Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2007-2444

Summary
Assigner-redhat
Assigner Org ID-53f830b8-0a3f-465b-8143-3b8a9948e749
Published At-14 May, 2007 | 21:00
Updated At-07 Aug, 2024 | 13:42
Rejected At-
Credits

Logic error in the SID/Name translation functionality in smbd in Samba 3.0.23d through 3.0.25pre2 allows local users to gain temporary privileges and execute SMB/CIFS protocol operations via unspecified vectors that cause the daemon to transition to the root user.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
â–¼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:redhat
Assigner Org ID:53f830b8-0a3f-465b-8143-3b8a9948e749
Published At:14 May, 2007 | 21:00
Updated At:07 Aug, 2024 | 13:42
Rejected At:
â–¼CVE Numbering Authority (CNA)

Logic error in the SID/Name translation functionality in smbd in Samba 3.0.23d through 3.0.25pre2 allows local users to gain temporary privileges and execute SMB/CIFS protocol operations via unspecified vectors that cause the daemon to transition to the root user.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
http://security.gentoo.org/glsa/glsa-200705-15.xml
vendor-advisory
x_refsource_GENTOO
http://secunia.com/advisories/25289
third-party-advisory
x_refsource_SECUNIA
http://www.vupen.com/english/advisories/2007/1805
vdb-entry
x_refsource_VUPEN
http://secunia.com/advisories/25772
third-party-advisory
x_refsource_SECUNIA
http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.012.html
vendor-advisory
x_refsource_OPENPKG
http://lists.suse.com/archive/suse-security-announce/2007-May/0006.html
vendor-advisory
x_refsource_SUSE
http://secunia.com/advisories/25270
third-party-advisory
x_refsource_SECUNIA
http://www.securityfocus.com/archive/1/468670/100/0/threaded
mailing-list
x_refsource_BUGTRAQ
http://www.vupen.com/english/advisories/2007/2281
vdb-entry
x_refsource_VUPEN
http://www.vupen.com/english/advisories/2007/2210
vdb-entry
x_refsource_VUPEN
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01078980
vendor-advisory
x_refsource_HP
http://www.trustix.org/errata/2007/0017/
vendor-advisory
x_refsource_TRUSTIX
http://www.securitytracker.com/id?1018049
vdb-entry
x_refsource_SECTRACK
http://www.ubuntu.com/usn/usn-460-1
vendor-advisory
x_refsource_UBUNTU
http://securityreason.com/securityalert/2701
third-party-advisory
x_refsource_SREASON
http://secunia.com/advisories/25241
third-party-advisory
x_refsource_SECUNIA
http://www.mandriva.com/security/advisories?name=MDKSA-2007:104
vendor-advisory
x_refsource_MANDRIVA
http://secunia.com/advisories/25256
third-party-advisory
x_refsource_SECUNIA
https://issues.rpath.com/browse/RPL-1366
x_refsource_CONFIRM
http://secunia.com/advisories/25259
third-party-advisory
x_refsource_SECUNIA
http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.475906
vendor-advisory
x_refsource_SLACKWARE
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102964-1
vendor-advisory
x_refsource_SUNALERT
http://www.debian.org/security/2007/dsa-1291
vendor-advisory
x_refsource_DEBIAN
http://www.securityfocus.com/archive/1/468548/100/0/threaded
mailing-list
x_refsource_BUGTRAQ
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01078980
vendor-advisory
x_refsource_HP
http://secunia.com/advisories/25232
third-party-advisory
x_refsource_SECUNIA
http://secunia.com/advisories/25251
third-party-advisory
x_refsource_SECUNIA
http://sunsolve.sun.com/search/document.do?assetkey=1-66-200588-1
vendor-advisory
x_refsource_SUNALERT
http://www.ubuntu.com/usn/usn-460-2
vendor-advisory
x_refsource_UBUNTU
http://secunia.com/advisories/25246
third-party-advisory
x_refsource_SECUNIA
http://osvdb.org/34698
vdb-entry
x_refsource_OSVDB
http://secunia.com/advisories/25255
third-party-advisory
x_refsource_SECUNIA
http://www.samba.org/samba/security/CVE-2007-2444.html
x_refsource_CONFIRM
http://www.securityfocus.com/bid/23974
vdb-entry
x_refsource_BID
http://secunia.com/advisories/25675
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://security.gentoo.org/glsa/glsa-200705-15.xml
Resource:
vendor-advisory
x_refsource_GENTOO
Hyperlink: http://secunia.com/advisories/25289
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.vupen.com/english/advisories/2007/1805
Resource:
vdb-entry
x_refsource_VUPEN
Hyperlink: http://secunia.com/advisories/25772
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.012.html
Resource:
vendor-advisory
x_refsource_OPENPKG
Hyperlink: http://lists.suse.com/archive/suse-security-announce/2007-May/0006.html
Resource:
vendor-advisory
x_refsource_SUSE
Hyperlink: http://secunia.com/advisories/25270
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.securityfocus.com/archive/1/468670/100/0/threaded
Resource:
mailing-list
x_refsource_BUGTRAQ
Hyperlink: http://www.vupen.com/english/advisories/2007/2281
Resource:
vdb-entry
