CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

3213 matches found

UbuntuCve•added 2017/07/31 1:29 p.m.•18 views

CVE-2017-11547

The resamplegauss function in resample.c in TiMidity++ 2.14.0 allows remote attackers to cause a denial of service heap-based buffer over-read via a crafted mid file. NOTE: a crash might be relevant when using the --background option. NOTE: the TiMidity++ README.alsaseq documentation suggests a...

5.5CVSS6.2AI score0.00209EPSS

Exploits0References2

Debian CVE•added 2017/07/31 1:0 p.m.•23 views

CVE-2017-11547

5.5CVSS5.3AI score0.00209EPSS

Exploits0

BDU FSTEC•added 2017/07/06 12:0 a.m.•0 views

The vulnerability in the implementation of the operating system NetBSD’s stack protection mechanism allows a hacker to execute arbitrary code.

The vulnerability of the Linux kernel’s stack protection mechanism is related to deficiencies in access control. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely, using specially crafted binary files with setuid attributes as,usr,bin,at...

7.5CVSS0.0086EPSS

Exploits3References4Affected Software1

BDU FSTEC•added 2017/07/06 12:0 a.m.•1 views

The vulnerability in the implementation of the operating system NetBSD’s stack protection mechanism allows a hacker to execute arbitrary code.

7.5CVSS0.02547EPSS

Exploits0References3Affected Software1

Ubuntu•added 2017/06/29 6:19 p.m.•83 views

USN-3323-2: GNU C Library vulnerability

USN-3323-1 fixed a vulnerability in the GNU C Library. This update provides the corresponding update for Ubuntu 12.04 ESM. Original advisory details: It was discovered that the GNU C library did not properly handle memory when processing environment variables for setuid programs. A local attacker...

7.8CVSS7.1AI score0.06438EPSS

Exploits14

0day.today•added 2017/06/29 12:0 a.m.•111 views

Linux Kernel (Debian 7/8/9/10 / Fedora 23/24/25 / CentOS 5.3/5.11/6.0/6.8/7.2.1511) - ldso_hwcap Loc

Exploit for linux platform in category local exploits / Linuxldsohwcap.c for CVE-2017-1000366, CVE-2017-1000370 Copyright C 2017 Qualys, Inc. myimportanthwcaps adapted from elf/dl-hwcaps.c, part of the GNU C Library: Copyright C 2012-2017 Free Software Foundation, Inc. This program is free...

4.4CVSS5.6AI score0.06438EPSS

Exploits24

exploitpack•added 2017/06/28 12:0 a.m.•90 views

Linux Kernel (Debian 78910 Fedora 232425 CentOS 5.35.116.06.87.2.1511) - ldso_hwcap Stack Clash Local Privilege Escalation

Linux Kernel Debian 78910 Fedora 232425 CentOS 5.35.116.06.87.2.1511 - ldsohwcap Stack Clash Local Privilege Escalation / Linuxldsohwcap.c for CVE-2017-1000366, CVE-2017-1000370 Copyright C 2017 Qualys, Inc. myimportanthwcaps adapted from elf/dl-hwcaps.c, part of the GNU C Library: Copyright C...

7.2CVSS0.6AI score0.06438EPSS

Exploits17

CNVD•added 2017/06/27 12:0 a.m.•1 views

Ocaml Privilege Vulnerability

OCaml is a general-purpose programming language. Ocaml is vulnerable to a power lifting vulnerability. The vulnerability stems from setting the CAMLCPLUGINS, CAMLNATIVECPLUGINS, or CAMLBYTECPLUGINS environment variable in a binary file labeled setuid, which can be exploited by an attacker to...

10CVSS7.4AI score0.00996EPSS

Exploits0References1

RedhatCVE•added 2017/06/26 9:20 a.m.•18 views

CVE-2017-9772

Insufficient sanitisation in the OCaml compiler versions 4.04.0 and 4.04.1 allows external code to be executed with raised privilege in binaries marked as setuid, by setting the CAMLCPLUGINS, CAMLNATIVECPLUGINS, or CAMLBYTECPLUGINS environment variable...

10CVSS7.3AI score0.00996EPSS

Exploits0References2

OSV•added 2017/06/23 8:29 p.m.•0 views

UBUNTU-CVE-2017-9772

9.8CVSS7.2AI score0.00996EPSS

Exploits0References3

NVD•added 2017/06/23 8:29 p.m.•24 views

CVE-2017-9772

10CVSS8.7AI score0.00996EPSS

Exploits0References4

Cvelist•added 2017/06/23 8:0 p.m.•24 views

CVE-2017-9772

8.7AI score0.00996EPSS

Exploits0References4

CVE•added 2017/06/23 8:0 p.m.•55 views

CVE-2017-9772

OCaml CVE-2017-9772: Insufficient sanitisation in OCaml compiler versions 4.04.0/4.04.1 allows local privilege escalation by setting CAML_CPLUGINS, CAML_NATIVE_CPLUGINS, or CAML_BYTE_CPLUGINS environment variables. Affected: OCaml compiler; impact: privilege escalation on setuid binaries. Remedia...

10CVSS8.5AI score0.00996EPSS

Exploits0References4Affected Software1

Debian CVE•added 2017/06/23 8:0 p.m.•15 views

CVE-2017-9772

10CVSS8.8AI score0.00996EPSS

Exploits0

OSV•added 2017/06/23 3:19 p.m.•1 views

OSEC-2017-01 Local privilege escalation issue with ocaml binaries

Description Insufficient sanitisation in the OCaml compiler versions 4.04.0 and 4.04.1 allows external code to be executed with raised privilege in binaries marked as setuid, by setting the CAMLCPLUGINS, CAMLNATIVECPLUGINS, or CAMLBYTECPLUGINS environment variable...

9.8CVSS5.6AI score0.00996EPSS

Exploits0References1

CNVD•added 2017/06/23 12:0 a.m.•2 views

Flatpak Local Elevation of Privilege Vulnerability

Flatpak is a system for building and installing Linux desktop applications. A local elevation of privilege vulnerability exists in versions of Flatpak prior to 0.8.7. A local attacker could exploit this vulnerability to run the setuid executable...

7.8CVSS6.8AI score0.00023EPSS

Exploits0References1

OSV•added 2017/06/21 3:29 p.m.•22 views

CVE-2017-9780

In Flatpak before 0.8.7, a third-party app repository could include malicious apps that contain files with inappropriate permissions, for example setuid or world-writable. The files are deployed with those permissions, which would let a local attacker run the setuid executable or write to the...

7.8CVSS7.5AI score

Exploits0References4

OSV•added 2017/06/21 3:29 p.m.•0 views

UBUNTU-CVE-2017-9780

7.8CVSS7.1AI score0.00023EPSS

Exploits0References4