Lucene search
K

242 matches found

OSV
OSV
added 2 days ago2 views

DEBIAN-CVE-2026-58302

rtapiapp in linuxcnc-uspace in LinuxCNC before 2.9.9 allows privilege escalation. It is installed SUID root and loads shared library modules via dlopen by using a user-supplied module name. Insufficient validation of the module name allows path traversal, enabling an unprivileged local user to lo...

8.4CVSS5.9AI score0.00152EPSS
Exploits0References1
NVD
NVD
added 5 days ago7 views

CVE-2026-49413

The Linuxulator determined whether a binary was set-user-ID or set-group-ID by checking the PSUGID process flag. During execve2, this flag is not yet set at the point where the auxiliary vector is constructed, so ATSECURE was incorrectly set to zero for set-user-ID and set-group-ID executables. A...

7.1CVSS0.00098EPSS
Exploits1References1
CVE
CVE
added 5 days ago106 views

CVE-2026-49413

The CVE-2026-49413 issue affects the Linuxulator in FreeBSD, where the runtime determines set-user-ID/set-group-ID status by the P_SUGID flag. During execve, P_SUGID is not yet set when the ELF auxiliary vector is constructed, causing AT_SECURE to be incorrectly set to zero for setuid/setgid exec...

7.1CVSS5.8AI score0.00098EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 5 days ago34 views

CVE-2026-49413 Flaw in Linuxulator execution of setugid binaries

The Linuxulator determined whether a binary was set-user-ID or set-group-ID by checking the PSUGID process flag. During execve2, this flag is not yet set at the point where the auxiliary vector is constructed, so ATSECURE was incorrectly set to zero for set-user-ID and set-group-ID executables. A...

0.00098EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Systemd

It was discovered that a Systemd service that uses the DynamicUser property can obtain new privileges by executing SUID binaries. This allows the service to create binaries belonging to the transient group, with the setgid bit set. A local attacker could exploit this flaw to access resources that...

7.8CVSS6.1AI score0.00888EPSS
Exploits2References2
OSV
OSV
added 2026/06/17 10:51 a.m.4 views

SUSE-SU-2026:2430-1 Security update for openssh8.4

This update for openssh8.4 fixes the following issues - CVE-2026-3497: Information disclosure or denial of service due to uninitialized variables bsc1259642. - CVE-2026-35385: a file downloaded by scp may be installed setuid or setgid bsc1261427. - CVE-2026-35388: omitted connection multiplexing...

8.2CVSS7.1AI score0.0218EPSS
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2026/06/14 12:0 a.m.6 views

SUSE SLES15 Security Update : openssh (SUSE-SU-2026:2375-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2375-1 advisory. This update for openssh fixes the following issues - CVE-2026-3497: information disclosure or denial of service due to uninitialize...

8.2CVSS7.2AI score0.0218EPSS
Exploits0References14
Packet Storm News
Packet Storm News
added 2026/06/09 12:0 a.m.8 views

FreeBSD Security Advisory - FreeBSD-SA-26:30.linux

FreeBSD Security Advisory - The Linuxulator determined whether a binary was set-user-ID or set-group-ID by checking the PSUGID process flag. During execve2, this flag is not yet set at the point where the auxiliary vector is constructed, so ATSECURE was incorrectly set to zero for set-user-ID and...

5.5AI score0.00098EPSS
Exploits1
FreeBSD Advisory
FreeBSD Advisory
added 2026/06/09 12:0 a.m.7 views

FreeBSD-SA-26:30.linux

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-26:30.linux Security Advisory The FreeBSD Project Topic: Flaw in Linuxulator execution of setugid binaries Category: core Module: linux Announced: 2026-06-09...

7.1CVSS6AI score0.00098EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2026/06/06 12:0 a.m.7 views

EulerOS Virtualization 2.13.1 : util-linux (EulerOS-SA-2026-2153)

According to the versions of the util-linux packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A flaw was found in util-linux. This vulnerability allows a heap buffer overread when processing 256-byte usernames, specifical...

