8 matches found
CVE-2025-67493
Homarr is an open-source dashboard. Prior to version 1.45.3, it was possible to craft an input which allowed privilege escalation and getting access to groups of other users due to missing sanitization of inputs in ldap search query. The vulnerability could impact all instances using ldap...
CVE-2025-67493 Homarr: missing input sanitization and possible privilege escalation through ldap search query injection
Homarr is an open-source dashboard. Prior to version 1.45.3, it was possible to craft an input which allowed privilege escalation and getting access to groups of other users due to missing sanitization of inputs in ldap search query. The vulnerability could impact all instances using ldap...
CVE-2025-67493 Homarr issing input sanitization and possible privilege escalation through ldap search query injection
Homarr is an open-source dashboard. Prior to version 1.45.3, it was possible to craft an input which allowed privilege escalation and getting access to groups of other users due to missing sanitization of inputs in ldap search query. The vulnerability could impact all instances using ldap...
CVE-2025-67493 Homarr: missing input sanitization and possible privilege escalation through ldap search query injection
Homarr is an open-source dashboard. Prior to version 1.45.3, it was possible to craft an input which allowed privilege escalation and getting access to groups of other users due to missing sanitization of inputs in ldap search query. The vulnerability could impact all instances using ldap...
EUVD-2025-203997
Homarr is an open-source dashboard. Prior to version 1.45.3, it was possible to craft an input which allowed privilege escalation and getting access to groups of other users due to missing sanitization of inputs in ldap search query. The vulnerability could impact all instances using ldap...
CVE-2024-32019 ndsudo: local privilege escalation via untrusted search path
Netdata is an open source observability tool. In affected versions the ndsudo tool shipped with affected versions of the Netdata Agent allows an attacker to run arbitrary programs with root permissions. The ndsudo tool is packaged as a root-owned executable with the SUID bit set. It only runs a...
PT-2024-24358
Name of the Vulnerable Software and Affected Versions Netdata versions prior to 1.45.3 Netdata versions prior to 1.45.2-169 Description Netdata is an open source observability tool. The ndsudo tool shipped with affected versions of the Netdata Agent allows an attacker to run arbitrary programs wi...
e2fsprogs: Crafted ext4 partition leads to out-of-bounds write
An exploitable code execution vulnerability exists in the quota file functionality of E2fsprogs 1.45.3. A specially crafted ext4 partition can cause an out-of-bounds write on the heap, resulting in code execution. An attacker can corrupt a partition to trigger this vulnerability...