CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

11 matches found

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2005-3149

Malware in sbrugna...

4.6CVSS6.1AI score0.00101EPSS

Exploits0References15

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2022-30349

Malicious code in bioql PyPI...

8.4CVSS7.6AI score0.00127EPSS

Exploits0References1

OSV•added 2005/10/05 10:2 p.m.•4 views

CVE-2005-3149

Uim 0.4.x before 0.4.9.1 and 0.5.0 and earlier does not properly handle the LIBUIMVANILLA environment variable when a suid or sgid application is linked to libuim, such as immodule for Qt, which allows local users to gain privileges...

6.3AI score

Exploits0References14

Gentoo Linux•added 2005/02/28 12:0 a.m.•19 views

uim: Privilege escalation vulnerability

Background uim is a simple, secure and flexible input method library. Description Takumi Asaki discovered that uim insufficiently checks environment variables. setuid/setgid applications linked against libuim could end up executing arbitrary code. This vulnerability only affects immodule-enabled ...

4.6CVSS7.2AI score0.00068EPSS

Exploits0

Tenable Nessus•added 2005/02/25 12:0 a.m.•23 views

Mandrake Linux Security Advisory : uim (MDKSA-2005:046)

Takumi ASAKI discovered that uim always trusts environment variables which can allow a local attacker to obtain elevated privileges when libuim is linked against an suid/sgid application. This problem is only exploitable in 'immodule for Qt' enabled Qt applications. The updated packages are patch...

4.6CVSS5.4AI score0.00068EPSS

Exploits0References2

securityvulns•added 2005/02/22 12:0 a.m.•29 views

[SA13981] uim Environment Variable Trust Privilege Escalation

TITLE: uim Environment Variable Trust Privilege Escalation SECUNIA ADVISORY ID: SA13981 VERIFY ADVISORY: http://secunia.com/advisories/13981/ CRITICAL: Less critical IMPACT: Privilege escalation WHERE: Local system SOFTWARE: uim 0.x http://secunia.com/product/4680/ DESCRIPTION: Takumi Asaki has...

0.8AI score

Exploits0

NVD•added 2005/02/21 5:0 a.m.•17 views

CVE-2005-0503

uim before 0.4.5.1 trusts certain environment variables when libUIM is used in setuid or setgid applications, which allows local users to gain privileges...

4.6CVSS6.4AI score0.00068EPSS

Exploits0References4

Cvelist•added 2005/02/21 5:0 a.m.•18 views

CVE-2005-0503

uim before 0.4.5.1 trusts certain environment variables when libUIM is used in setuid or setgid applications, which allows local users to gain privileges...

6.2AI score0.00068EPSS

Exploits0References4

OSV•added 2005/02/21 5:0 a.m.•6 views

CVE-2005-0503

uim before 0.4.5.1 trusts certain environment variables when libUIM is used in setuid or setgid applications, which allows local users to gain privileges...

6.6AI score

Exploits0References6

OSV•added 2005/02/21 5:0 a.m.•2 views

DEBIAN-CVE-2005-0503

uim before 0.4.5.1 trusts certain environment variables when libUIM is used in setuid or setgid applications, which allows local users to gain privileges...

4.6CVSS6.5AI score0.00068EPSS

Exploits0References1

FreeBSD•added 2005/02/21 12:0 a.m.•22 views

uim -- privilege escalation vulnerability

The uim developers reports: Takumi ASAKI discovered that uim always trusts environment variables. But this is not correct behavior, sometimes environment variables shouldn't be trusted. This bug causes privilege escalation when libuim is linked against setuid/setgid application. Since GTK+...

4.6CVSS6.6AI score0.00068EPSS

Exploits0References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by