6.1CVSS5.7AI score0.00176EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/06/05 7:20 p.m.10 views

CVE-2026-41702

VMware Fusion contains a TOCTOU Time-of-check Time-of-use vulnerability that occurs during an operation performed by a SETUID binary. A malicious actor with local non-administrative user privileges may exploit this vulnerability to escalate privileges to root on the system where Fusion is install...

7.8CVSS5.5AI score0.00122EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2026/06/01 6:51 p.m.11 views

OpenSSH: OpenSSH: Privilege escalation via scp legacy protocol when not preserving file mode

A flaw was found in OpenSSH. When the scp command is used by a root user to download a file with the legacy protocol option -O and without preserving original file permissions -p, the downloaded file can be installed with elevated privileges setuid or setgid. This unexpected behavior could allow ...

8.1CVSS5.8AI score0.00419EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2026/05/22 12:0 a.m.16 views

Ubuntu 25.10 / 26.04 LTS : Bubblewrap vulnerability (USN-8288-1)

The remote Ubuntu 25.10 / 26.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-8288-1 advisory. It was discovered that Bubblewrap incorrectly handled the sandbox setup phase when installed in setuid mode. A local attacker could possibly use this issu...

8.7CVSS5.8AI score0.00274EPSS
Exploits0References2
NVD
NVD
added 2026/05/15 7:16 a.m.29 views

CVE-2026-41702

VMware Fusion contains a TOCTOU Time-of-check Time-of-use vulnerability that occurs during an operation performed by a SETUID binary. A malicious actor with local non-administrative user privileges may exploit this vulnerability to escalate privileges to root on the system where Fusion is install...

7.8CVSS0.00122EPSS
Exploits0References1
CVE
CVE
added 2026/05/15 6:11 a.m.60 views

CVE-2026-41702

VMware Fusion is affected by a local privilege escalation TOCTOU flaw in a SETUID binary (CVE-2026-41702). The issue allows a non-administrative local user to escalate to root on systems with Fusion installed. Connected advisories confirm a fix in Fusion 26H1; the remediation is to apply the 26H1...

7.8CVSS5.8AI score0.00122EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2026/05/14 12:0 a.m.17 views

PT-2026-40932

Name of the Vulnerable Software and Affected Versions VMware Fusion versions prior to 26H1 Description VMware Fusion contains a TOCTOU Time-of-check Time-of-use race condition that occurs during an operation performed by a SETUID binary. A malicious actor with local non-administrative user...

7.8CVSS6AI score0.00122EPSS
Exploits0References26
AlpineLinux
AlpineLinux
added 2026/05/09 3:56 a.m.12 views

CVE-2026-41163

bubblewrap is a low-level unprivileged sandboxing tool. From version 0.11.0 to before version 0.11.2, if bubblewrap is installed in setuid mode then the user can use ptrace to attach to bubblewrap and control the unprivileged part of the sandbox setup phase. This allows the attacker to arbitraril...

8.7CVSS5.7AI score0.00274EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2026/05/05 12:40 p.m.7 views

sudo: Sudo: Privilege escalation due to failure in privilege drop calls

A flaw was found in Sudo. A local user could exploit a failure in the setuid, setgid, or setgroups calls, which are used to drop privileges before running the mailer. This oversight allows for privilege escalation, enabling the user to gain elevated access on the system...

7.8CVSS5.8AI score0.00173EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2026/05/04 10:5 a.m.8 views

OpenSSH: OpenSSH: Privilege escalation via scp legacy protocol when not preserving file mode

A flaw was found in OpenSSH. When the scp command is used by a root user to download a file with the legacy protocol option -O and without preserving original file permissions -p, the downloaded file can be installed with elevated privileges setuid or setgid. This unexpected behavior could allow ...

8.1CVSS5.8AI score0.00419EPSS
Exploits0References7
RedHat Linux
RedHat Linux
added 2026/04/30 3:53 p.m.10 views

sudo: Sudo: Privilege escalation due to failure in privilege drop calls

A flaw was found in Sudo. A local user could exploit a failure in the setuid, setgid, or setgroups calls, which are used to drop privileges before running the mailer. This oversight allows for privilege escalation, enabling the user to gain elevated access on the system...

7.8CVSS5.2AI score0.00173EPSS
Exploits0References8
Rows per page
Query Builder