x_refsource_VUPEN
Hyperlink: http://www.vupen.com/english/advisories/2007/2210
Resource:
vdb-entry
x_refsource_VUPEN
Hyperlink: http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01078980
Resource:
vendor-advisory
x_refsource_HP
Hyperlink: http://www.trustix.org/errata/2007/0017/
Resource:
vendor-advisory
x_refsource_TRUSTIX
Hyperlink: http://www.securitytracker.com/id?1018049
Resource:
vdb-entry
x_refsource_SECTRACK
Hyperlink: http://www.ubuntu.com/usn/usn-460-1
Resource:
vendor-advisory
x_refsource_UBUNTU
Hyperlink: http://securityreason.com/securityalert/2701
Resource:
third-party-advisory
x_refsource_SREASON
Hyperlink: http://secunia.com/advisories/25241
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.mandriva.com/security/advisories?name=MDKSA-2007:104
Resource:
vendor-advisory
x_refsource_MANDRIVA
Hyperlink: http://secunia.com/advisories/25256
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: https://issues.rpath.com/browse/RPL-1366
Resource:
x_refsource_CONFIRM
Hyperlink: http://secunia.com/advisories/25259
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.475906
Resource:
vendor-advisory
x_refsource_SLACKWARE
Hyperlink: http://sunsolve.sun.com/search/document.do?assetkey=1-26-102964-1
Resource:
vendor-advisory
x_refsource_SUNALERT
Hyperlink: http://www.debian.org/security/2007/dsa-1291
Resource:
vendor-advisory
x_refsource_DEBIAN
Hyperlink: http://www.securityfocus.com/archive/1/468548/100/0/threaded
Resource:
mailing-list
x_refsource_BUGTRAQ
Hyperlink: http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01078980
Resource:
vendor-advisory
x_refsource_HP
Hyperlink: http://secunia.com/advisories/25232
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://secunia.com/advisories/25251
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://sunsolve.sun.com/search/document.do?assetkey=1-66-200588-1
Resource:
vendor-advisory
x_refsource_SUNALERT
Hyperlink: http://www.ubuntu.com/usn/usn-460-2
Resource:
vendor-advisory
x_refsource_UBUNTU
Hyperlink: http://secunia.com/advisories/25246
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://osvdb.org/34698
Resource:
vdb-entry
x_refsource_OSVDB
Hyperlink: http://secunia.com/advisories/25255
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.samba.org/samba/security/CVE-2007-2444.html
Resource:
x_refsource_CONFIRM
Hyperlink: http://www.securityfocus.com/bid/23974
Resource:
vdb-entry
x_refsource_BID
Hyperlink: http://secunia.com/advisories/25675
Resource:
third-party-advisory
x_refsource_SECUNIA
â–¼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
http://security.gentoo.org/glsa/glsa-200705-15.xml
vendor-advisory
x_refsource_GENTOO
x_transferred
http://secunia.com/advisories/25289
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.vupen.com/english/advisories/2007/1805
vdb-entry
x_refsource_VUPEN
x_transferred
http://secunia.com/advisories/25772
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.012.html
vendor-advisory
x_refsource_OPENPKG
x_transferred
http://lists.suse.com/archive/suse-security-announce/2007-May/0006.html
vendor-advisory
x_refsource_SUSE
x_transferred
http://secunia.com/advisories/25270
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.securityfocus.com/archive/1/468670/100/0/threaded
mailing-list
x_refsource_BUGTRAQ
x_transferred
http://www.vupen.com/english/advisories/2007/2281
vdb-entry
x_refsource_VUPEN
x_transferred
http://www.vupen.com/english/advisories/2007/2210
vdb-entry
x_refsource_VUPEN
x_transferred
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01078980
vendor-advisory
x_refsource_HP
x_transferred
http://www.trustix.org/errata/2007/0017/
vendor-advisory
x_refsource_TRUSTIX
x_transferred
http://www.securitytracker.com/id?1018049
vdb-entry
x_refsource_SECTRACK
x_transferred
http://www.ubuntu.com/usn/usn-460-1
vendor-advisory
x_refsource_UBUNTU
x_transferred
http://securityreason.com/securityalert/2701
third-party-advisory
x_refsource_SREASON
x_transferred
http://secunia.com/advisories/25241
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.mandriva.com/security/advisories?name=MDKSA-2007:104
vendor-advisory
x_refsource_MANDRIVA
x_transferred
http://secunia.com/advisories/25256
third-party-advisory
x_refsource_SECUNIA
x_transferred
https://issues.rpath.com/browse/RPL-1366
x_refsource_CONFIRM
x_transferred
http://secunia.com/advisories/25259
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.475906
vendor-advisory
x_refsource_SLACKWARE
x_transferred
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102964-1
vendor-advisory
x_refsource_SUNALERT
x_transferred
http://www.debian.org/security/2007/dsa-1291
vendor-advisory
x_refsource_DEBIAN
x_transferred
http://www.securityfocus.com/archive/1/468548/100/0/threaded
mailing-list
x_refsource_BUGTRAQ
x_transferred
