41 matches found
CVE-2026-0073
In adbdtlsverifycert of auth.cpp, there is a possible bypass of wireless ADB mutual authentication due to a logic error in the code. This could lead to remote proximal/adjacent code execution as the shell user with no additional execution privileges needed. User interaction is not needed for...
CVE-2026-0091
In multiple locations, there is a possible way to execute code in the launcher process due to an over-privileged shell user. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2026-0091
In multiple locations, there is a possible way to execute code in the launcher process due to an over-privileged shell user. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
ASB-A-438742644
In multiple locations, there is a possible way to execute code in the launcher process due to an over-privileged shell user. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
Google Android ADB Authentication Bypass Vulnerability
Android is an open source mobile operating system developed by Google, widely used in smartphones, tablets, smart TVs, cars and various IoT devices, providing core capabilities such as application operation, device management, network communication, debugging and security control, etc. Android...
CVE-2026-0073
In adbdtlsverifycert of auth.cpp, there is a possible bypass of wireless ADB mutual authentication due to a logic error in the code. This could lead to remote proximal/adjacent code execution as the shell user with no additional execution privileges needed. User interaction is not needed for...
CVE-2026-0073
In adbdtlsverifycert of auth.cpp, there is a possible bypass of wireless ADB mutual authentication due to a logic error in the code. This could lead to remote proximal/adjacent code execution as the shell user with no additional execution privileges needed. User interaction is not needed for...
Google Android 安全漏洞
Android is an open source mobile operating system developed by Google, widely used in smartphones, tablets, smart TVs, cars and various IoT devices, providing core capabilities such as application operation, device management, network communication, debugging and security control, etc. Android...
PT-2026-36889
Name of the Vulnerable Software and Affected Versions Android versions 14 through 16 Description A logic error in the adbd tls verify cert function within auth.cpp of the Android Debug Bridge ADB daemon allows a bypass of wireless ADB mutual authentication. The issue stems from a type confusion...
ASB-A-469080888
In adbdtlsverifycert of auth.cpp, there is a possible bypass of wireless ADB mutual authentication due to a logic error in the code. This could lead to remote proximal/adjacent code execution as the shell user with no additional execution privileges needed. User interaction is not needed for...
CVE-2024-58273
Nagios Log Server versions prior to 2024R1.0.2 contain a local privilege escalation vulnerability that allows an attacker who could execute commands as the Apache web user or the backend shell user to escalate to root on the host...
EUVD-2024-55060
Nagios Log Server versions prior to 2024R1.0.2 contain a local privilege escalation vulnerability that allows an attacker who could execute commands as the Apache web user or the backend shell user to escalate to root on the host...
CVE-2024-58273 Nagios Log Server < 2024R1.0.2 LPE from Apache/Backend Shell User to Root
Nagios Log Server versions prior to 2024R1.0.2 contain a local privilege escalation vulnerability that allows an attacker who could execute commands as the Apache web user or the backend shell user to escalate to root on the host...
CVE-2024-58273
CVE-2024-58273 affects Nagios Log Server prior to 2024R1.0.2. The vulnerability enables local privilege escalation when an attacker can run commands as the Apache web user (or backend shell user), escalating to root on the host. Red Hat and related sources corroborate the LPE exposure in affected...
Nagios Log Server 安全漏洞
Nagios Log Server is a suite of centralized log management, monitoring, and analysis software from Nagios, Inc. A security vulnerability exists in Nagios Log Server versions prior to 2024R1.0.2, which originates from an Apache web user or back-end shell user executable command that could result i...
PT-2025-44509
Name of the Vulnerable Software and Affected Versions Nagios Log Server versions prior to 2024R1.0.2 Description The software contains a local privilege escalation issue. An attacker with the ability to execute commands as the Apache web user or the backend shell user can gain root access on the...
EUVD-2017-15835
Malware in sbrugna...
BIT-NIFI-2022-33140 Improper Neutralization of Command Elements in Shell User Group Provider
The optional ShellUserGroupProvider in Apache NiFi 1.10.0 to 1.16.2 and Apache NiFi Registry 0.6.0 to 1.16.2 does not neutralize arguments for group resolution commands, allowing injection of operating system commands on Linux and macOS platforms. The ShellUserGroupProvider is not included in the...
CVE-2020-11847
SSH authenticated user when access the PAM server can execute an OS command to gain the full system access using bash. This issue affects Privileged Access Manager before 3.7.0.1...
CVE-2022-33140
The optional ShellUserGroupProvider in Apache NiFi 1.10.0 to 1.16.2 and Apache NiFi Registry 0.6.0 to 1.16.2 does not neutralize arguments for group resolution commands, allowing injection of operating system commands on Linux and macOS platforms. The ShellUserGroupProvider is not included in the...