score0.00709EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2025/12/10 6:30 p.m.6 views

GHSA-QWCC-2R77-5W2F sd changes the group ownership of the source file

An issue in sd command v1.0.0 and before allows attackers to escalate privileges to root via a crafted command...

6.5CVSS7.2AI score0.00168EPSS
Exploits1References3
NVD
NVD
added 2025/12/10 4:16 p.m.7 views

CVE-2025-65807

An issue in sd command v1.0.0 and before allows attackers to escalate privileges to root via a crafted command...

8.4CVSS0.00168EPSS
Exploits1References2
OSV
OSV
added 2025/12/10 12:0 a.m.5 views

CVE-2025-65807

An issue in sd command v1.0.0 and before allows attackers to escalate privileges to root via a crafted command...

8.4CVSS7.2AI score0.00168EPSS
Exploits1References4
AlpineLinux
AlpineLinux
added 2025/12/10 12:0 a.m.4 views

CVE-2025-65807

An issue in sd command v1.0.0 and before allows attackers to escalate privileges to root via a crafted command...

8.4CVSS7.3AI score0.00168EPSS
Exploits1References3
Cvelist
Cvelist
added 2025/12/10 12:0 a.m.30 views

CVE-2025-65807

An issue in sd command v1.0.0 and before allows attackers to escalate privileges to root via a crafted command...

0.00168EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/12/10 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2025-65807

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue in sd command v1.0.0 and before allows attackers to escalate privileges to root via a crafted command. CVE-2025-65807 Note that Nessus relies on the...

8.4CVSS5.8AI score0.00168EPSS
Exploits1References3
OSV
OSV
added 2025/12/01 4:15 p.m.3 views

CVE-2025-57489

Incorrect access control in the SDAgent component of Shirt Pocket SuperDuper! v3.10 allows attackers to escalate privileges to root due to the improper use of a setuid binary...

8.1CVSS5.8AI score0.00257EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2025/12/01 12:0 a.m.3 views

CVE-2025-57489

Incorrect access control in the SDAgent component of Shirt Pocket SuperDuper! v3.10 allows attackers to escalate privileges to root due to the improper use of a setuid binary...

6.7AI score0.00257EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2025/11/29 2:15 a.m.4 views

CVE-2025-61915 OpenPrinting CUPS vulnerable to stack based out-of-bound write

OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. Prior to version 2.4.15, a user in the lpadmin group can use the cups web ui to change the config and insert a malicious line. Then the cupsd process which runs as root will parse the new config a...

6CVSS6.5AI score0.00409EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2025/11/10 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2025-64507

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Incus is a system container and virtual machine manager. An issue in versions prior to 6.0.6 and 6.19.0 affects any Incus user in an environment where an...

8.6CVSS5.8AI score0.00164EPSS
Exploits1References2
CVE
CVE
added 2025/11/07 6:40 p.m.20 views

CVE-2025-36186

CVE-2025-36186 affects IBM Db2 12.1.0 through 12.1.3 for Linux, UNIX and Windows (includes Db2 Connect Server). In specific configurations, a local user could execute malicious code and escalate privileges to root due to unnecessary privileges running at a higher-than-minimum level. IBM and conne...

7.8CVSS6.8AI score0.00121EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2025/11/07 12:0 a.m.6 views

IBM Db2 安全漏洞

IBM Db2 is a relational database management system from International Business Machines IBM. The system executes on UNIX, Linux, IBMi, z/OS, and Windows server versions. A security vulnerability exists in IBM Db2 versions 12.1.0 through 12.1.3, which stems from performing an unnecessarily...

7.8CVSS6.3AI score0.00121EPSS
Exploits0References2
Rows per page
Query Builder