CVE-2021-25311

condorcredd in HTCondor before 8.9.11 allows Directory Traversal outside the SECCREDENTIALDIRECTORYOAUTH directory, as demonstrated by creating a file under /etc that will later be executed by root...

CVE-2020-27151

An issue was discovered in Kata Containers through 1.11.3 and 2.x through 2.0-rc1. The runtime will execute binaries given using annotations without any kind of validation. Someone who is granted access rights to a cluster will be able to have kata-runtime execute arbitrary binaries as root on th...

CVE-2020-25758

An issue was discovered on D-Link DSR-250 3.17 devices. Insufficient validation of configuration file checksums could allow a remote, authenticated attacker to inject arbitrary crontab entries into saved configurations before uploading. These entries are executed as root...

CVE-2019-14920

Billion Smart Energy Router SG600R2 Firmware v3.02.rc6 allows an authenticated attacker to gain root execution privileges over the device via a hidden etcro/web/adm/systemcommand.asp shell feature...

CVE-2025-43917

In Pritunl Client before 1.3.4220.57, an administrator with access to /Applications can escalate privileges after uninstalling the product. Specifically, an administrator can insert a new file at the pathname of the removed pritunl-service file. This file then is executed by a LaunchDaemon as roo...

CVE-2024-13861

A code injection vulnerability in the Debian package component of Taegis Endpoint Agent Linux versions older than 1.3.10 allows local users arbitrary code execution as root. Redhat-based systems using RPM packages are not affected...

OESA-2025-1349 containerd security update

containerd is an industry-standard container runtime with an emphasis on simplicity, robustness and portability. It is available as a daemon for Linux and Windows, which can manage the complete container lifecycle of its host system: image transfer and storage, container execution and supervision...

OESA-2025-1325 containerd security update

containerd is an industry-standard container runtime with an emphasis on simplicity, robustness and portability. It is available as a daemon for Linux and Windows, which can manage the complete container lifecycle of its host system: image transfer and storage, container execution and supervision...

RockyLinux 9 : tuned (RLSA-2024:10384)

The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:10384 advisory. tuned: scriptpre and scriptpost options allow to pass arbitrary scripts executed by root CVE-2024-52336 tuned: improper sanitization of instancename...

AZL-60897 CVE-2024-40635 affecting package moby-containerd-cc for versions less than 1.7.7-11

containerd is an open-source container runtime. A bug was found in containerd prior to versions 1.6.38, 1.7.27, and 2.0.4 where containers launched with a User set as a UID:GID larger than the maximum 32-bit signed integer can cause an overflow condition where the container ultimately runs as roo...

CVE-2024-23624

A command injection vulnerability exists in the gena.cgi module of D-Link DAP-1650 devices. An unauthenticated attacker can exploit this vulnerability to gain command execution on the device as root...

CVE-2024-8531

CWE-347: Improper Verification of Cryptographic Signature vulnerability exists that could compromise the Data Center Expert software when an upgrade bundle is manipulated to include arbitrary bash scripts that are executed as root...

ABB Cylon FLXeon 9.3.4 (cmds.js) Authenticated Root Remote Code Execution

Summary BACnet® Smart Building Controllers. ABB's BACnet portfolio features a series of BACnet® IP and BACnet MS/TP field controllers for ASPECT® and INTEGRA™ building management solutions. ABB BACnet controllers are designed for intelligent control of HVAC equipment such as central plant, boiler...

CVE-2020-13712 MGOS Command Injection

A command injection is possible through the user interface, allowing arbitrary command execution as the root user. oMG2000 running MGOS 3.15.1 or earlier is affected. MG90 running MGOS 4.2.1 or earlier is affected...

The vulnerability of the “edgserver” service in the microprogramming software for multifunctional wireless access points of Advantech models EKI-6333AC-2G, EKI-6333AC-2GD, and EKI-6333AC-1GPO allows a hacker to execute arbitrary commands with root privileges.

The vulnerability of the “edgserver” service in the microprogramming-based wireless access points of Advantech EKI-6333AC-2G, EKI-6333AC-2GD, and EKI-6333AC-1GPO models exists due to the failure to take measures to neutralize the special elements used in the operating system commands. Exploiting...

PT-2024-17358 · Ixsystems · Ixsystems Truenas Core

Name of the Vulnerable Software and Affected Versions: iXsystems TrueNAS CORE affected versions not specified Description: This issue allows network-adjacent attackers to tamper with firmware update files on affected installations of iXsystems TrueNAS devices. The specific flaw exists within the...

PT-2024-9162 · Trellix · Trellix Enterprise Security Manager

Name of the Vulnerable Software and Affected Versions: Trellix Enterprise Security Manager version 11.6.10 Description: A vulnerability in Trellix Enterprise Security Manager allows unauthenticated access to the internal Snowservice API and enables remote code execution through command injection,...

USN-7117-1 Several security issues were fixed in needrestart and Module::ScanDeps

Qualys discovered that needrestart passed unsanitized data to a library libmodule-scandeps-perl which expects safe input. A local attacker could possibly use this issue to execute arbitrary code as root. CVE-2024-11003 Qualys discovered that the library libmodule-scandeps-perl incorrectly parsed...

The vulnerability of the `changeFileRights` function in the `osUtils.cpp` module of the database management system “Red Database” is related to improper access control, allowing attackers to trigger a service failure for the DBMS.

The vulnerability of the changeFileRights function in the osUtils.cpp module of the database management system “Red Database” is related to the fact that if the server is run under the user’s identity other than the default user reddatabase, then running the server’s utilities under the root user...

NetworkManager-libreswan: Local privilege escalation via leftupdown

A flaw was found in the libreswan client plugin for NetworkManager NetkworkManager-libreswan, where it fails to properly sanitize the VPN configuration from the local unprivileged user. In this configuration, composed by a key-value format, the plugin fails to escape special characters, leading t...