Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9 matches found

Positive Technologies
Positive Technologiesadded 2026/05/14 12:0 a.m.10 views

PT-2026-40932

Name of the Vulnerable Software and Affected Versions VMware Fusion versions prior to 26H1 Description VMware Fusion contains a TOCTOU Time-of-check Time-of-use race condition that occurs during an operation performed by a SETUID binary. A malicious actor with local non-administrative user...

7.8CVSS6AI score0.00043EPSS
Exploits0References26
UbuntuCve
UbuntuCveadded 2026/04/22 5:16 p.m.4 views

CVE-2026-35350

The cp utility in uutils coreutils fails to properly handle setuid and setgid bits when ownership preservation fails. When copying with the -p preserve flag, the utility applies the source mode bits even if the chown operation is unsuccessful. This can result in a user-owned copy retaining origin...

6.6CVSS5.8AI score0.00014EPSS
Exploits1References2
Debian CVE
Debian CVEadded 2026/04/03 2:21 a.m.5 views

CVE-2026-35535

In Sudo through 1.9.17p2 before 3e474c2, a failure of a setuid, setgid, or setgroups call, during a privilege drop before running the mailer, is not a fatal error and can lead to privilege escalation...

7.8CVSS5.2AI score0.00006EPSS
Exploits0
CNNVD
CNNVDadded 2025/12/05 12:0 a.m.2 views

util-linux 缓冲区错误漏洞

util-linux is an open source package for util-linux. A buffer error vulnerability exists in util-linux that stems from an over-read of the heap buffer when processing a 256-byte username, which could lead to security issues with the SUID login tool...

6.1CVSS6.8AI score0.00009EPSS
Exploits0References3
Tenable Nessus
Tenable Nessusadded 2025/10/29 12:0 a.m.3 views

Siemens SIMATIC Devices Stack-based Buffer Overflow (CVE-2023-4911)

A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so while processing the GLIBCTUNABLES environment variable. This issue could allow a local attacker to use maliciously crafted GLIBCTUNABLES environment variables when launching binaries with SUID permission to execute code...

7.8CVSS7.4AI score0.6505EPSS
Exploits25References7
OSV
OSVadded 2024/03/19 5:15 a.m.1 views

UBUNTU-CVE-2024-22017

setuid does not affect libuv's internal iouring operations if initialized before the call to setuid. This allows the process to perform privileged operations despite presumably having dropped such privileges through a call to setuid. This vulnerability affects all users using version greater or...

7.3CVSS6.9AI score0.00876EPSS
Exploits0References6
Microsoft CVE
Microsoft CVEadded 2020/09/25 7:0 a.m.5 views

Privilege escalation in setuid mode via user namespaces in Bubblewrap

...

8.5CVSS7AI score0.00177EPSS
Exploits0
RedHat Linux
RedHat Linuxadded 2015/07/20 2:0 p.m.1 views

kernel: race condition between chown() and execve()

A race condition flaw was found between the chown and execve system calls. When changing the owner of a setuid user binary to root, the race condition could momentarily make the binary setuid root. A local, unprivileged user could potentially use this flaw to escalate their privileges on the syst...

6.2CVSS6.7AI score0.00032EPSS
Exploits0References4
OSV
OSVadded 2004/12/31 5:0 a.m.2 views

DEBIAN-CVE-2004-2303

MTools Mformat before 3.9.9, when installed setuid root, creates files with world-readable and world-writable permissions, which allows local users to read and overwrite files...

3.6CVSS6.5AI score0.00578EPSS
Exploits0References1
Rows per page
Query Builder