Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

739 matches found

Debian CVE
Debian CVEadded 2016/05/02 10:0 a.m.35 views

CVE-2016-2854

The aufs module for the Linux kernel 3.x and 4.x does not properly maintain POSIX ACL xattr data, which allows local users to gain privileges by leveraging a group-writable setgid directory...

7.8CVSS7.2AI score0.00348EPSS
Exploits3
NVD
NVDadded 2016/04/27 5:59 p.m.20 views

CVE-2016-3672

The archpickmmaplayout function in arch/x86/mm/mmap.c in the Linux kernel through 4.5.2 does not properly randomize the legacy base address, which makes it easier for local users to defeat the intended restrictions on the ADDRNORANDOMIZE flag, and bypass the ASLR protection mechanism for a setuid...

7.8CVSS6.8AI score0.00031EPSS
Exploits12References28
OSV
OSVadded 2016/04/27 5:59 p.m.8 views

CVE-2016-3672

The archpickmmaplayout function in arch/x86/mm/mmap.c in the Linux kernel through 4.5.2 does not properly randomize the legacy base address, which makes it easier for local users to defeat the intended restrictions on the ADDRNORANDOMIZE flag, and bypass the ASLR protection mechanism for a setuid...

7.8CVSS8.2AI score0.00031EPSS
Exploits12References28
OSV
OSVadded 2016/04/27 5:59 p.m.1 views

DEBIAN-CVE-2016-3672

The archpickmmaplayout function in arch/x86/mm/mmap.c in the Linux kernel through 4.5.2 does not properly randomize the legacy base address, which makes it easier for local users to defeat the intended restrictions on the ADDRNORANDOMIZE flag, and bypass the ASLR protection mechanism for a setuid...

7.8CVSS7AI score0.00031EPSS
Exploits12References1
UbuntuCve
UbuntuCveadded 2016/04/27 12:0 a.m.31 views

CVE-2016-3672

The archpickmmaplayout function in arch/x86/mm/mmap.c in the Linux kernel through 4.5.2 does not properly randomize the legacy base address, which makes it easier for local users to defeat the intended restrictions on the ADDRNORANDOMIZE flag, and bypass the ASLR protection mechanism for a setuid...

7.8CVSS7.1AI score0.00031EPSS
Exploits12References16
OSV
OSVadded 2016/02/22 12:0 a.m.1 views

UBUNTU-CVE-2016-1575

The overlayfs implementation in the Linux kernel through 4.5.2 does not properly maintain POSIX ACL xattr data, which allows local users to gain privileges by leveraging a group-writable setgid directory...

7.8CVSS6.7AI score0.00525EPSS
Exploits2References11
Prion
Prionadded 2015/12/31 4:59 p.m.14 views

Design/Logic Flaw

Untrusted search path vulnerability in IBM InfoSphere BigInsights 3.0, 3.0.0.1, 3.0.0.2, and 4.0, when a DB2 database is used, allows local users to gain privileges via a Trojan horse library that is loaded by a setuid or setgid program...

6.9CVSS6.8AI score0.00055EPSS
Exploits0References5Affected Software1
exploitpack
exploitpackadded 2015/12/02 12:0 a.m.30 views

Man-db 2.6.7.1 - Local Privilege Escalation

Man-db 2.6.7.1 - Local Privilege Escalation / EDB Note: man:man - man:root http://www.halfdog.net/Security/2015/SetgidDirectoryPrivilegeEscalation/ man:root - root:root http://www.halfdog.net/Security/2015/MandbSymlinkLocalRootPrivilegeEscalation/ CreateSetgidBinary.c...

0.5AI score
Exploits0
Exploit DB
Exploit DBadded 2015/12/02 12:0 a.m.41 views

Man-db 2.6.7.1 - Local Privilege Escalation

/ EDB Note: man:man - man:root http://www.halfdog.net/Security/2015/SetgidDirectoryPrivilegeEscalation/ man:root - root:root http://www.halfdog.net/Security/2015/MandbSymlinkLocalRootPrivilegeEscalation/ CreateSetgidBinary.c...

7.4AI score
Exploits0
RedhatCVE
RedhatCVEadded 2015/10/30 9:29 a.m.16 views

CVE-2005-0602

Unzip 5.51 and earlier does not properly warn the user when extracting setuid or setgid files, which may allow local users to gain privileges...

