16 matches found
EUVD-2022-30303
Malicious code in bioql PyPI...
EUVD-2021-28415
Malicious code in bioql PyPI...
SUSE CVE-2022-25643
seatd-launch in seatd 0.6.x before 0.6.4 allows removing files with escalated privileges when installed setuid root. The attack vector is a user-supplied socket pathname...
CVE-2022-25643
seatd-launch in seatd 0.6.x before 0.6.4 allows removing files with escalated privileges when installed setuid root. The attack vector is a user-supplied socket pathname...
DEBIAN-CVE-2022-25643
seatd-launch in seatd 0.6.x before 0.6.4 allows removing files with escalated privileges when installed setuid root. The attack vector is a user-supplied socket pathname...
CVE-2022-25643
seatd-launch in seatd 0.6.x before 0.6.4 allows removing files with escalated privileges when installed setuid root. The attack vector is a user-supplied socket pathname...
CVE-2022-25643
seatd-launch in seatd 0.6.x before 0.6.4 allows removing files with escalated privileges when installed setuid root. The attack vector is a user-supplied socket pathname...
Design/Logic Flaw
seatd-launch in seatd 0.6.x before 0.6.4 allows removing files with escalated privileges when installed setuid root. The attack vector is a user-supplied socket pathname...
seatd-launch 权限许可和访问控制问题漏洞
Seatd is an administrative daemon. It is used to mediate access to shared devices graphics, input. seatd-launch A security vulnerability exists in seatd versions 0.6.x through 0.6.4, which stems from a lack of privilege restrictions in the software that allow files with escalated privileges to be...
CVE-2022-25643
CVE-2022-25643 affects seatd-launch in seatd 0.6.x prior to 0.6.4. It allows removing files with escalated privileges when the binary is installed setuid root, with the attack vector being a user-supplied socket pathname. Public details in the provided document indicate the vulnerable condition a...
FreeBSD : seatd-launch -- remove files with escalated privileges with SUID (1cd565da-455e-41b7-a5b9-86ad8e81e33e)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 1cd565da-455e-41b7-a5b9-86ad8e81e33e advisory. - Kenny Levinsen reports: seatd-launch could use a user-specified socket path instead of the internally...
seatd-launch -- remove files with escalated privileges with SUID
Kenny Levinsen reports: seatd-launch could use a user-specified socket path instead of the internally generated socket path, and would unlink the socket path before use to guard against collision with leftover sockets. This meant that a caller could freely control what file path would be unlinked...
CVE-2021-41387
seatd-launch in seatd 0.6.x before 0.6.2 allows privilege escalation because it uses execlp and may be installed setuid root...
CVE-2021-41387
seatd-launch in seatd 0.6.x before 0.6.2 allows privilege escalation because it uses execlp and may be installed setuid root...
FreeBSD : seatd-launch -- privilege escalation with SUID (49c35943-0eeb-421c-af4f-78e04582e5fb)
Kenny Levinsen reports : seatd-launch used execlp, which reads the PATH environment variable to search for the requested executable, to execute seatd. This meant that the caller could freely control what executable was loaded by adding a user-writable directory to PATH. If seatd-launch had the SU...
seatd-launch -- privilege escalation with SUID
Kenny Levinsen reports: seatd-launch used execlp, which reads the PATH environment variable to search for the requested executable, to execute seatd. This meant that the caller could freely control what executable was loaded by adding a user-writable directory to PATH. If seatd-launch had the SUI...