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01078980
vendor-advisory
x_refsource_HP
x_transferred
http://secunia.com/advisories/25232
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://secunia.com/advisories/25251
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://sunsolve.sun.com/search/document.do?assetkey=1-66-200588-1
vendor-advisory
x_refsource_SUNALERT
x_transferred
http://www.ubuntu.com/usn/usn-460-2
vendor-advisory
x_refsource_UBUNTU
x_transferred
http://secunia.com/advisories/25246
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://osvdb.org/34698
vdb-entry
x_refsource_OSVDB
x_transferred
http://secunia.com/advisories/25255
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.samba.org/samba/security/CVE-2007-2444.html
x_refsource_CONFIRM
x_transferred
http://www.securityfocus.com/bid/23974
vdb-entry
x_refsource_BID
x_transferred
http://secunia.com/advisories/25675
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://security.gentoo.org/glsa/glsa-200705-15.xml
Resource:
vendor-advisory
x_refsource_GENTOO
x_transferred
Hyperlink: http://secunia.com/advisories/25289
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.vupen.com/english/advisories/2007/1805
Resource:
vdb-entry
x_refsource_VUPEN
x_transferred
Hyperlink: http://secunia.com/advisories/25772
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.012.html
Resource:
vendor-advisory
x_refsource_OPENPKG
x_transferred
Hyperlink: http://lists.suse.com/archive/suse-security-announce/2007-May/0006.html
Resource:
vendor-advisory
x_refsource_SUSE
x_transferred
Hyperlink: http://secunia.com/advisories/25270
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.securityfocus.com/archive/1/468670/100/0/threaded
Resource:
mailing-list
x_refsource_BUGTRAQ
x_transferred
Hyperlink: http://www.vupen.com/english/advisories/2007/2281
Resource:
vdb-entry
x_refsource_VUPEN
x_transferred
Hyperlink: http://www.vupen.com/english/advisories/2007/2210
Resource:
vdb-entry
x_refsource_VUPEN
x_transferred
Hyperlink: http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01078980
Resource:
vendor-advisory
x_refsource_HP
x_transferred
Hyperlink: http://www.trustix.org/errata/2007/0017/
Resource:
vendor-advisory
x_refsource_TRUSTIX
x_transferred
Hyperlink: http://www.securitytracker.com/id?1018049
Resource:
vdb-entry
x_refsource_SECTRACK
x_transferred
Hyperlink: http://www.ubuntu.com/usn/usn-460-1
Resource:
vendor-advisory
x_refsource_UBUNTU
x_transferred
Hyperlink: http://securityreason.com/securityalert/2701
Resource:
third-party-advisory
x_refsource_SREASON
x_transferred
Hyperlink: http://secunia.com/advisories/25241
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.mandriva.com/security/advisories?name=MDKSA-2007:104
Resource:
vendor-advisory
x_refsource_MANDRIVA
x_transferred
Hyperlink: http://secunia.com/advisories/25256
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: https://issues.rpath.com/browse/RPL-1366
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://secunia.com/advisories/25259
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.475906
Resource:
vendor-advisory
x_refsource_SLACKWARE
x_transferred
Hyperlink: http://sunsolve.sun.com/search/document.do?assetkey=1-26-102964-1
Resource:
vendor-advisory
x_refsource_SUNALERT
x_transferred
Hyperlink: http://www.debian.org/security/2007/dsa-1291
Resource:
vendor-advisory
x_refsource_DEBIAN
x_transferred
Hyperlink: http://www.securityfocus.com/archive/1/468548/100/0/threaded
Resource:
mailing-list
x_refsource_BUGTRAQ
x_transferred
Hyperlink: http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01078980
Resource:
vendor-advisory
x_refsource_HP
x_transferred
Hyperlink: http://secunia.com/advisories/25232
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://secunia.com/advisories/25251
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://sunsolve.sun.com/search/document.do?assetkey=1-66-200588-1
Resource:
vendor-advisory
x_refsource_SUNALERT
x_transferred
Hyperlink: http://www.ubuntu.com/usn/usn-460-2
Resource:
vendor-advisory
x_refsource_UBUNTU
x_transferred
Hyperlink: http://secunia.com/advisories/25246
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://osvdb.org/34698
Resource:
vdb-entry
x_refsource_OSVDB
x_transferred
Hyperlink: http://secunia.com/advisories/25255
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.samba.org/samba/security/CVE-2007-2444.html
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://www.securityfocus.com/bid/23974
Resource:
vdb-entry
x_refsource_BID
x_transferred
Hyperlink: http://secunia.com/advisories/25675
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Information is not available yet
â–¼National Vulnerability Database (NVD)
nvd.nist.gov
Source:secalert@redhat.com
Published At:14 May, 2007 | 21:19
Updated At:23 Apr, 2026 | 00:35

