CVE-2020-3950

VMware Fusion 11.x before 11.5.2, VMware Remote Console for Mac 11.x and prior before 11.0.1 and Horizon Client for Mac 5.x and prior before 5.4.0 contain a privilege escalation vulnerability due to improper use of setuid binaries. Successful exploitation of this issue may allow attackers with...

CVE-2020-3950

VMware Fusion 11.x before 11.5.2, VMware Remote Console for Mac 11.x and prior before 11.0.1 and Horizon Client for Mac 5.x and prior before 5.4.0 contain a privilege escalation vulnerability due to improper use of setuid binaries. Successful exploitation of this issue may allow attackers with...

CVE-2020-3950

Mode C: CVE-2020-3950 affects VMware Fusion (11.x up to 11.5.1/11.5.2), VMware Remote Console for Mac (11.x up to 11.0.1), and Horizon Client for Mac (5.x up to 5.4.0). Root cause: improper use of setuid binaries enabling local privilege escalation from a normal user to root on systems running th...

VMware Workstation, Fusion, VMware Remote Console and Horizon Client updates address privilege escalation and denial-of-service vulnerabilities (CVE-2020-3950, CVE-2020-3951)

3a. Privilege escalation vulnerability via setuid binaries CVE-2020-3950 VMware Fusion, VMRC for Mac and Horizon Client for Mac contain a privilege escalation vulnerability due to improper use of setuid binaries. VMware has evaluated the severity of this issue to be in the Important severity rang...

CVE-2020-3950

VMware Fusion 11.x before 11.5.2, VMware Remote Console for Mac 11.x and prior before 11.0.1 and Horizon Client for Mac 5.x and prior before 5.4.0 contain a privilege escalation vulnerability due to improper use of setuid binaries. Successful exploitation of this issue may allow attackers with...

VMSA-2020-0005:VMware Workstation, Fusion, VMware Remote Console and Horizon Client updates address privilege escalation and denial-of-service vulnerabilities

Advisory ID: VMSA-2020-0005.2 CVSSv3 Range: 3.2-7.3 Issue Date:2020-03-17 Updated On: 2020-03-24 CVEs: CVE-2020-3950, CVE-2020-3951 Synopsis: VMware Workstation, Fusion, VMware Remote Console and Horizon Client updates address privilege escalation and denial-of-service vulnerabilities...

ALPINE-CVE-2019-20044

In Zsh before 5.8, attackers able to execute commands can regain privileges dropped by the --no-PRIVILEGED option. Zsh fails to overwrite the saved uid, so the original privileges can be restored by executing MODULEPATH=/dir/with/module zmodload with a module that calls setuid...

DEBIAN-CVE-2019-20044

In Zsh before 5.8, attackers able to execute commands can regain privileges dropped by the --no-PRIVILEGED option. Zsh fails to overwrite the saved uid, so the original privileges can be restored by executing MODULEPATH=/dir/with/module zmodload with a module that calls setuid...

CVE-2019-20044

In Zsh before 5.8, attackers able to execute commands can regain privileges dropped by the --no-PRIVILEGED option. Zsh fails to overwrite the saved uid, so the original privileges can be restored by executing MODULEPATH=/dir/with/module zmodload with a module that calls setuid...

CVE-2019-20044

In Zsh before 5.8, attackers able to execute commands can regain privileges dropped by the --no-PRIVILEGED option. Zsh fails to overwrite the saved uid, so the original privileges can be restored by executing MODULEPATH=/dir/with/module zmodload with a module that calls setuid...

Fedora 30 : glibc (2020-c32e4b271c)

This update incorporates fixes from the upstream glibc 2.29 stable release branch, including a fix for a minor security vulnerability LDPREFERMAP32BITEXEC not ignored in setuid binaries. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora upda...

UBUNTU-CVE-2020-5212

In NetHack before 3.6.5, an extremely long value for the MENUCOLOR configuration file option can cause a buffer overflow resulting in a crash or remote code execution/privilege escalation. This vulnerability affects systems that have NetHack installed suid/sgid and shared systems that allow users...

Huawei EulerOS: Security Advisory for glibc (EulerOS-SA-2019-1371)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for libguestfs-winsupport (EulerOS-SA-2019-2253)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Solaris xlock Information Disclosure

@Mediaservice.net Security Advisory 2020-01 last updated on 2020-01-15 Title: Low impact information disclosure via Solaris xlock Application: Setuid root xlock binary distributed with Solaris Platforms: Oracle Solaris 11.x confirmed on 11.4 X86 Oracle Solaris 10 confirmed on 10 1/13 X86...

CVE-2019-20327

Insecure permissions in cwrapperperl in Centreon Infrastructure Monitoring Software through 19.10 allow local attackers to gain privileges. cwrapperperl is a setuid executable allowing execution of Perl scripts with root privileges...

CVE-2015-7556

DeleGate 9.9.13 allows local users to gain privileges as demonstrated by the dgcpnod setuid program...

Design/Logic Flaw

DeleGate 9.9.13 allows local users to gain privileges as demonstrated by the dgcpnod setuid program...

CVE-2015-7556

DeleGate 9.9.13 allows local users to gain privileges as demonstrated by the dgcpnod setuid program...

Privilege escalation

A Privilege Escalation vulnerability exists in Viscosity 1.4.1 on Mac OS X due to a path name validation issue in the setuid-set ViscosityHelper binary, which could let a remote malicious user execute arbitrary code...