Lucene search
K

567 matches found

OSV
OSV
•added 2025/05/26 2:15 p.m.•4 views

ALPINE-CVE-2025-46804

A minor information leak when running Screen with setuid-root privileges allows unprivileged users to deduce information about a path that would otherwise not be available. Affected are older Screen versions, as well as version 5.0.0...

2CVSS6.6AI score0.00213EPSS
Exploits0References1
OSV
OSV
•added 2025/05/26 2:15 p.m.•5 views

CVE-2025-46804

A minor information leak when running Screen with setuid-root privileges allows unprivileged users to deduce information about a path that would otherwise not be available. Affected are older Screen versions, as well as version 5.0.0...

3.3CVSS6.7AI score0.00213EPSS
Exploits0References2
OSV
OSV
•added 2025/05/26 2:15 p.m.•1 views

DEBIAN-CVE-2025-46804

A minor information leak when running Screen with setuid-root privileges allows unprivileged users to deduce information about a path that would otherwise not be available. Affected are older Screen versions, as well as version 5.0.0...

2CVSS4.5AI score0.00213EPSS
Exploits0References1
Cvelist
Cvelist
•added 2025/05/26 1:31 p.m.•20 views

CVE-2025-46804 Screen 5.0.0 and older versions allow file existence tests when installed setuid-root

A minor information leak when running Screen with setuid-root privileges allows unprivileged users to deduce information about a path that would otherwise not be available. Affected are older Screen versions, as well as version 5.0.0...

3.3CVSS0.00213EPSS
Exploits0References2
CVE
CVE
•added 2025/05/26 1:31 p.m.•72 views

CVE-2025-46804

CVE-2025-46804 describes a local information-leak in GNU Screen when running with setuid-root privileges. The issue allows an unprivileged user to deduce information about a path that would otherwise be inaccessible. Affected are older Screen versions as well as version 5.0.0. The connected advis...

3.3CVSS3.9AI score0.00213EPSS
Exploits0References2
Vulnrichment
Vulnrichment
•added 2025/05/26 1:31 p.m.•10 views

CVE-2025-46804 Screen 5.0.0 and older versions allow file existence tests when installed setuid-root

A minor information leak when running Screen with setuid-root privileges allows unprivileged users to deduce information about a path that would otherwise not be available. Affected are older Screen versions, as well as version 5.0.0...

3.3CVSS4.4AI score0.00213EPSS
Exploits0References2
AlpineLinux
AlpineLinux
•added 2025/05/26 1:31 p.m.•10 views

CVE-2025-46804

A minor information leak when running Screen with setuid-root privileges allows unprivileged users to deduce information about a path that would otherwise not be available. Affected are older Screen versions, as well as version 5.0.0...

3.3CVSS4AI score0.00213EPSS
Exploits0
Cvelist
Cvelist
•added 2025/05/26 1:16 p.m.•25 views

CVE-2025-46805 Screen has a TOCTOU race potentially allowing to send SIGHUP, SIGCONT to privileged processes when installed setuid-root

Screen version 5.0.0 and older version 4 releases have a TOCTOU race potentially allowing to send SIGHUP, SIGCONT to privileged processes when installed setuid-root...

5.7CVSS0.00167EPSS
Exploits0References2
CVE
CVE
•added 2025/05/26 1:16 p.m.•81 views

CVE-2025-46805

CVE-2025-46805 is disclosed in multiple advisories tied to GNU Screen. The available documents confirm that: the affected component is the Screen package, with versions 5.0.0 and older version 4 releases. The root cause is a TOCTOU race condition that permits sending SIGHUP and SIGCONT to privile...

5.7CVSS5.3AI score0.00167EPSS
Exploits0References2
Vulnrichment
Vulnrichment
•added 2025/05/26 1:16 p.m.•5 views

CVE-2025-46805 Screen has a TOCTOU race potentially allowing to send SIGHUP, SIGCONT to privileged processes when installed setuid-root

Screen version 5.0.0 and older version 4 releases have a TOCTOU race potentially allowing to send SIGHUP, SIGCONT to privileged processes when installed setuid-root...

