Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

EUVD
EUVDadded 2025/10/03 8:7 p.m.3 views

EUVD-2023-39008

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.01417EPSS
Exploits1References6
Cvelist
Cvelistadded 2025/06/26 9:25 a.m.6 views

CVE-2024-11584

cloud-init through 25.1.2 includes the systemd socket unit cloud-init-hotplugd.socket with default SocketMode that grants 0666 permissions, making it world-writable. This is used for the "/run/cloud-init/hook-hotplug-cmd" FIFO. An unprivileged user could trigger hotplug-hook commands...

5.9CVSS0.00122EPSS
Exploits0References2
RedhatCVE
RedhatCVEadded 2025/05/23 12:58 a.m.8 views

CVE-2022-31136

Bookwyrm is an open source social reading and reviewing program. Versions of Bookwyrm prior to 0.4.1 did not properly sanitize html being rendered to users. Unprivileged users are able to inject scripts into user profiles, book descriptions, and statuses. These vulnerabilities may be exploited as...

6.3CVSS6.3AI score0.00493EPSS
Exploits0References1
RedHat Linux
RedHat Linuxadded 2024/02/01 12:39 p.m.1 views

rpm: races with chown/chmod/capabilities calls during installation

A symbolic link issue was found in rpm. It occurs when rpm sets the desired permissions and credentials after installing a file. A local unprivileged user could use this flaw to exchange the original file with a symbolic link to a security-critical file and escalate their privileges on the system...

6.7CVSS7.1AI score0.00491EPSS
Exploits1References5
OSV
OSVadded 2022/08/26 4:15 p.m.6 views

CVE-2021-3864

A flaw was found in the way the dumpable flag setting was handled when certain SUID binaries executed its descendants. The prerequisite is a SUID binary that sets real UID equal to effective UID, and real GID equal to effective GID. The descendant will then have a dumpable value set to 1. As a...

7CVSS6.4AI score0.00725EPSS
Exploits1References7
OSV
OSVadded 2019/02/13 11:8 a.m.4 views

MGASA-2019-0063 Updated cinnamon packages fix security vulnerability

A flaw was found in Cinnamon 1.9.2 through 3.8.6. The cinnamon-settings-users.py GUI runs as root and allows configuration of for example other users' icon files in onfacebrowsemenuitemactivated and onfacemenuitemactivated. These icon files are written to the respective user's $HOME/.face locatio...

8.1CVSS7.9AI score0.02201EPSS
Exploits0References4
securityvulns
securityvulnsadded 2004/08/12 12:0 a.m.32 views

ISS BlackIce Server Protect Unprivileged User Attack

Release Date: August 11, 2004 Severity: Medium Vendor: Internet Security Systems Software: BlackIce Server Protect 3.6cno and below Remote: Remotely Executable from Local and Trusted Networks Vulnerabilities: Unpriviledged User Attack Technical Details: Unpriviledged User Attack was originally...

6.7AI score
Exploits0
securityvulns
securityvulnsadded 2004/08/12 12:0 a.m.29 views

BlackICE unprivileged local user attack

Pimp industries. "Its all about the Bling, B^!@s and Fame!" BlackICE PC protection / Server Protection Tested on version v3.6.cno Unprivileged local user disabling anyone from using BlackICE C Paul Craig - Pimp Industries 2004 Background ------------- Blackice is a firewall developed by ISS,...

0.5AI score
Exploits0
Rows per page
Query Builder