CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

3217 matches found

Prion•added 2015/05/27 10:59 a.m.•18 views

Race condition

Race condition in the preparebinprm function in fs/exec.c in the Linux kernel before 3.19.6 allows local users to gain privileges by executing a setuid program at a time instant when a chown to root is in progress, and the ownership is changed but the setuid bit is not yet stripped...

6.2CVSS6.8AI score0.00032EPSS

Exploits0References18Affected Software2

Cvelist•added 2015/05/27 10:0 a.m.•19 views

CVE-2015-3339

5.2AI score0.00032EPSS

Exploits0References18

Debian CVE•added 2015/05/27 10:0 a.m.•66 views

CVE-2015-3339

6.2CVSS6.7AI score0.00032EPSS

Exploits0

Packet Storm•added 2015/05/27 12:0 a.m.•41 views

hwclock Privilege Escalation

Hello, During a recent assessment I have stumbled across a system which had hwclock8 setuid root hwclock is a part of util-linux, all versions affected $ man hwclock | sed -n '223,231p' Users access and setuid Sometimes, you need to install hwclock setuid root. If you want users other than the...

0.5AI score

Exploits0

CERT•added 2015/05/26 12:0 a.m.•24 views

Synology Cloud Station sync client for OS X allows regular users to claim ownership of system files

Overview The Synology Cloud Station sync client for OS X contains a setuid root executable that allows regular users to claim ownership of system files. Description CWE-276: Incorrect Default Permissions - CVE-2015-2851The Synology Cloud Station sync client for OS X contains an executable named...

6.8CVSS6.7AI score0.00412EPSS

Exploits0

OSV•added 2015/05/21 5:8 p.m.•2 views

USN-2609-1 apport vulnerabilities

Sander Bos discovered that Apport incorrectly handled permissions when the system was configured to generate core dumps for setuid binaries. A local attacker could use this issue to gain elevated privileges. CVE-2015-1324 Philip Pettersson discovered that Apport contained race conditions resultin...

7.8CVSS7.1AI score0.00522EPSS

Exploits3References3

OSV•added 2015/05/21 5:0 p.m.•3 views

UBUNTU-CVE-2015-1324

Apport before 2.17.2-0ubuntu1.1 as packaged in Ubuntu 15.04, before 2.14.70ubuntu8.5 as packaged in Ubuntu 14.10, before 2.14.1-0ubuntu3.11 as packaged in Ubuntu 14.04 LTS, and before 2.0.1-0ubuntu17.9 as packaged in Ubuntu 12.04 LTS allow local users to write to arbitrary files and gain root...

7.8CVSS7.2AI score0.00109EPSS

Exploits0References3

Tenable Nessus•added 2015/05/11 12:0 a.m.•11 views

Ubuntu 12.04 LTS : linux-lts-trusty vulnerability (USN-2597-2)

USN-2597-1 fixed vulnerabilities in the Linux kernel, however an unrelated regression in the auditing of some path names was introduced. Due to the regression the system could crash under certain conditions. This update fixes the problem. We apologize for the inconvenience. A race condition betwe...

5.5AI score

Exploits0References1

Tenable Nessus•added 2015/05/11 12:0 a.m.•11 views

Ubuntu 14.04 LTS : Linux kernel (Utopic HWE) vulnerability (USN-2599-2)

The remote Ubuntu 14.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-2599-2 advisory. USN-2599-1 fixed vulnerabilities in the Linux kernel, however an unrelated regression in the auditing of some path names was introduced. Due to the regression the...

5.6AI score

Exploits0References1

Ubuntu•added 2015/05/09 12:44 a.m.•51 views

USN-2600-2: Linux kernel regression

USN-2600-1 fixed vulnerabilities in the Linux kernel, however an unrelated regression in the auditing of some path names was introduced. Due to the regression the system could crash under certain conditions. This update fixes the problem. We apologize for the inconvenience. Original advisory...

5.4AI score

Exploits0References1

OSV•added 2015/05/09 12:40 a.m.•2 views

USN-2599-2 linux-lts-utopic vulnerability

USN-2599-1 fixed vulnerabilities in the Linux kernel, however an unrelated regression in the auditing of some path names was introduced. Due to the regression the system could crash under certain conditions. This update fixes the problem. We apologize for the inconvenience. Original advisory...

5.8AI score

Exploits0References2

Ubuntu•added 2015/05/08 11:56 p.m.•32 views

USN-2597-2: Linux kernel (Trusty HWE) regression

5.4AI score

Exploits0References1

Tenable Nessus•added 2015/05/06 12:0 a.m.•51 views

Ubuntu 14.04 LTS : Linux kernel (Utopic HWE) vulnerability (USN-2599-1)

The remote Ubuntu 14.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-2599-1 advisory. A race condition between chown and execve was discovered in the Linux kernel. A local attacker could exploit this race by using chown on a setuid-user-binary to...

6.2CVSS6.7AI score0.00032EPSS

Exploits0References2

Tenable Nessus•added 2015/05/06 12:0 a.m.•38 views

Ubuntu 14.04 LTS : Linux kernel vulnerability (USN-2598-1)

The remote Ubuntu 14.04 LTS host has a package installed that is affected by a vulnerability as referenced in the USN-2598-1 advisory. A race condition between chown and execve was discovered in the Linux kernel. A local attacker could exploit this race by using chown on a setuid-user-binary to...

6.2CVSS6.7AI score0.00032EPSS

Exploits0References2

OpenVAS•added 2015/05/06 12:0 a.m.•239 views

Ubuntu: Security Advisory (USN-2596-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.2CVSS6.3AI score0.00032EPSS

Exploits0References2

Ubuntu•added 2015/05/05 10:40 p.m.•68 views

USN-2601-1: Linux kernel vulnerability