Logic error in the SID/Name translation functionality in smbd in Samba 3.0.23d through 3.0.25pre2 allows local users to gain temporary privileges and execute SMB/CIFS protocol operations via unspecified vectors that cause the daemon to transition to the root user.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary2.07.2HIGH
AV:L/AC:L/Au:N/C:C/I:C/A:C
Type: Primary
Version: 2.0
Base score: 7.2
Base severity: HIGH
Vector:
AV:L/AC:L/Au:N/C:C/I:C/A:C
CPE Matches

Samba
samba
>>samba>>3.0.23d
cpe:2.3:a:samba:samba:3.0.23d:*:*:*:*:*:*:*
Samba
samba
>>samba>>3.0.24
cpe:2.3:a:samba:samba:3.0.24:*:*:*:*:*:*:*
Samba
samba
>>samba>>3.0.25
cpe:2.3:a:samba:samba:3.0.25:pre2:*:*:*:*:*:*
Debian GNU/Linux
debian
>>debian_linux>>4.0
cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*
Debian GNU/Linux
debian
>>debian_linux>>5.0
cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*
Canonical Ltd.
canonical
>>ubuntu_linux>>6.06
cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:*
Canonical Ltd.
canonical
>>ubuntu_linux>>6.10
cpe:2.3:o:canonical:ubuntu_linux:6.10:*:*:*:*:*:*:*
Canonical Ltd.
canonical
>>ubuntu_linux>>7.04
cpe:2.3:o:canonical:ubuntu_linux:7.04:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-269Primarynvd@nist.gov
CWE ID: CWE-269
Type: Primary
Source: nvd@nist.gov
Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

Organization : Red Hat
Last Modified : 2007-05-15T00:00:00

Not vulnerable. These issues did not affect the versions of Samba as shipped with Red Hat Enterprise Linux 2.1, 3, 4, or 5.

