234 matches found
CVE-2026-49414 ASLR bypass for setuid executables via procctl(2)
The ELF image activator cleared per-process ASLR preference flags for setuid binaries after the code that computes the PIE base address, rather than before. As a result, a user-requested ASLR disable was still in effect at the point where the base address was chosen. An unprivileged local user ca...
CVE-2026-49414
CVE-2026-49414 is a local ASLR bypass in FreeBSD: the ELF image activator clears per-process ASLR preferences for setuid binaries after computing the PIE base, allowing an unprivileged local user to disable ASLR for a setuid PIE binary via procctl(2) before execve(2). This makes exploitation of a...
PT-2026-53064
Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description The ELF image activator cleared per-process ASLR Address Space Layout Randomization, a security technique that randomizes memory addresses to prevent exploitatio...
CVE-2026-48980
The PAM module pam_usb is affected by a local-access vulnerability in earlier releases (pre-0.9.2) where getenv() in a PAM context returns attacker-controlled values for XRDP_SESSION, DISPLAY, and TMUX when the environment is manipulated by a local user. These values influence local-vs-remote ses...
FreeBSD : FreeBSD -- Flaw in Linuxulator execution of setugid binaries (fa5289e4-6473-11f1-958d-bc241121aa0a)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the fa5289e4-6473-11f1-958d-bc241121aa0a advisory. The Linuxulator determined whether a binary was set-user-ID or set-group-ID by checking the PSUGID...
FreeBSD : FreeBSD-kernel -- ASLR bypass for setuid executables via procctl(2) (7e61007e-6474-11f1-958d-bc241121aa0a)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 7e61007e-6474-11f1-958d-bc241121aa0a advisory. The ELF image activator cleared per-process ASLR preference flags for setuid binaries after the code th...
FreeBSD Security Advisory - FreeBSD-SA-26:32.elf
FreeBSD Security Advisory - The ELF image activator cleared per-process ASLR preference flags for setuid binaries after the code that computes the PIE base address, rather than before. As a result, a user-requested ASLR disable was still in effect at the point where the base address was chosen...
FreeBSD-kernel -- ASLR bypass for setuid executables via procctl(2)
Problem Description: The ELF image activator cleared per-process ASLR preference flags for setuid binaries after the code that computes the PIE base address, rather than before. As a result, a user-requested ASLR disable was still in effect at the point where the base address was chosen. Impact: ...
Astra Linux – Vulnerability in Golang-1.19
On Unix platforms, the Go runtime behaves differently when a binary is run with the setuid/setgid bits enabled. This can be dangerous in certain situations, such as when dumping memory state or assuming the status of standard I/O file descriptors. If a setuid/setgid binary is executed with standa...
Exploit for Incorrect Resource Transfer Between Spheres in Linux Linux_Kernel
CVE-2026-31431 "Copy Fail" — Vulnerability Detection Script S...
VMware Fusion 安全漏洞
VMware Fusion is a virtual machine software developed by VMware Corporation in the United States, designed specifically for running Windows applications on Apple machines. VMware Fusion has a security vulnerability, which stems from an TOCTOU issue during the execution of SETUID binary files. Thi...
Exploit for Incorrect Resource Transfer Between Spheres in Linux Linux_Kernel
Vulnerability Overview | Item | Content...
Exploit for Incorrect Resource Transfer Between Spheres in Linux Linux_Kernel
CVE-2026-31431 - Copy Fail - Script de detection Script Pytho...
Exploit for CVE-2026-31431
Copy Fail CVE-2026-31431 - Comprehensive Writeup 1. Vuln...
Exploit for CVE-2026-31431
Copy-Fail-CVE-2026-31431 A proof-of-concept exploit reprodu...
Exploit for CVE-2026-31431
copyFail.py — CVE Exploit Analysis Report Summary copyFa...
Exploit for CVE-2026-31431
CVE-2026-31431 Copy Fail Detection Toolkit Detection and an...
Exploit for CVE-2026-31431
CVE-2026-31431 — Copy Fail 中文版 732 Bytes t...
CVE-2026-29124
Multiple SUID root-owned binaries are found in /home/monitor/terminal, /home/monitor/kore-terminal, /home/monitor/IDE-DPack/terminal-dpack, and /home/monitor/IDE-DPack/terminal-dpack2 in International Data Casting IDC SFX2100 Satellite Receiver, which may lead to local privlidge escalation from t...
CVE-2026-29127 Incorrect Permission Assignment(777) on `monitor` Users Home Directory Containing SUID Root Binaries in IDC SFX2100
The IDC SFX2100 Satellite Receiver sets overly permissive file system permissions on the monitor user's home directory. The directory is configured with permissions 0777, granting read, write, and execute access to all local users on the system, which may cause local privilege escalation dependin...