5.7CVSS6.7AI score0.00167EPSS
Exploits0References2
AlpineLinux
AlpineLinux
•added 2025/05/26 1:16 p.m.•10 views

CVE-2025-46805

Screen version 5.0.0 and older version 4 releases have a TOCTOU race potentially allowing to send SIGHUP, SIGCONT to privileged processes when installed setuid-root...

5.7CVSS5.4AI score0.00167EPSS
Exploits0
RedhatCVE
RedhatCVE
•added 2025/05/22 7:29 p.m.•7 views

CVE-2021-26936

The replay-sorcery program in ReplaySorcery 0.4.0 through 0.5.0, when using the default setuid-root configuration, allows a local attacker to escalate privileges to root by specifying video output paths in privileged locations...

7.8CVSS6.8AI score0.00513EPSS
Exploits1References1
RedhatCVE
RedhatCVE
•added 2025/05/22 3:26 p.m.•3 views

CVE-2020-28010

Exim 4 before 4.94.2 allows Out-of-bounds Write because the main function, while setuid root, copies the current working directory pathname into a buffer that is too small on some common platforms...

7.8CVSS7.7AI score0.00417EPSS
Exploits1
RedhatCVE
RedhatCVE
•added 2025/05/22 9:16 a.m.•8 views

CVE-2019-19544

CA Automic Dollar Universe 5.3.3 contains a vulnerability, related to the uxdqmsrv binary being setuid root, that allows local attackers to elevate privileges. This vulnerability was reported to CA several years after CA Automic Dollar Universe 5.3.3 reached End of Life EOL status on April 1, 201...

7.8CVSS6.7AI score0.00412EPSS
Exploits1References1
RedhatCVE
RedhatCVE
•added 2025/05/21 8:30 p.m.•7 views

CVE-2002-2023

The getparameterfromfreqencysource function in beep2 1.0, 1.1 and 1.2, when installed setuid root, allows local users to read arbitrary files via unknown attack vectors...

2.1CVSS6.7AI score0.00321EPSS
Exploits0References1
RedhatCVE
RedhatCVE
•added 2025/05/21 8:26 p.m.•8 views

CVE-2002-1896

Buffer overflow in Alsaplayer 0.99.71, when installed setuid root, allows local users to execute arbitrary code via a long 1 -f or 2 -o command line argument...

7.2CVSS7.9AI score0.01602EPSS
Exploits1References1
SUSE CVE
SUSE CVE
•added 2025/05/13 3:34 a.m.•3 views

SUSE CVE-2025-23395

Screen 5.0.0 when it runs with setuid-root privileges does not drop privileges while operating on a user supplied path. This allows unprivileged users to create files in arbitrary locations with root ownership, the invoking user's real group ownership and file mode 0644. All data written to the...

7.8CVSS7.1AI score0.00201EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2025/05/13 3:33 a.m.•3 views

SUSE CVE-2025-46804

A minor information leak when running Screen with setuid-root privileges allows unprivileged users to deduce information about a path that would otherwise not be available. Affected are older Screen versions, as well as version 5.0.0...

3.3CVSS6.6AI score0.00213EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2025/05/13 3:33 a.m.•2 views

SUSE CVE-2025-46805

Screen version 5.0.0 and older version 4 releases have a TOCTOU race potentially allowing to send SIGHUP, SIGCONT to privileged processes when installed setuid-root...

5.7CVSS6.9AI score0.00167EPSS
Exploits0References3
UbuntuCve
UbuntuCve
•added 2025/05/08 12:0 a.m.•3 views

CVE-2025-46804

A minor information leak when running Screen with setuid-root privileges allows unprivileged users to deduce information about a path that would otherwise not be available. Affected are older Screen versions, as well as version 5.0.0...

3.3CVSS5.8AI score0.00213EPSS
Exploits0References3
Rows per page
Query Builder