Lucene search
K

487 matches found

Nuclei
Nuclei
added 2 days ago19 views

Kramer VIAware - Privilege Escalation and Remote Code Execution

Kramer VIAware, all tested versions, allow privilege escalation and remote code execution due to misconfigured sudo permissions. Attackers can execute arbitrary system commands remotely if the web interface is accessible, due to vulnerabilities in the handling of privileged operations through...

10CVSS7.6AI score0.70753EPSS
Exploits5References5
OSV
OSV
added 2026/07/02 8:23 p.m.2 views

GHSA-8W6W-23MQ-H8RG Linuxfabrik Monitoring Plugins: Sudoers may be able to obtain privilege escalation via /usr/bin/apt-get arguments

Summary In the Debian.sudoers file, apt-get is allowed for the nagios user. The full command including the arguments are not enforced and can therefore be choosen arbitrarily. This allows to easily get a root shell as the nagios user: PoC By choosing a particular argument, you can get as a nagios...

8.4CVSS5.8AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/01 12:0 a.m.18 views

Malicious code in @redhat-cloud-services/remediations-client (npm)

Part of the "Mini Shai-Hulud" supply chain worm campaign that compromised the GitHub Actions OIDC trusted publisher shared by Red Hat Cloud Services npm packages. The attacker injected a preinstall hook into this and 31 other packages in the @redhat-cloud-services scope. The hook delivers a...

6.2AI score
Exploits0References2
GithubExploit
GithubExploit
added 2026/05/28 5:38 a.m.132 views

CIFSwitch

CIFSwitch CVE-2026-46243 Writeuphttps://heyitsas.im/post...

7.8CVSS5.8AI score0.00353EPSS
Exploits4
The Hacker News
The Hacker News
added 2026/05/19 2:56 p.m.17 views

DirtyDecrypt PoC Released for Linux Kernel CVE-2026-31635 LPE Vulnerability

Proof-of-concept PoC exploit code has now been released for a recently patched security flaw in the Linux kernel that could allow for local privilege escalation LPE. Dubbed DirtyDecrypt aka DirtyCBC, the vulnerability was discovered and reported by the Zellic and V12 security team on May 9, 2026,...

7.5CVSS5.9AI score0.00817EPSS
Exploits4
Fedora
Fedora
added 2026/04/25 1:59 a.m.9 views

[SECURITY] Fedora 44 Update: sudo-1.9.17-8.p2.fc44

Sudo superuser do allows a system administrator to give certain users or groups of users the ability to run some or all commands as root while logging all commands and arguments. Sudo operates on a per-command basis. It is not a replacement for the shell. Features include: the ability to restrict...

7.8CVSS5.3AI score0.00173EPSS
Exploits0
Fedora
Fedora
added 2026/04/23 1:12 a.m.9 views

[SECURITY] Fedora 43 Update: sudo-1.9.17-7.p2.fc43

Sudo superuser do allows a system administrator to give certain users or groups of users the ability to run some or all commands as root while logging all commands and arguments. Sudo operates on a per-command basis. It is not a replacement for the shell. Features include: the ability to restrict...

7.8CVSS5.3AI score0.00173EPSS
Exploits0
NVD
NVD
added 2026/04/03 10:16 p.m.14 views

CVE-2026-34990

OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.16 and prior, a local unprivileged user can coerce cupsd into authenticating to an attacker-controlled localhost IPP service with a reusable Authorization: Local ... token. That...

7.8CVSS0.00289EPSS
Exploits1References1
OSV
OSV
added 2026/04/03 10:16 p.m.30 views

UBUNTU-CVE-2026-34990

OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.16 and prior, a local unprivileged user can coerce cupsd into authenticating to an attacker-controlled localhost IPP service with a reusable Authorization: Local ... token. That...

7.8CVSS5.9AI score0.00289EPSS
Exploits1References4
Debian CVE
Debian CVE
added 2026/04/03 9:14 p.m.7 views

CVE-2026-34990

OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.16 and prior, a local unprivileged user can coerce cupsd into authenticating to an attacker-controlled localhost IPP service with a reusable Authorization: Local ... token. That...