References
HyperlinkSourceResource
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01078980secalert@redhat.com
Broken Link
http://lists.suse.com/archive/suse-security-announce/2007-May/0006.htmlsecalert@redhat.com
Mailing List
Third Party Advisory
http://osvdb.org/34698secalert@redhat.com
Broken Link
http://secunia.com/advisories/25232secalert@redhat.com
Third Party Advisory
http://secunia.com/advisories/25241secalert@redhat.com
Third Party Advisory
http://secunia.com/advisories/25246secalert@redhat.com
Third Party Advisory
http://secunia.com/advisories/25251secalert@redhat.com
Third Party Advisory
http://secunia.com/advisories/25255secalert@redhat.com
Third Party Advisory
http://secunia.com/advisories/25256secalert@redhat.com
Third Party Advisory
http://secunia.com/advisories/25259secalert@redhat.com
Third Party Advisory
http://secunia.com/advisories/25270secalert@redhat.com
Third Party Advisory
http://secunia.com/advisories/25289secalert@redhat.com
Third Party Advisory
http://secunia.com/advisories/25675secalert@redhat.com
Third Party Advisory
http://secunia.com/advisories/25772secalert@redhat.com
Third Party Advisory
http://security.gentoo.org/glsa/glsa-200705-15.xmlsecalert@redhat.com
Third Party Advisory
http://securityreason.com/securityalert/2701secalert@redhat.com
Third Party Advisory
http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.475906secalert@redhat.com
Mailing List
Third Party Advisory
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102964-1secalert@redhat.com
Broken Link
http://sunsolve.sun.com/search/document.do?assetkey=1-66-200588-1secalert@redhat.com
Broken Link
http://www.debian.org/security/2007/dsa-1291secalert@redhat.com
Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDKSA-2007:104secalert@redhat.com
Broken Link
http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.012.htmlsecalert@redhat.com
Third Party Advisory
http://www.samba.org/samba/security/CVE-2007-2444.htmlsecalert@redhat.com
Patch
Vendor Advisory
http://www.securityfocus.com/archive/1/468548/100/0/threadedsecalert@redhat.com
Third Party Advisory
VDB Entry
http://www.securityfocus.com/archive/1/468670/100/0/threadedsecalert@redhat.com
Third Party Advisory
VDB Entry
http://www.securityfocus.com/bid/23974secalert@redhat.com
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id?1018049secalert@redhat.com
Third Party Advisory
VDB Entry
http://www.trustix.org/errata/2007/0017/secalert@redhat.com
Broken Link
http://www.ubuntu.com/usn/usn-460-1secalert@redhat.com
Third Party Advisory
http://www.ubuntu.com/usn/usn-460-2secalert@redhat.com
Third Party Advisory
http://www.vupen.com/english/advisories/2007/1805secalert@redhat.com
Permissions Required
http://www.vupen.com/english/advisories/2007/2210secalert@redhat.com
Permissions Required
http://www.vupen.com/english/advisories/2007/2281secalert@redhat.com
Permissions Required
https://issues.rpath.com/browse/RPL-1366secalert@redhat.com
Broken Link
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01078980af854a3a-2127-422b-91ae-364da2661108
Broken Link
http://lists.suse.com/archive/suse-security-announce/2007-May/0006.htmlaf854a3a-2127-422b-91ae-364da2661108
Mailing List
Third Party Advisory
http://osvdb.org/34698af854a3a-2127-422b-91ae-364da2661108
Broken Link
http://secunia.com/advisories/25232af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://secunia.com/advisories/25241af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://secunia.com/advisories/25246af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://secunia.com/advisories/25251af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://secunia.com/advisories/25255af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://secunia.com/advisories/25256af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://secunia.com/advisories/25259af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://secunia.com/advisories/25270af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://secunia.com/advisories/25289af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://secunia.com/advisories/25675af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://secunia.com/advisories/25772af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://security.gentoo.org/glsa/glsa-200705-15.xmlaf854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://securityreason.com/securityalert/2701af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.475906af854a3a-2127-422b-91ae-364da2661108
Mailing List
Third Party Advisory
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102964-1af854a3a-2127-422b-91ae-364da2661108
Broken Link
http://sunsolve.sun.com/search/document.do?assetkey=1-66-200588-1af854a3a-2127-422b-91ae-364da2661108
Broken Link
http://www.debian.org/security/2007/dsa-1291af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDKSA-2007:104af854a3a-2127-422b-91ae-364da2661108
Broken Link
http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.012.htmlaf854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.samba.org/samba/security/CVE-2007-2444.htmlaf854a3a-2127-422b-91ae-364da2661108
Patch
Vendor Advisory
http://www.securityfocus.com/archive/1/468548/100/0/threadedaf854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
VDB Entry
http://www.securityfocus.com/archive/1/468670/100/0/threadedaf854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
VDB Entry
http://www.securityfocus.com/bid/23974af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id?1018049af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
VDB Entry
http://www.trustix.org/errata/2007/0017/af854a3a-2127-422b-91ae-364da2661108
Broken Link
http://www.ubuntu.com/usn/usn-460-1af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.ubuntu.com/usn/usn-460-2af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.vupen.com/english/advisories/2007/1805af854a3a-2127-422b-91ae-364da2661108
Permissions Required
http://www.vupen.com/english/advisories/2007/2210af854a3a-2127-422b-91ae-364da2661108
Permissions Required
http://www.vupen.com/english/advisories/2007/2281af854a3a-2127-422b-91ae-364da2661108
Permissions Required
https://issues.rpath.com/browse/RPL-1366af854a3a-2127-422b-91ae-364da2661108
Broken Link
Hyperlink: http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01078980
Source: secalert@redhat.com
Resource:
Broken Link
Hyperlink: http://lists.suse.com/archive/suse-security-announce/2007-May/0006.html
Source: secalert@redhat.com
Resource:
Mailing List
Third Party Advisory
Hyperlink: http://osvdb.org/34698
Source: secalert@redhat.com
Resource:
Broken Link
Hyperlink: http://secunia.com/advisories/25232
Source: secalert@redhat.com
Resource:
Third Party Advisory
Hyperlink: http://secunia.com/advisories/25241
Source: secalert@redhat.com
Resource:
Third Party Advisory
Hyperlink: http://secunia.com/advisories/25246
Source: secalert@redhat.com
Resource:
Third Party Advisory
Hyperlink: http://secunia.com/advisories/25251
Source: secalert@redhat.com
Resource:
Third Party Advisory
Hyperlink: http://secunia.com/advisories/25255
