EUVD-2003-0354

Malware in sbrugna...

EUVD-2005-4880

Malware in sbrugna...

EUVD-2016-7977

Malware in sbrugna...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-414543)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-414543 advisory. A vulnerability was found in the fs/inode.c:inodeinitowner function logic of the LInux kernel that allows local users to create files for the XFS file-system with an...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-986480)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986480 advisory. In the Linux kernel, the following vulnerability has been resolved: exec: Fix ToCToU between perm check and set-uid/gid usage When opening a file for exec via...

EUVD-2023-32974

Malicious code in bioql PyPI...

EUVD-2025-23554

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2016-9775

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The postrm script in the tomcat6 package before 6.0.45+dfsg-1deb7u3 on Debian wheezy, before 6.0.45+dfsg-1deb8u1 on Debian jessie, before 6.0.35-1ubuntu3.9 on...

Unsafe behavior in setuid/setgid binaries in runtime

...

Linux Distros Unpatched Vulnerability : CVE-2020-5212

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In NetHack before 3.6.5, an extremely long value for the MENUCOLOR configuration file option can cause a buffer overflow resulting in a crash or remote code...

CVE-2025-46093

LiquidFiles before 4.1.2 supports FTP SITE CHMOD for mode 6777 setuid and setgid, which allows FTPDrop users to execute arbitrary code as root by leveraging the Actionscript feature and the sudoers configuration...

CVE-2025-46093

LiquidFiles before 4.1.2 supports FTP SITE CHMOD for mode 6777 setuid and setgid, which allows FTPDrop users to execute arbitrary code as root by leveraging the Actionscript feature and the sudoers configuration...

CVE-2025-46093

LiquidFiles before 4.1.2 is affected. The vulnerability stems from FTP SITE CHMOD handling (mode 6777: setuid/setgid) which can allow FTPDrop users to execute arbitrary code as root by abusing the Actionscript feature and the sudoers configuration. Affected software: LiquidFiles prior to 4.1.2. I...

SUSE CVE-2005-2541

Tar 1.15.1 does not properly warn the user when extracting setuid or setgid files, which may allow local users or remote attackers to gain privileges...

CVE-2007-6733

The nfslock function in fs/nfs/file.c in the Linux kernel 2.6.9 does not properly remove POSIX locks on files that are setgid without group-execute permission, which allows local users to cause a denial of service BUG and system crash by locking a file on an NFS filesystem and then changing this...

CVE-2002-2334

Joe text editor 2.8 through 2.9.7 does not remove the group and user setuid bits for backup files, which could allow local users to execute arbitrary setuid and setgid root programs when root edits scripts owned by other users...

kernel: exec: Fix ToCToU between perm check and set-uid/gid usage

A vulnerability was found in the Linux kernel. The fix addresses a race condition during file execution exec, where a file’s permissions could change between an initial check and execution, potentially allowing unauthorized privilege escalation. Specifically, a non-privileged user could gain root...

Linux Distros Unpatched Vulnerability : CVE-2023-29403

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - On Unix platforms, the Go runtime does not behave differently when a binary is run with the setuid/setgid bits. This can be dangerous in certain cases, such as...

Linux Distros Unpatched Vulnerability : CVE-2017-5551

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The simplesetacl function in fs/posixacl.c in the Linux kernel before 4.9.6 preserves the setgid bit during a setxattr call involving a tmpfs filesystem, which...

Astra Linux – Vulnerability in screen

The socket.c file in GNU Screen, as of version 4.9.0, can be executed with the setuid or setgid flags the default on platforms like Arch Linux and FreeBSD. This allows local users to send a privileged SIGHUP signal to any process ID, potentially causing a denial of service or disrupting the targe...