CVE-2026-29121

International Data Casting IDC SFX2100 satellite receiver comes with the /sbin/ip utility installed with the setuid bit set. This configuration grants elevated privileges to any local user who can execute the binary. A local actor is able to use the GTFObins resource to preform privileged file...

NewStart CGSL MAIN 6.06 (SP) : krb5 Multiple Vulnerabilities (NS-SA-2026-0007)

The remote NewStart CGSL host, running version MAIN 6.06 SP, has krb5 packages installed that are affected by multiple vulnerabilities: - plugins/preauth/pkinit/pkinitcryptoopenssl.c in MIT Kerberos 5 aka krb5 through 1.15.2 mishandles Distinguished Name DN fields, which allows remote attackers t...

EUVD-2011-1037

Malware in sbrugna...

EUVD-2004-2261

Malware in sbrugna...

EUVD-2006-4380

Malware in sbrugna...

EUVD-2000-0503

Malware in sbrugna...

EUVD-2003-0577

Malware in sbrugna...

EUVD-2003-1389

Malware in sbrugna...

EUVD-2005-0120

Malware in sbrugna...

EUVD-2006-3374

Malware in sbrugna...

EUVD-2014-7169

Malware in sbrugna...

UBUNTU-CVE-2024-6714

An issue was discovered in provd before version 0.1.5 with a setuid binary, which allows a local attacker to escalate their privilege...

Important: containerd

Issue Overview: On Unix platforms, the Go runtime does not behave differently when a binary is run with the setuid/setgid bits. This can be dangerous in certain cases, such as when dumping memory state, or assuming the status of standard i/o file descriptors. If a setuid/setgid binary is executed...

USN-5380-1: Bash vulnerability

It was discovered that Bash did not properly drop privileges when the binary had the setuid bit enabled. An attacker could possibly use this issue to escalate privileges...

openSUSE: Security Advisory for permissions (openSUSE-SU-2022:0141-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

UBUNTU-CVE-2017-5899

Directory traversal vulnerability in the setuid root helper binary in S-nail later S-mailx before 14.8.16 allows local users to write to arbitrary files and consequently gain root privileges via a .. dot dot in the randstr argument...

CVE-2015-3339

Race condition in the preparebinprm function in fs/exec.c in the Linux kernel before 3.19.6 allows local users to gain privileges by executing a setuid program at a time instant when a chown to root is in progress, and the ownership is changed but the setuid bit is not yet stripped...

D-Bus, GLib: Privilege escalation

Background D-Bus is a daemon providing a framework for applications to communicate with one another. GLib is a library providing a number of GNOME’s core objects and functions. Description When libdbus is used in a setuid program, a user can gain escalated privileges by leveraging the...

Solaris Recommended Patch Cluster 6/19 Local Root

Solaris Recommended Patch Cluster 6/19 local root on x86 Larry W. Cashdollar 7/3/2013 @larry0 If the system administrator is updating the system using update manager or smpatch multi user mode a local user could execute commands as root. This only affects x86 systems as this code resides under a...

Zysploit

Takes advantage of a setuid vulnerability few details available...