Source: secalert@redhat.com
Resource:
Third Party Advisory
Hyperlink: http://secunia.com/advisories/25256
Source: secalert@redhat.com
Resource:
Third Party Advisory
Hyperlink: http://secunia.com/advisories/25259
Source: secalert@redhat.com
Resource:
Third Party Advisory
Hyperlink: http://secunia.com/advisories/25270
Source: secalert@redhat.com
Resource:
Third Party Advisory
Hyperlink: http://secunia.com/advisories/25289
Source: secalert@redhat.com
Resource:
Third Party Advisory
Hyperlink: http://secunia.com/advisories/25675
Source: secalert@redhat.com
Resource:
Third Party Advisory
Hyperlink: http://secunia.com/advisories/25772
Source: secalert@redhat.com
Resource:
Third Party Advisory
Hyperlink: http://security.gentoo.org/glsa/glsa-200705-15.xml
Source: secalert@redhat.com
Resource:
Third Party Advisory
Hyperlink: http://securityreason.com/securityalert/2701
Source: secalert@redhat.com
Resource:
Third Party Advisory
Hyperlink: http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.475906
Source: secalert@redhat.com
Resource:
Mailing List
Third Party Advisory
Hyperlink: http://sunsolve.sun.com/search/document.do?assetkey=1-26-102964-1
Source: secalert@redhat.com
Resource:
Broken Link
Hyperlink: http://sunsolve.sun.com/search/document.do?assetkey=1-66-200588-1
Source: secalert@redhat.com
Resource:
Broken Link
Hyperlink: http://www.debian.org/security/2007/dsa-1291
Source: secalert@redhat.com
Resource:
Third Party Advisory
Hyperlink: http://www.mandriva.com/security/advisories?name=MDKSA-2007:104
Source: secalert@redhat.com
Resource:
Broken Link
Hyperlink: http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.012.html
Source: secalert@redhat.com
Resource:
Third Party Advisory
Hyperlink: http://www.samba.org/samba/security/CVE-2007-2444.html
Source: secalert@redhat.com
Resource:
Patch
Vendor Advisory
Hyperlink: http://www.securityfocus.com/archive/1/468548/100/0/threaded
Source: secalert@redhat.com
Resource:
Third Party Advisory
VDB Entry
Hyperlink: http://www.securityfocus.com/archive/1/468670/100/0/threaded
Source: secalert@redhat.com
Resource:
Third Party Advisory
VDB Entry
Hyperlink: http://www.securityfocus.com/bid/23974
Source: secalert@redhat.com
Resource:
Third Party Advisory
VDB Entry
Hyperlink: http://www.securitytracker.com/id?1018049
Source: secalert@redhat.com
Resource:
Third Party Advisory
VDB Entry
Hyperlink: http://www.trustix.org/errata/2007/0017/
Source: secalert@redhat.com
Resource:
Broken Link
Hyperlink: http://www.ubuntu.com/usn/usn-460-1
Source: secalert@redhat.com
Resource:
Third Party Advisory
Hyperlink: http://www.ubuntu.com/usn/usn-460-2
Source: secalert@redhat.com
Resource:
Third Party Advisory
Hyperlink: http://www.vupen.com/english/advisories/2007/1805
Source: secalert@redhat.com
Resource:
Permissions Required
Hyperlink: http://www.vupen.com/english/advisories/2007/2210
Source: secalert@redhat.com
Resource:
Permissions Required
Hyperlink: http://www.vupen.com/english/advisories/2007/2281
Source: secalert@redhat.com
Resource:
Permissions Required
Hyperlink: https://issues.rpath.com/browse/RPL-1366
Source: secalert@redhat.com
Resource:
Broken Link
Hyperlink: http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c01078980
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Broken Link
Hyperlink: http://lists.suse.com/archive/suse-security-announce/2007-May/0006.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Mailing List
Third Party Advisory
Hyperlink: http://osvdb.org/34698
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Broken Link
Hyperlink: http://secunia.com/advisories/25232
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: http://secunia.com/advisories/25241
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: http://secunia.com/advisories/25246
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: http://secunia.com/advisories/25251
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: http://secunia.com/advisories/25255
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: http://secunia.com/advisories/25256
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: http://secunia.com/advisories/25259
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: http://secunia.com/advisories/25270
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: http://secunia.com/advisories/25289
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: http://secunia.com/advisories/25675
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: http://secunia.com/advisories/25772
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: http://security.gentoo.org/glsa/glsa-200705-15.xml
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: http://securityreason.com/securityalert/2701
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: http://slackware.com/security/viewer.php?l=slackware-security&y=2007&m=slackware-security.475906
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Mailing List
Third Party Advisory
Hyperlink: http://sunsolve.sun.com/search/document.do?assetkey=1-26-102964-1
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Broken Link
Hyperlink: http://sunsolve.sun.com/search/document.do?assetkey=1-66-200588-1
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Broken Link
Hyperlink: http://www.debian.org/security/2007/dsa-1291
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: http://www.mandriva.com/security/advisories?name=MDKSA-2007:104
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Broken Link
Hyperlink: http://www.openpkg.com/security/advisories/OpenPKG-SA-2007.012.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: http://www.samba.org/samba/security/CVE-2007-2444.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Vendor Advisory
Hyperlink: http://www.securityfocus.com/archive/1/468548/100/0/threaded
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
VDB Entry
Hyperlink: http://www.securityfocus.com/archive/1/468670/100/0/threaded
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
VDB Entry
Hyperlink: http://www.securityfocus.com/bid/23974
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
VDB Entry
Hyperlink: http://www.securitytracker.com/id?1018049
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
VDB Entry
Hyperlink: http://www.trustix.org/errata/2007/0017/
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Broken Link
Hyperlink: http://www.ubuntu.com/usn/usn-460-1
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: http://www.ubuntu.com/usn/usn-460-2
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: http://www.vupen.com/english/advisories/2007/1805
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Permissions Required
Hyperlink: http://www.vupen.com/english/advisories/2007/2210
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Permissions Required
Hyperlink: http://www.vupen.com/english/advisories/2007/2281
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Permissions Required
Hyperlink: https://issues.rpath.com/browse/RPL-1366
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Broken Link

