17 matches found
CVE-2024-41790
A vulnerability has been identified in SENTRON 7KT PAC1260 Data Manager All versions. The web interface of affected devices does not sanitize the region parameter in specific POST requests. This could allow an authenticated remote attacker to execute arbitrary code with root privileges...
EUVD-1999-1363
Malware in sbrugna...
EUVD-1999-0923
Malware in sbrugna...
EUVD-2015-1465
Malware in sbrugna...
EUVD-2025-23508
Malicious code in bioql PyPI...
CVE-2025-30098
Dell PowerProtect Data Domain with Data Domain Operating System DD OS of Feature Release versions 7.7.1.0 through 8.1.0.10, LTS2024 release Versions 7.13.1.0 through 7.13.1.25, LTS 2023 release versions 7.10.1.0 through 7.10.1.50, contain an Improper Neutralization of Special Elements used in an ...
CVE-2019-18308
A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server All versions. An attacker with local access to the MS3000 Server and a low privileged user account could gain root privileges by manipulating specific files in the local file system. This vulnerability is independent from...
CVE-2004-0793
The calendar program in bsdmainutils 6.0 through 6.0.14 does not drop root privileges when executed with the -a flag, which allows attackers to execute arbitrary commands via a calendar event file...
UTempter 0.5.x - Multiple Local Vulnerabilities
source: https://www.securityfocus.com/bid/10178/info It has been reported that utempter is affected by multiple local vulnerabilities. The first issue is due to an input validation error that causes the application to exit improperly; facilitating symbolic link attacks. The second issue is due to...
ptrace contains vulnerability allowing for local root compromise
Overview A vulnerability in the Linux 2.2 and 2.4 distributions of ptrace may permit a local attacker to gain elevated privileges. Description The Linux 2.2 and 2.4 kernels contained a flaw in ptrace. This vulnerability may permit a local user to have the kernel spawn a child process. From the ma...
IBM DB2 - Shared Library Injection
source: https://www.securityfocus.com/bid/8346/info IBM DB2 ships with a number of shared libraries, stored in a directory owned by the user and group 'bin'. As setuid root utilities are linked to these libraries, their ownership by a user and group of a lower privilege level constitutes a...
SAP Database 7.37.4 - SDBINST Race Condition
SAP Database 7.37.4 - SDBINST Race Condition source: https://www.securityfocus.com/bid/7421/info SAP Database SDBINST has been reported prone to a race condition vulnerability. It has been reported that the SAP Database install tool SDBINST may perform operations non-atomically when installing th...
WSMP3 0.0.1/0.0.2 - Remote Heap Corruption (2)
// source: https://www.securityfocus.com/bid/6240/info A remotely exploitable heap corruption vulnerability has been reported for WSMP3. Due to insufficient bounds checking of user-supplied input, it is possible for a remote attacker to corrupt heap memory. By corrupting allocated memory headers,...
CVE-1999-1384
Indigo Magic System Tour in the SGI system tour package systour for IRIX 5.x through 6.3 allows local users to gain root privileges via a Trojan horse .exitops program, which is called by the inst command that is executed by the RemoveSystemTour program...
SuSE Linux 6.47.07.17.2 Berkeley Parallel Make - Shell Definition Format String
SuSE Linux 6.47.07.17.2 Berkeley Parallel Make - Shell Definition Format String // source: https://www.securityfocus.com/bid/3572/info Parallel Make pmake is a freely available version of the make program, originally distributed with Berkeley Unix. It is designed to execute Makefiles and build...
CVE-1999-1212
Vulnerability in in.rlogind in SunOS 4.0.3 and 4.0.3c allows local users to gain root privileges...
CVE-2001-0268
The i386setldt system call in NetBSD 1.5 and earlier, and OpenBSD 2.8 and earlier, when the USERLDT kernel option is enabled, does not validate a call gate target, which allows local users to gain root privileges by creating a segment call gate in the Local Descriptor Table LDT with a target that...