4730 matches found
Exploit for Off-by-one Error in Sudo_Project Sudo
CVE-2021-3156 ============= Sudo before 1.9.5p2 contains an off...
Qualys Research Wins Two 2021 Pwnie Awards
The Qualys Research team won two Pwnie Awards today at Black Hat USA 2021 for discovering and responsibly disclosing these new vulnerabilities: Best Privilege Escalation Bug and Most Under-Hyped Research. The Qualys Research team received these awards: Best Privilege Escalation Bug Heap-based...
Exploit for Out-of-bounds Write in Sudo_Project Sudo
CVE-2019-18634 N-Day Exploit Slides https://docs.googl...
Exploit for Incorrect Authorization in Polkit_Project Polkit
Polkit D-Bus Authentication Bypass Exploit A vulnerability...
Pi-Hole Remove Commands Linux Privilege Escalation
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Pi-Hole Remove Commands Linux Priv Esc', 'Description' = %q Pi-Hole versions 3.0 - 5.3 allows for command line input to the removecustomcname,...
Exploit for Off-by-one Error in Sudo_Project Sudo
CVE-2021-3156 PoC Introdução Este é um exploit para o CV...
Unspecified Vulnerability in VIAware
Kramer Electronics VIAware is a wireless presentation collaboration software solution from Kramer Electronics, Israel. A security vulnerability exists in all tested versions of KramerAV VIAWare, which can be exploited by an attacker to elevate privileges via misconfigured sudo...
openSUSE: Security Advisory for avahi (openSUSE-SU-2021:1845-1)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
CVE-2021-35064
KramerAV VIAWare, all tested versions, allow privilege escalation through misconfiguration of sudo. Sudoers permits running of multiple dangerous commands, including unzip, systemctl and dpkg...
Design/Logic Flaw
KramerAV VIAWare, all tested versions, allow privilege escalation through misconfiguration of sudo. Sudoers permits running of multiple dangerous commands, including unzip, systemctl and dpkg...
CVE-2021-35064
Kramer VIAware (VIAware web interface) is affected by CVE-2021-35064 with concrete details in connected sources: misconfigured sudoers permissions grant privilege escalation by allowing dangerous commands (e.g., unzip, systemctl, dpkg), enabling possible remote code execution patterns. Nuclei tem...
CVE-2021-35064
KramerAV VIAWare, all tested versions, allow privilege escalation through misconfiguration of sudo. Sudoers permits running of multiple dangerous commands, including unzip, systemctl and dpkg...
CVE-2021-35064
KramerAV VIAWare, all tested versions, allow privilege escalation through misconfiguration of sudo. Sudoers permits running of multiple dangerous commands, including unzip, systemctl and dpkg. Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Value: 0...
PT-2021-20822
Name of the Vulnerable Software and Affected Versions KramerAV VIAWare affected versions not specified Description The software allows for privilege escalation due to improper sudo configuration. The sudoers file permits the execution of multiple dangerous commands, including unzip, systemctl, an...
VIAware 安全漏洞
Kramer Electronics VIAware is a wireless presentation collaboration software solution from Kramer Electronics, Israel. A security vulnerability exists in all tested versions of KramerAV VIAWare, which can be exploited by an attacker to elevate privileges via misconfigured sudo...
Polkit D-Bus Authentication Bypass Exploit
A vulnerability exists within the polkit system service that can be leveraged by a local, unprivileged attacker to perform privileged operations. In order to leverage the vulnerability, the attacker invokes a method over D-Bus and kills the client process. This will occasionally cause the operati...
Polkit D-Bus Authentication Bypass
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'unixcrypt' class MetasploitModule 'Polkit D-Bus Authentication Bypass', 'Description' = %q A vulnerability exists within the polkit system service that can be...
CLSA-2021-1625650209 Fix of CVE: CVE-2021-23240
sudo-1.8.6p3-CVE-2021-23240-2.patch: fixed issue with credentials management in sudoedit - sudo-1.8.6p3-CVE-2021-23240-3.patch: fixed issue with origin file removal in sesh...
Huawei EulerOS: Security Advisory for sudo (EulerOS-SA-2021-2170)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Visual Tools DVR VX16 4.2.28 - Local Privilege Escalation Vulnerability
Exploit Title: Visual Tools DVR VX16 4.2.28 - Local Privilege Escalation Exploit Author: Andrea D'Ubaldo Vendor Homepage: https://visual-tools.com/ Version: Visual Tools VX16 v4.2.28.0 Tested on: VX16 Embedded Linux 2.6.35.4. An attacker can perform a system-level root local privilege escalation...