Change History

0
Information is not available yet

Similar CVEs

650Records found

CVE-2019-19807
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.55% / 42.00%
||
7 Day CHG~0.00%
Published-15 Dec, 2019 | 22:59
Updated-05 Aug, 2024 | 02:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In the Linux kernel before 5.3.11, sound/core/timer.c has a use-after-free caused by erroneous code refactoring, aka CID-e7af6307a8a5. This is related to snd_timer_open and snd_timer_close_locked. The timeri variable was originally intended to be for a newly created timer instance, but was used for a different purpose after refactoring.

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncCanonical Ltd.
Product-ubuntu_linuxlinux_kerneln/a
CWE ID-CWE-416
Use After Free
CVE-2019-1999
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-8
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-7.8||HIGH
EPSS-0.79% / 51.70%
||
7 Day CHG~0.00%
Published-28 Feb, 2019 | 17:00
Updated-17 Sep, 2024 | 03:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In binder_alloc_free_page of binder_alloc.c, there is a possible double free due to improper locking. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android kernel. Android ID: A-120025196.

Action-Not Available
Vendor-Canonical Ltd.AndroidGoogle LLCDebian GNU/Linux
Product-androiddebian_linuxubuntu_linuxAndroid
CWE ID-CWE-415
Double Free
CVE-2007-2839
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.77% / 51.24%
||
7 Day CHG~0.00%
Published-05 Jul, 2007 | 21:00
Updated-23 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

gfax 0.4.2 and probably other versions creates temporary files insecurely, which allows local users to execute arbitrary commands via unknown vectors.

Action-Not Available
Vendor-n/aDebian GNU/Linux
Product-gfaxn/a
CVE-2019-18198
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.46% / 36.34%
||
7 Day CHG~0.00%
Published-18 Oct, 2019 | 21:07
Updated-05 Aug, 2024 | 01:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In the Linux kernel before 5.3.4, a reference count usage error in the fib6_rule_suppress() function in the fib6 suppression feature of net/ipv6/fib6_rules.c, when handling the FIB_LOOKUP_NOREF flag, can be exploited by a local attacker to corrupt memory, aka CID-ca7a03c41753.

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncCanonical Ltd.
Product-ubuntu_linuxlinux_kerneln/a
CWE ID-CWE-772
Missing Release of Resource after Effective Lifetime
CVE-2017-7889
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.31% / 22.53%
||
7 Day CHG~0.00%
Published-17 Apr, 2017 | 00:00
Updated-13 May, 2026 | 00:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The mm subsystem in the Linux kernel through 3.2 does not properly enforce the CONFIG_STRICT_DEVMEM protection mechanism, which allows local users to read or write to kernel memory locations in the first megabyte (and bypass slab-allocation access restrictions) via an application that opens the /dev/mem file, related to arch/x86/mm/init.c and drivers/char/mem.c.

Action-Not Available
Vendor-n/aCanonical Ltd.Debian GNU/LinuxLinux Kernel Organization, Inc
Product-debian_linuxubuntu_linuxlinux_kerneln/a
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2017-8064
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.36% / 27.80%
||
7 Day CHG~0.00%
Published-23 Apr, 2017 | 05:37
Updated-13 May, 2026 | 00:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

drivers/media/usb/dvb-usb-v2/dvb_usb_core.c in the Linux kernel 4.9.x and 4.10.x before 4.10.12 interacts incorrectly with the CONFIG_VMAP_STACK option, which allows local users to cause a denial of service (system crash or memory corruption) or possibly have unspecified other impact by leveraging use of more than one virtual page for a DMA scatterlist.

Action-Not Available
Vendor-n/aDebian GNU/LinuxLinux Kernel Organization, Inc
Product-debian_linuxlinux_kerneln/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2017-17854
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.39% / 30.84%
||
7 Day CHG~0.00%
Published-23 Dec, 2017 | 04:00
Updated-13 May, 2026 | 00:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

kernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows local users to cause a denial of service (integer overflow and memory corruption) or possibly have unspecified other impact by leveraging unrestricted integer values for pointer arithmetic.

Action-Not Available
Vendor-n/aDebian GNU/LinuxLinux Kernel Organization, Inc
Product-debian_linuxlinux_kerneln/a
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2017-17857
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.39% / 31.26%
||
7 Day CHG~0.00%
Published-23 Dec, 2017 | 04:00
Updated-13 May, 2026 | 00:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The check_stack_boundary function in kernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows local users to cause a denial of service (memory corruption) or possibly have unspecified other impact by leveraging mishandling of invalid variable stack read operations.

