Lucene search
+L

293 matches found

Tenable Nessus
Tenable Nessus
added 2026/03/17 12:0 a.m.8 views

EulerOS Virtualization 2.10.0 : util-linux (EulerOS-SA-2026-1568)

According to the versions of the util-linux packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A flaw was found in util-linux. This vulnerability allows a heap buffer overread when processing 256-byte usernames, specifical...

6.1CVSS5.9AI score0.00179EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/03/16 12:0 a.m.5 views

EulerOS Virtualization 2.10.1 : util-linux (EulerOS-SA-2026-1548)

According to the versions of the util-linux packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A flaw was found in util-linux. This vulnerability allows a heap buffer overread when processing 256-byte usernames, specifical...

6.1CVSS5.9AI score0.00179EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/03/06 1:34 a.m.7 views

CVE-2026-29123

A SUID root-owned binary in /home/xd/terminal/XDTerminal in International Data Casting IDC SFX2100 on Linux allows a local actor to potentially preform local privilege escalation depending on conditions of the system via execution of the affected SUID binary. This can be via PATH hijacking, symli...

8.6CVSS6.1AI score0.00127EPSS
Exploits1References1
EUVD
EUVD
added 2026/03/05 3:31 a.m.10 views

EUVD-2026-9516

Multiple SUID root-owned binaries are found in /home/monitor/terminal, /home/monitor/kore-terminal, /home/monitor/IDE-DPack/terminal-dpack, and /home/monitor/IDE-DPack/terminal-dpack2 in International Data Casting IDC SFX2100 Satellite Receiver, which may lead to local privlidge escalation from t...

8.6CVSS5.8AI score0.00119EPSS
Exploits1References2
EUVD
EUVD
added 2026/03/05 3:31 a.m.8 views

EUVD-2026-9515

A SUID root-owned binary in /home/xd/terminal/XDTerminal in International Data Casting IDC SFX2100 on Linux allows a local actor to potentially preform local privilege escalation depending on conditions of the system via execution of the affected SUID binary. This can be via PATH hijacking, symli...

8.6CVSS6.1AI score0.00127EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2026/03/05 1:18 a.m.3 views

CVE-2026-29123

A SUID root-owned binary in /home/xd/terminal/XDTerminal in International Data Casting IDC SFX2100 on Linux allows a local actor to potentially preform local privilege escalation depending on conditions of the system via execution of the affected SUID binary. This can be via PATH hijacking, symli...

8.6CVSS6.1AI score0.00127EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2026/03/05 12:48 a.m.6 views

CVE-2026-29121 `/sbin/ip` Binary given SETUID Permissions on IDC SFX2100 Leading to Potential LPE

International Data Casting IDC SFX2100 satellite receiver comes with the /sbin/ip utility installed with the setuid bit set. This configuration grants elevated privileges to any local user who can execute the binary. A local actor is able to use the GTFObins resource to preform privileged file...

9.2CVSS5.8AI score0.00148EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/03/05 12:0 a.m.7 views

International Datacasting SFX2100 SuperFlex Satellite Receiver 安全漏洞

The International Datacasting SFX2100 SuperFlex Satellite Receiver is a professional broadcast-grade satellite signal receiving device from the International Datacasting company. The International Datacasting SFX2100 SuperFlex Satellite Receiver has a security vulnerability, which stems from the...

8.6CVSS5.8AI score0.00127EPSS
Exploits1References1
GithubExploit
GithubExploit
added 2026/03/02 9:57 p.m.182 views

linux-privilege-escalation-oscp-guide

🔥 Cyber Public School – Linux Privilege Escalation Ultra Guide...

6AI score
Exploits0
GithubExploit
GithubExploit
added 2026/02/08 10:42 a.m.187 views

LinuxPrivEscToolkit

🛡️ Linux Privilege Escalation Toolkit !Pythonhttps://img.s...

5.7AI score
Exploits0
RedHat Linux
RedHat Linux
added 2026/02/04 11:22 a.m.4 views

util-linux: util-linux: Heap buffer overread in setpwnam() when processing 256-byte usernames

A flaw was found in util-linux. This vulnerability allows a heap buffer overread when processing 256-byte usernames, specifically within the setpwnam function, affecting SUID Set User ID login-utils utilities writing to the password database...

6.1CVSS5.9AI score0.00179EPSS
Exploits0References4
GithubExploit
GithubExploit
added 2026/02/02 9:35 p.m.141 views

SUID_Trust_Exploiter

SU...

5.3AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/01/29 12:0 a.m.7 views

Unity Linux 20.1070e Security Update: screen (UTSA-2026-005209)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005209 advisory. A minor information leak when running Screen with setuid-root privileges allows unprivileged users to deduce information about a path that would otherwise not be...

3.3CVSS5.9AI score0.00213EPSS
Exploits0References4
AstraLinux
AstraLinux
added 2026/01/27 5:1 a.m.7 views

Astra Linux – Vulnerability in Systemd

A vulnerability was discovered in systemd-coredump. This flaw allows an attacker to force a SUID process to crash and replace it with a non-SUID binary, thereby gaining access to the original’s privileged process core dump. This enables the attacker to read sensitive data, such as the contents of...

4.7CVSS6.4AI score0.0066EPSS
Exploits1References3
NVD
NVD
added 2026/01/21 6:16 p.m.10 views

CVE-2026-23754

D-Link D-View 8 versions 2.0.1.107 and below contain an improper access control vulnerability in backend API endpoints. Any authenticated user can supply an arbitrary userid value to retrieve sensitive credential data belonging to other users, including super administrators. The exposed credentia...

8.8CVSS0.00319EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.6 views

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-004403)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004403 advisory. A race condition in perfeventopen allows local attackers to leak sensitive data from setuid programs. As no relevant locks in particular the credguardmutex are held...

5.6CVSS7.1AI score0.00339EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.5 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000900)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000900 advisory. The movepages system call in mm/migrate.c in the Linux kernel before 4.12.9 doesn't check the effective uid of the target process, enabling a local attacker to learn...

5.5CVSS6.5AI score0.00469EPSS
Exploits0References13
RedhatCVE
RedhatCVE
added 2026/01/09 8:57 a.m.13 views

CVE-2023-4404

The Donation Forms by Charitable plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 1.7.0.12 due to insufficient restriction on the 'updatecoreuser' function. This makes it possible for unauthenticated attackers to specify their user role by supplying the...

9.8CVSS6.2AI score0.00765EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2025/12/31 12:0 a.m.3 views

Unity Linux 20.1070e Security Update: util-linux (UTSA-2025-993327)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993327 advisory. A flaw was found in util-linux. This vulnerability allows a heap buffer overread when processing 256-byte usernames, specifically within the setpwnam function,...

6.1CVSS5.6AI score0.00179EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/12/31 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2023-54168

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - RDMA/mlx4: Prevent shift wrapping in setusersqsize The ucmd-logsqbbcount variable is controlled by the user so this shift can wrap. Fix it by using...

5.9AI score0.00177EPSS
Exploits0References3
Rows per page
Query Builder