6.2CVSS7.2AI score0.00143EPSS
Exploits0References2
OpenVAS
OpenVASadded 2015/09/29 12:0 a.m.22 views

Gentoo Security Advisory GLSA 201310-19

Gentoo Linux Local Security Checks GLSA 201310-19 SPDX-FileCopyrightText: 2015 Eero Volotinen Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later ifdescription...

7.5CVSS5.1AI score0.02016EPSS
Exploits0References1
OSV
OSVadded 2015/09/13 9:58 p.m.6 views

MGASA-2015-0364 Updated libvdpau packages fix security vulnerabilities

Updated libvdpau packages fix security vulnerabilities: libvdpau versions 1.1 and earlier, when used in setuid or setgid applications, contain vulnerabilities related to environment variable handling that could allow an attacker to execute arbitrary code or overwrite arbitrary files CVE-2015-5198...

7.2CVSS7.3AI score0.00093EPSS
Exploits0References3
ArchLinux
ArchLinuxadded 2015/09/12 12:0 a.m.32 views

libvdpau lib32vdpau: multiple issues

CVE-2015-5198 Local Privilege Escalation When used in a setuid or setgid application, libvdpau/lib32-libvdpau allows local users to gain privileges via unspecified vectors, related to the VDPAUDRIVERPATH environment variable. - CVE-2015-5199 Directory Traversal Directory traversal vulnerability...

7.2CVSS5.1AI score0.00093EPSS
Exploits0References5
NVD
NVDadded 2015/09/08 3:59 p.m.10 views

CVE-2015-5200

The trace functionality in libvdpau before 1.1.1, when used in a setuid or setgid application, allows local users to write to arbitrary files via unspecified vectors...

6.3CVSS6.1AI score0.00093EPSS
Exploits0References9
OSV
OSVadded 2015/09/08 3:59 p.m.4 views

CVE-2015-5200

The trace functionality in libvdpau before 1.1.1, when used in a setuid or setgid application, allows local users to write to arbitrary files via unspecified vectors...

6AI score
Exploits0References9
OSV
OSVadded 2015/09/08 3:59 p.m.1 views

DEBIAN-CVE-2015-5200

The trace functionality in libvdpau before 1.1.1, when used in a setuid or setgid application, allows local users to write to arbitrary files via unspecified vectors...

6.3CVSS6.5AI score0.00093EPSS
Exploits0References1
Prion
Prionadded 2015/09/08 3:59 p.m.17 views

Design/Logic Flaw

The trace functionality in libvdpau before 1.1.1, when used in a setuid or setgid application, allows local users to write to arbitrary files via unspecified vectors...

6.3CVSS6.7AI score0.00093EPSS
Exploits0References9Affected Software2
Debian CVE
Debian CVEadded 2015/09/08 3:0 p.m.19 views

CVE-2015-5200

The trace functionality in libvdpau before 1.1.1, when used in a setuid or setgid application, allows local users to write to arbitrary files via unspecified vectors...

6.3CVSS6.2AI score0.00093EPSS
Exploits0
Debian CVE
Debian CVEadded 2015/09/08 3:0 p.m.17 views

CVE-2015-5198

libvdpau before 1.1.1, when used in a setuid or setgid application, allows local users to gain privileges via unspecified vectors, related to the VDPAUDRIVERPATH environment variable...

7.2CVSS6.3AI score0.00093EPSS
Exploits0
0day.today
0day.todayadded 2015/05/05 12:0 a.m.17 views

linux/x86 setuid(0) + setgid(0) + execve("/bin/cat", "/etc//shadow") - 52 by

// linux/x86 setuid0 + setgid0 + execve"/bin/cat", "/etc//shadow" - 52 bytes // Febriyanto Nugroho include char shellcode = "\x6a\x17\x58\xcd\x80\x6a\x2e" "\x58\xcd\x80\x6a\x0b\x58\x99" "\x52\x68\x61\x64\x6f\x77\x68" "\x2f\x2f\x73\x68\x68\x2f\x65" "\x74\x63\x89\xe1\x52\x68\x2f"...

0.2AI score
Exploits0
Rows per page
Query Builder