Astra Linux - уязвимость в wpa

A issue was discovered in Ubuntu wpasupplicant, resulting in the loading of arbitrary shared objects. This allows a local unprivileged attacker to escalate privileges to the user that wpasupplicant runs as usually root. Membership in the netdev group or access to the dbus interface of wpasupplica...

Uncontrolled Search Path Element

Overview openssl-encrypt is an A package for secure file encryption and decryption based on modern ciphers using heavy-compute-load chaining of hashing and KDF to generate strong encryption password based on users provided password to ensure secure encryption of files Affected versions of this...

Fortinet FortiClient Link Following Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Fortinet FortiClient. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of...

📄 glibc 2.38 Buffer Overflow

This is a local privilege escalation exploit for CVE-2023-4911, also known as "Looney Tunables", caused by a buffer overflow in the glibc dynamic loader's environment variable parsing logic. The vulnerability is triggered by crafting a maliciously long GLIBCTUNABLES string which corrupts internal...

glibc 2.38 - Buffer Overflow

Exploit Title: glibc 2.38 - Buffer Overflow Google Dork: N/A Date: 2025-10-08 Exploit Author: Beatriz Fresno Naumova Vendor Homepage: https://www.gnu.org/software/libc/ Software Link: https://ftp.gnu.org/gnu/libc/glibc-2.35.tar.gz Version: glibc 2.35 specifically 2.35-0ubuntu3.3 on Ubuntu 22.04.3...

EUVD-2009-1305

Malware in sbrugna...

EUVD-2010-3835

Malware in sbrugna...

EUVD-2022-2052

Malicious code in bioql PyPI...

EUVD-2024-46526

Malicious code in bioql PyPI...

Sudo Chroot 1.9.17 Privilege Escalation

Sudo before version 1.19.17p1 allows user to use chroot option, when executing command. The option is intended to run a command with user-selected root directory if sudoers file allow it. Change in version 1.9.14 allows resolving paths via chroot using user-specified root directory when sudoers i...

📄 Sudo Chroot 1.9.17 Privilege Escalation

This Metasploit module exploits the chroot vulnerability in Sudo versions prior to 1.9.17p1. It allows the attacker to trick Sudo into loading an arbitrary shared object, thus resulting in a privilege escalation. This module requires Metasploit: https://metasploit.com/download Current source:...

CVE-2020-2296

A cross-site request forgery CSRF vulnerability in Jenkins Shared Objects Plugin 0.44 and earlier allows attackers to configure shared objects...

CVE-2024-5290

A vulnerability was found in the wpasupplicant package. This flaw allows a local unprivileged user who is part of the netdev group to achieve privilege escalation to the same user running wpasupplicant typically root. Mitigation Mitigation for this issue is either not available or the currently...

CVE-2024-5290

An issue was discovered in Ubuntu wpasupplicant that resulted in loading of arbitrary shared objects, which allows a local unprivileged attacker to escalate privileges to the user that wpasupplicant runs as usually root. Membership in the netdev group or access to the dbus interface of...

USN-6945-1 wpa vulnerability

Rory McNamara discovered that wpasupplicant could be made to load arbitrary shared objects by unprivileged users that have access to the control interface. An attacker could use this to escalate privileges to root...

CVE-2024-5290

An issue was discovered in Ubuntu wpasupplicant that resulted in loading of arbitrary shared objects, which allows a local unprivileged attacker to escalate privileges to the user that wpasupplicant runs as usually root. Membership in the netdev group or access to the dbus interface of...

Exploit for CVE-2023-31497

EPScalate An elevation of privilege vulnerability in QuickHeal...

SUSE CVE-2009-1307

The view-source: URI implementation in Mozilla Firefox before 3.0.9, Thunderbird, and SeaMonkey does not properly implement the Same Origin Policy, which allows remote attackers to 1 bypass crossdomain.xml restrictions and connect to arbitrary web sites via a Flash file; 2 read, create, or modify...

SUSE CVE-2010-3856

ld.so in the GNU C Library aka glibc or libc6 before 2.11.3, and 2.12.x before 2.12.2, does not properly restrict use of the LDAUDIT environment variable to reference dynamic shared objects DSOs as audit objects, which allows local users to gain privileges by leveraging an unsafe DSO located in a...

SUSE CVE-2011-0536

Multiple untrusted search path vulnerabilities in elf/dl-object.c in certain modified versions of the GNU C Library aka glibc or libc6, including glibc-2.5-49.el55.6 and glibc-2.12-1.7.el60.3 in Red Hat Enterprise Linux, allow local users to gain privileges via a crafted dynamic shared object DSO...