7.8CVSS5.9AI score0.00289EPSS
Exploits1
EUVD
EUVD
added 2026/04/03 9:14 p.m.5 views

EUVD-2026-18889

OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.16 and prior, a local unprivileged user can coerce cupsd into authenticating to an attacker-controlled localhost IPP service with a reusable Authorization: Local ... token. That...

5CVSS6AI score0.00289EPSS
Exploits1References1
CVE
CVE
added 2026/04/03 9:14 p.m.41 views

CVE-2026-34990

OpenPrinting CUPS (OpenPrinting CUPS) CVE-2026-34990 affects versions 2.4.16 and earlier. A local unprivileged user can coerce cupsd to authenticate to an attacker-controlled localhost IPP service using a reusable Authorization: Local token, enabling /admin/ requests on localhost. By combining CU...

7.8CVSS6AI score0.00289EPSS
Exploits1References1Affected Software1
Vulnrichment
Vulnrichment
added 2026/04/03 9:14 p.m.3 views

CVE-2026-34990 OpenPrinting CUPS: Local print admin token disclosure using temporary printers

OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.16 and prior, a local unprivileged user can coerce cupsd into authenticating to an attacker-controlled localhost IPP service with a reusable Authorization: Local ... token. That...

5CVSS6.2AI score0.00289EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2026/04/03 9:14 p.m.7 views

CVE-2026-34990

OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.16 and prior, a local unprivileged user can coerce cupsd into authenticating to an attacker-controlled localhost IPP service with a reusable Authorization: Local ... token. That...

5CVSS6AI score0.00289EPSS
Exploits1References2Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/03/17 12:0 a.m.7 views

EulerOS Virtualization 2.12.1 : sudo (EulerOS-SA-2026-1465)

According to the versions of the sudo package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : Sudo before 1.9.17p1, when used with a sudoers file that specifies a host that is neither the current host nor ALL, allows listed user...

8.8CVSS7AI score0.03239EPSS
Exploits76References2
Tenable Nessus
Tenable Nessus
added 2026/03/16 12:0 a.m.8 views

EulerOS Virtualization 2.12.0 : sudo (EulerOS-SA-2026-1522)

According to the versions of the sudo package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : Sudo before 1.9.17p1, when used with a sudoers file that specifies a host that is neither the current host nor ALL, allows listed user...

8.8CVSS7AI score0.03239EPSS
Exploits76References2
GithubExploit
GithubExploit
added 2026/02/18 9:26 a.m.394 views

Exploit for CVE-2025-4517

This script is a weaponized version of the research published in...

9.4CVSS5.7AI score0.02203EPSS
Exploits12
GithubExploit
GithubExploit
added 2026/02/16 1:31 p.m.323 views

Exploit for CVE-2025-4138

CVE-2025-4138 Auto-Sudo Generator A Python script to generate...

9.4CVSS5.8AI score0.01227EPSS
Exploits14
RedhatCVE
RedhatCVE
added 2026/02/06 1:25 a.m.10 views

CVE-2026-25499

Terraform / OpenTofu Provider adds support for Proxmox Virtual Environment. Prior to version 0.93.1, in the SSH configuration documentation, the sudoer line suggested is insecure and can result in escaping the folder using ../, allowing any files on the system to be edited. This issue has been...

8.7CVSS5.3AI score0.00431EPSS
Exploits1References1
NVD
NVD
added 2026/02/04 9:16 p.m.9 views

CVE-2026-25499

Terraform / OpenTofu Provider adds support for Proxmox Virtual Environment. Prior to version 0.93.1, in the SSH configuration documentation, the sudoer line suggested is insecure and can result in escaping the folder using ../, allowing any files on the system to be edited. This issue has been...

8.7CVSS0.00431EPSS
Exploits1References2
Rows per page
Query Builder