CVE-2023-50810

In certain Sonos products before Sonos S1 Release 11.12 and S2 release 15.9, a vulnerability exists in the U-Boot component of the firmware that allow persistent arbitrary code execution with Linux kernel privileges. A failure to correctly handle the return value of the setenv command can be used...

OESA-2025-1575 uboot-tools security update

This package includes the mkimage program, which allows generation of U-Boot images in various formats, and the fwprintenv and fwsetenv programs to read and modify U-Boot's environment. Security Fixes: Das U-Boot from v2020.10 to v2022.07-rc3 was discovered to contain an out-of-bounds write via t...

CVE-2022-38060

A privilege escalation vulnerability exists in the sudo functionality of OpenStack Kolla. A misconfiguration in /etc/sudoers within a container can lead to increased privileges. Mitigation /etc/sudoers within the container should use the securepath option to prevent the PATH environment variable...

SUSE CVE-2006-1629

OpenVPN 2.0 through 2.0.5 allows remote malicious servers to execute arbitrary code on the client by using setenv with the LDPRELOAD environment variable...

Exploit for Out-of-bounds Write in Polkit_Project Polkit

CVE-2021-4034 Exploit Root exploit for the PwnKit vulnerabili...

CVE-2021-21904

A directory traversal vulnerability exists in the CMA CLI setenv command of Garrett Metal Detectors’ iC Module CMA Version 5.0. An attacker can provide malicious input to trigger this vulnerability...

CVE-2021-21904

A directory traversal vulnerability exists in the CMA CLI setenv command of Garrett Metal Detectors’ iC Module CMA Version 5.0. An attacker can provide malicious input to trigger this vulnerability...

PT-2021-14830 · Garrett Metal Detectors · Ic Module Cma

Name of the Vulnerable Software and Affected Versions: iC Module CMA version 5.0 Description: A directory traversal vulnerability exists in the CMA CLI setenv command of Garrett Metal Detectors’ iC Module CMA. An attacker can provide malicious input to trigger this vulnerability. Recommendations:...

cups: Local privilege escalation to root due to insecure environment variable handling

It was discovered that CUPS allows non-root users to pass environment variables to CUPS backends. Affected backends use attacker-controlled environment variables without proper sanitization. A local attacker, who is part of one of the groups specified in the SystemGroups directive, could use the...

perl: Integer overflow leading to buffer overflow in Perl_my_setenv()

Perl before 5.26.3 and 5.28.x before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations...

The vulnerability of the CUPS printing server, related to authentication errors, allows a hacker to execute arbitrary code with root privileges.

The vulnerability of the CUPS printing server is related to the SetEnv and PassEnv directives. Exploiting this vulnerability allows an attacker to execute arbitrary code with root privileges...

The vulnerability of the Perl_my_setenv function in the Perl programming language, related to errors in processing regular expressions, allows a hacker to cause a service failure or execute arbitrary code.

The vulnerability of the Perlmysetenv function in “util.c” of the Perl programming language is related to errors in processing regular expressions. This leads to copying data into a buffer without checking the size of the input data, resulting in integer overflow. Exploiting this vulnerability ca...

perl: Integer overflow leading to buffer overflow in Perl_my_setenv()

Perl before 5.26.3 and 5.28.x before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations...

perl: Integer overflow leading to buffer overflow in Perl_my_setenv()

Perl before 5.26.3 and 5.28.x before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations...

perl: Integer overflow leading to buffer overflow in Perl_my_setenv()

Perl before 5.26.3 and 5.28.x before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations...

CVE-2018-4180

It was discovered that CUPS allows non-root users to pass environment variables to CUPS backends. Affected backends use attacker-controlled environment variables without proper sanitization. A local attacker, who is part of one of the groups specified in the SystemGroups directive, could use the...

Knox Software Arkeia 4.0 Backup Local Overflow

No description provided by source. / source: http://www.securityfocus.com/bid/661/info Knox Software Arkeia 4.0 Backup rnavc & nlserverd HOME Environment Variable Buffer Overflow A local buffer overflow in the handling of the HOME environment variable by the rlserver and rnavc binaries that are...

XBlast 2.6.1 HOME Environment Variable Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/8296/info XBlast is contains a locally exploitable buffer overflow vulnerability due to insufficient bounds checking of data supplied via the HOME environment variable. Successful exploitation would allow a local user to...

marbles 1.0.1 - Local Home Environment Variable Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/8710/info A problem in the handling of data in the Home environment variable has been reported in the marbles program. This may make it possible for a local attacker to gain elevated privileges. / c-marbles.c PoC exploit...

suPHP -- Privilege escalation

suPHP developer Sebastian Marsching reports: When the suPHPPHPPath was set, modsuphp would use the specified PHP executable to pretty-print PHP source files MIME type x-httpd-php-source or application/x-httpd-php-source. However, it would not sanitize the environment. Thus a user that was allowed...