Lucene search
K

23 matches found

OSV
OSV
added 2025/11/10 6:51 p.m.6 views

CLSA-2025-1762800667 Fix CVE(s): CVE-2021-44038

SECURITY UPDATE: Unsafe chown/chmod operations in .service files - debian/patches/CVE-2021-44038.patch: remove chown/chmod commands from the .service files - CVE-2021-44038...

7.8CVSS7.1AI score0.00761EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2020-24103

Malware in sbrugna...

7.8CVSS7.5AI score0.0041EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2023/02/15 3:36 a.m.3 views

SUSE CVE-2021-44038

An issue was discovered in Quagga through 1.2.4. Unsafe chown/chmod operations in the suggested spec file allow users with control of the non-root-owned directory /etc/quagga to escalate their privileges to root upon package installation or update...

7.8CVSS8.4AI score0.00761EPSS
Exploits1References3
Prion
Prion
added 2023/01/26 9:15 p.m.12 views

Hardcoded credentials

uptimed before 0.4.6-r1 on Gentoo allows local users with access to the uptimed user account to gain root privileges by creating a hard link within the /var/spool/uptimed directory, because there is an unsafe chown -R call...

4.3CVSS7.7AI score0.0041EPSS
Exploits1References2Affected Software1
OSV
OSV
added 2023/01/26 9:15 p.m.5 views

UBUNTU-CVE-2020-36657

uptimed before 0.4.6-r1 on Gentoo allows local users with access to the uptimed user account to gain root privileges by creating a hard link within the /var/spool/uptimed directory, because there is an unsafe chown -R call...

7.8CVSS7.1AI score0.0041EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2023/01/25 12:0 a.m.3 views

PT-2023-11825 · Uptime · Uptimed

Name of the Vulnerable Software and Affected Versions: uptimed versions prior to 0.4.6-r1 Description: The issue allows local users with access to the uptimed user account to gain root privileges. This is achieved by creating a hard link within the /var/spool/uptimed directory, taking advantage o...

7.8CVSS6.9AI score0.0041EPSS
Exploits1References9
Vulnrichment
Vulnrichment
added 2023/01/25 12:0 a.m.4 views

CVE-2020-36657

uptimed before 0.4.6-r1 on Gentoo allows local users with access to the uptimed user account to gain root privileges by creating a hard link within the /var/spool/uptimed directory, because there is an unsafe chown -R call...

7.2AI score0.0041EPSS
Exploits1References2
Cvelist
Cvelist
added 2023/01/25 12:0 a.m.27 views

CVE-2020-36657

uptimed before 0.4.6-r1 on Gentoo allows local users with access to the uptimed user account to gain root privileges by creating a hard link within the /var/spool/uptimed directory, because there is an unsafe chown -R call...

7.7AI score0.0041EPSS
Exploits1References2
Debian CVE
Debian CVE
added 2023/01/25 12:0 a.m.14 views

CVE-2020-36657

uptimed before 0.4.6-r1 on Gentoo allows local users with access to the uptimed user account to gain root privileges by creating a hard link within the /var/spool/uptimed directory, because there is an unsafe chown -R call...

7.8CVSS7.6AI score0.0041EPSS
Exploits1
OpenVAS
OpenVAS
added 2021/11/22 12:0 a.m.18 views

Quagga <= 1.2.4 Privilege Escalation Vulnerability

Quagga is prone to a privilege escalation vulnerability. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you...

7.8CVSS7.8AI score0.00761EPSS
Exploits1References1
OSV
OSV
added 2021/11/19 7:15 p.m.5 views

AZL-7336 CVE-2021-44038 affecting package quagga 1.2.4-15

An issue was discovered in Quagga through 1.2.4. Unsafe chown/chmod operations in the suggested spec file allow users with control of the non-root-owned directory /etc/quagga to escalate their privileges to root upon package installation or update...

7.8CVSS7.1AI score0.00761EPSS
Exploits1References1
UbuntuCve
UbuntuCve
added 2020/02/04 5:15 p.m.58 views

CVE-2020-7221

mysqlinstalldb in MariaDB 10.4.7 through 10.4.11 allows privilege escalation from the mysql user account to root because chown and chmod are performed unsafely, as demonstrated by a symlink attack on a chmod 04755 of authpamtooldir/authpamtool. NOTE: this does not affect the Oracle MySQL product,...

7.8CVSS7AI score0.0067EPSS
Exploits1References4
OSV
OSV
added 2020/02/04 5:15 p.m.4 views

UBUNTU-CVE-2020-7221

mysqlinstalldb in MariaDB 10.4.7 through 10.4.11 allows privilege escalation from the mysql user account to root because chown and chmod are performed unsafely, as demonstrated by a symlink attack on a chmod 04755 of authpamtooldir/authpamtool. NOTE: this does not affect the Oracle MySQL product,...

7.8CVSS7AI score0.0067EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2018/01/04 12:0 a.m.38 views

RHEL 6 : Red Hat JBoss Enterprise Application Platform 7.0.9 security update on RHEL 6 (Important) (RHSA-2018:0002)

"The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:0002 advisory. Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server. This release of Re...

9.8CVSS6.7AI score0.91896EPSS
Exploits11References20
RedHat Linux
RedHat Linux
added 2018/01/03 10:49 a.m.2 views

jboss: unsafe chown of server.log in jboss init script allows privilege escalation (Incomplete fix for CVE-2016-8656)

It was discovered that the jboss init script performed unsafe file handling which could result in local privilege escalation...

7.8CVSS7.3AI score0.00366EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2018/01/03 10:31 a.m.4 views

jboss: unsafe chown of server.log in jboss init script allows privilege escalation (Incomplete fix for CVE-2016-8656)

It was discovered that the jboss init script performed unsafe file handling which could result in local privilege escalation...

7.8CVSS7.3AI score0.00366EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2018/01/03 10:30 a.m.6 views

jboss: unsafe chown of server.log in jboss init script allows privilege escalation (Incomplete fix for CVE-2016-8656)

It was discovered that the jboss init script performed unsafe file handling which could result in local privilege escalation...

7.8CVSS7.3AI score0.00366EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2017/12/13 5:57 p.m.5 views

jboss: jbossas: unsafe chown of server.log in jboss init script allows privilege escalation

It was discovered that the jboss init script performed unsafe file handling which could result in local privilege escalation...

7.8CVSS7.3AI score0.00366EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2017/12/13 5:48 p.m.5 views

jboss: jbossas: unsafe chown of server.log in jboss init script allows privilege escalation

It was discovered that the jboss init script performed unsafe file handling which could result in local privilege escalation...

7.8CVSS7.3AI score0.00366EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2017/03/22 5:52 p.m.3 views

jboss: jbossas: unsafe chown of server.log in jboss init script allows privilege escalation

It was discovered that the jboss init script performed unsafe file handling which could result in local privilege escalation...

7.8CVSS7.3AI score0.00366EPSS
Exploits0References4
Rows per page
Query Builder