CVE-2026-29121 `/sbin/ip` Binary given SETUID Permissions on IDC SFX2100 Leading to Potential LPE

International Data Casting IDC SFX2100 satellite receiver comes with the /sbin/ip utility installed with the setuid bit set. This configuration grants elevated privileges to any local user who can execute the binary. A local actor is able to use the GTFObins resource to preform privileged file...

CVE-2026-29121

International Data Casting IDC SFX2100 satellite receiver comes with the /sbin/ip utility installed with the setuid bit set. This configuration grants elevated privileges to any local user who can execute the binary. A local actor is able to use the GTFObins resource to preform privileged file...

PT-2026-23098

Name of the Vulnerable Software and Affected Versions IDC SFX2100 satellite receiver affected versions not specified Description The /sbin/ip utility is installed with the setuid bit set on the IDC SFX2100 satellite receiver. This configuration allows any local user who can execute the binary to...

International Datacasting SFX2100 SuperFlex Satellite Receiver 安全漏洞

The International Datacasting SFX2100 SuperFlex Satellite Receiver is a professional broadcast-grade satellite signal receiving device from the International Datacasting company. The International Datacasting SFX2100 SuperFlex Satellite Receiver has a security vulnerability, which stems from the...

PT-2026-23120

Name of the Vulnerable Software and Affected Versions International Data Casting IDC SFX2100 Satellite Receiver affected versions not specified Description Multiple SUID root-owned binaries are present in the following directories: /home/monitor/terminal, /home/monitor/kore-terminal,...

PT-2026-23099

Name of the Vulnerable Software and Affected Versions IDC SFX2100 satellite receiver affected versions not specified Description The IDC SFX2100 satellite receiver includes the /bin/date utility installed with the setuid bit set. This configuration allows any local user who can execute the binary...

International Datacasting SFX2100 SuperFlex Satellite Receiver 安全漏洞

The International Datacasting SFX2100 SuperFlex Satellite Receiver is a professional broadcast-grade satellite signal receiving device from the International Datacasting company. The SFX2100 SuperFlex Satellite Receiver has a security vulnerability, which stems from the setuid bit being set for t...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-005482)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005482 advisory. A flaw was found in the Linux kernel, where unauthorized access to the execution of the setuid file with capabilities was found in the Linux kernels OverlayFS...

EulerOS Virtualization 2.10.0 : systemd (EulerOS-SA-2026-1200)

According to the versions of the systemd packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A vulnerability was found in systemd-coredump. This flaw allows an attacker to force a SUID process to crash and replace it with a...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: glibc (UTSA-2026-005215)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005215 advisory. Untrusted LDLIBRARYPATH environment variable vulnerability in the GNU C Library version 2.27 to 2.38 allows attacker controlled loading of dynamically shared library...

Unity Linux 20.1070e Security Update: screen (UTSA-2026-005208)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005208 advisory. Screen version 5.0.0 and older version 4 releases have a TOCTOU race potentially allowing to send SIGHUP, SIGCONT to privileged processes when installed setuid-root...

Ubuntu 22.04 LTS / 24.04 LTS : GNU Screen vulnerabilities (USN-7978-1)

The remote Ubuntu 22.04 LTS / 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7978-1 advisory. It was discovered that GNU Screen incorrectly handled signals when setuid or setgid privileges were being used, which is not the default in...

Ubuntu: Security Advisory (USN-7978-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-7978-1 screen vulnerabilities

It was discovered that GNU Screen incorrectly handled signals when setuid or setgid privileges were being used, which is not the default in Ubuntu. A local attacker could use this issue to send privileged signals, possibly leading to a denial of service. This issue only affected Ubuntu 22.04 LTS...

Unity Linux 20.1070e Security Update: systemd (UTSA-2026-004962)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004962 advisory. A vulnerability was found in systemd-coredump. This flaw allows an attacker to force a SUID process to crash and replace it with a non-SUID binary to access the...

Linux Kernel Integer Overflow Vulnerability

Linux Kernel contains an integer overflow vulnerability in the createelftables function which could allow an unprivileged local user with access to SUID or otherwise privileged binary to escalate their privileges on the system...

MiracleLinux 9 : nodejs:20 (AXSA:2024-7667:01)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-7667:01 advisory. nodejs: vulnerable to timing variant of the Bleichenbacher attack against PKCS1 v1.5 padding Marvin CVE-2023-46809 nodejs: reading unprocessed HTTP...

MiracleLinux 8 : systemd-239-68.el8.4 (AXSA:2023-5147:05)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-5147:05 advisory. systemd: local information leak due to systemd-coredump not respecting fs.suiddumpable kernel setting CVE-2022-4415 Tenable has extracted the preceding...

MiracleLinux 7 : glibc-2.17-317.el7 (AXSA:2020-551:04)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2020-551:04 advisory. glibc: LDPREFERMAP32BITEXEC not ignored in setuid binaries CVE-2019-19126 Tenable has extracted the preceding description block directly from the MiracleLinux...

MiracleLinux 8 : glibc-2.28-101.el8 (AXSA:2020-376:03)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2020-376:03 advisory. glibc: LDPREFERMAP32BITEXEC not ignored in setuid binaries CVE-2019-19126 Tenable has extracted the preceding description block directly from the MiracleLinux...