CVE-2026-35385

In OpenSSH before 10.3, a file downloaded by scp may be installed setuid or setgid, an outcome contrary to some users' expectations, if the download is performed as root with -O legacy scp protocol and without -p preserve mode...

MiracleLinux 8 : nodejs:20 (AXSA:2024-7668:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-7668:01 advisory. nodejs: vulnerable to timing variant of the Bleichenbacher attack against PKCS1 v1.5 padding Marvin CVE-2023-46809 nodejs: reading unprocessed HTTP...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990367)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990367 advisory. In the Linux kernel, the following vulnerability has been resolved: exec: Fix ToCToU between perm check and set-uid/gid usage When opening a file for exec via...

NewStart CGSL MAIN 6.06 : krb5 Multiple Vulnerabilities (NS-SA-2025-0215)

The remote NewStart CGSL host, running version MAIN 6.06, has krb5 packages installed that are affected by multiple vulnerabilities: - plugins/preauth/pkinit/pkinitcryptoopenssl.c in MIT Kerberos 5 aka krb5 through 1.15.2 mishandles Distinguished Name DN fields, which allows remote attackers to...

Security Bulletin: Astronomer with IBM is vulnerable to several vulnerabilities

Summary Open source software is used by Astronomer with IBM as part of overall processing functionality. Vulnerability Details CVEID:CVE-2005-2541 DESCRIPTION: Tar 1.15.1 does not properly warn the user when extracting setuid or setgid files, which may allow local users or remote attackers to gai...

FreeBSD : electron29 -- setuid() does not affect libuv's internal io_uring (a431676c-f86c-4371-b48a-b7d2b0bec3a3)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the a431676c-f86c-4371-b48a-b7d2b0bec3a3 advisory. - setuid does not affect libuv's internal iouring operations if initialized before the call to setuid...

USN-5380-1: Bash vulnerability | Cloud Foundry

Severity Low Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 16.04 Canonical Ubuntu 18.04 Description It was discovered that Bash did not properly drop privileges when the binary had the setuid bit enabled. An attacker could possibly use this issue to escalate privileges. Update...

UBUNTU-CVE-2021-3847

An unauthorized access to the execution of the setuid file with capabilities flaw in the Linux kernel OverlayFS subsystem was found in the way user copying a capable file from a nosuid mount into another mount. A local user could use this flaw to escalate their privileges on the system...

SGI Tempo vx Setuid Privilege Escalation

SGI SUID Root Privilege Escalation Software: SGI Tempo SGI ICE-X Supercomputers Affected Versions: Unknown CVE Reference: CVE-2014-7302 Author: Luke Jennings, John Fitzpatrick, MWR Labs Severity: Medium Risk Vendor: Silicon Graphics International Corp SGI Vendor Response: Uncooperative Descriptio...

RedHat Update for mod_wsgi RHSA-2014:1091-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

glibc: ld.so insecure handling of $ORIGIN in LD_AUDIT for setuid/setgid programs

elf/dl-load.c in ld.so in the GNU C Library aka glibc or libc6 through 2.11.2, and 2.12.x through 2.12.1, does not properly handle a value of $ORIGIN for the LDAUDIT environment variable, which allows local users to gain privileges via a crafted dynamic shared object DSO located in an arbitrary...

CVE-2009-2657

nilfs-utils before 2.0.14 installs multiple programs with unnecessary setuid privileges, which allows local users to execute arbitrary commands via the device string in a -c command line option to mkfs.nilfs2...

Important: Red Hat Security Advisory: kernel security and bug fix update

Updated kernel packages that fix two security issues and two bugs are now available for Red Hat Enterprise Linux 4.7 Extended Update Support. This update has been rated as having important security impact by the Red Hat Security Response Team. The kernel packages contain the Linux kernel, the cor...

FreeBSD Ports: ifmail

The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

freebsd/x86 /bin/cat /etc/master.passwd (NULL free) 65 bytes

No description provided by source. ; sm4x 2008 ; /bin/cat /etc/master.passwd ; 65 bytes ; FreeBSD 7.0-RELEASE global start start: xor eax, eax ; --- setuid0 push eax push eax mov al, 0x17 int 0x80 ; --- setup /etc/master.passwd jmp short loadfile ok: pop esi ; setup /bin/cat push eax push...

CVE-2005-3279

Stack-based buffer overflow in the vgascoprintf function in Jan Kybic BitMap Viewer BMV 1.2, when compiled with the MUNIX flag and running setuid, allows local users to gain privileges via a long filename in the -b command line option...

CVE-2003-0019

The CVE-2003-0019 issue affects the uml_net utility in Red Hat Linux 8.0’s kernel-utils package, shipped with incorrect setuid root permissions. This allows local users to modify network interfaces, including ARP entry manipulation and placing interfaces into promiscuous mode. Root cause: the uml...

[Full-Disclosure] [SECURITY] [DSA 472-1] New fte packages fix buffer overflows

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -------------------------------------------------------------------------- Debian Security Advisory DSA 472-1 [email protected] http://www.debian.org/security/ Matt Zimmerman April 3rd, 2004 http://www.debian.org/security/faq -...

dump 0.4b15 Local Root Exploit

Exploit for linux platform in category local exploits ============================== dump 0.4b15 Local Root Exploit ============================== !/bin/sh Redhat 6.2 dump command executes external program with suid priviledge. Discovered by Mat Written for and by a scriptkid Tasc ;P Remember,...