Action-Not Available
Vendor-n/aDebian GNU/LinuxLinux Kernel Organization, Inc
Product-debian_linuxlinux_kerneln/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2014-1529
Matching Score-6
Assigner-Mozilla Corporation
ShareView Details
Matching Score-6
Assigner-Mozilla Corporation
CVSS Score-8.8||HIGH
EPSS-3.75% / 88.55%
||
7 Day CHG~0.00%
Published-30 Apr, 2014 | 10:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Web Notification API in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote attackers to bypass intended source-component restrictions and execute arbitrary JavaScript code in a privileged context via a crafted web page for which Notification.permission is granted.

Action-Not Available
Vendor-n/aCanonical Ltd.openSUSESUSERed Hat, Inc.Mozilla CorporationDebian GNU/LinuxFedora Project
Product-thunderbirddebian_linuxfirefoxubuntu_linuxseamonkeyenterprise_linux_serverenterprise_linux_workstationsuse_linux_enterprise_serverenterprise_linux_server_tusenterprise_linux_desktopenterprise_linux_server_eusfedoraenterprise_linux_server_ausenterprise_linux_eusopensusen/a
CWE ID-CWE-269
Improper Privilege Management
CVE-2014-1511
Matching Score-6
Assigner-Mozilla Corporation
ShareView Details
Matching Score-6
Assigner-Mozilla Corporation
CVSS Score-9.8||CRITICAL
EPSS-83.63% / 99.65%
||
7 Day CHG~0.00%
Published-19 Mar, 2014 | 10:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allow remote attackers to bypass the popup blocker via unspecified vectors.

Action-Not Available
Vendor-n/aCanonical Ltd.openSUSESUSERed Hat, Inc.Mozilla CorporationDebian GNU/Linux
Product-thunderbirdsuse_linux_enterprise_software_development_kitdebian_linuxubuntu_linuxseamonkeyenterprise_linux_server_tusenterprise_linux_desktopenterprise_linux_server_eusenterprise_linux_server_ausfirefoxenterprise_linux_serverenterprise_linux_workstationsuse_linux_enterprise_serverenterprise_linux_eussuse_linux_enterprise_desktopopensusen/a
CWE ID-CWE-269
Improper Privilege Management
CVE-2014-1526
Matching Score-6
Assigner-Mozilla Corporation
ShareView Details
Matching Score-6
Assigner-Mozilla Corporation
CVSS Score-6.8||MEDIUM
EPSS-1.82% / 76.18%
||
7 Day CHG~0.00%
Published-30 Apr, 2014 | 10:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The XrayWrapper implementation in Mozilla Firefox before 29.0 and SeaMonkey before 2.26 allows user-assisted remote attackers to bypass intended access restrictions via a crafted web site that is visited in the debugger, leading to unwrapping operations and calls to DOM methods on the unwrapped objects.

Action-Not Available
Vendor-n/aCanonical Ltd.openSUSEMozilla CorporationFedora Project
Product-firefoxubuntu_linuxseamonkeyfedoraopensusen/a
CWE ID-CWE-269
Improper Privilege Management
CVE-2013-7421
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-2.1||LOW
EPSS-0.72% / 49.23%
||
7 Day CHG+0.01%
Published-02 Mar, 2015 | 11:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Crypto API in the Linux kernel before 3.18.5 allows local users to load arbitrary kernel modules via a bind system call for an AF_ALG socket with a module name in the salg_name field, a different vulnerability than CVE-2014-9644.

Action-Not Available
Vendor-n/aCanonical Ltd.Oracle CorporationLinux Kernel Organization, IncDebian GNU/Linux
Product-debian_linuxubuntu_linuxlinuxlinux_kerneln/a
CWE ID-CWE-269
Improper Privilege Management
CVE-2013-4251
Matching Score-6
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-6
Assigner-Red Hat, Inc.
CVSS Score-7.8||HIGH
EPSS-0.43% / 34.36%
||
7 Day CHG~0.00%
Published-04 Nov, 2019 | 19:21
Updated-06 Aug, 2024 | 16:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The scipy.weave component in SciPy before 0.12.1 creates insecure temporary directories.

Action-Not Available
Vendor-scipySciPyDebian GNU/LinuxRed Hat, Inc.Fedora Project
Product-scipydebian_linuxfedoraenterprise_linuxSciPy
CWE ID-CWE-269
Improper Privilege Management
CVE-2020-25595
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.37% / 29.31%
||
7 Day CHG~0.00%
Published-23 Sep, 2020 | 21:01
Updated-04 Aug, 2024 | 15:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in Xen through 4.14.x. The PCI passthrough code improperly uses register data. Code paths in Xen's MSI handling have been identified that act on unsanitized values read back from device hardware registers. While devices strictly compliant with PCI specifications shouldn't be able to affect these registers, experience shows that it's very common for devices to have out-of-spec "backdoor" operations that can affect the result of these reads. A not fully trusted guest may be able to crash Xen, leading to a Denial of Service (DoS) for the entire system. Privilege escalation and information leaks cannot be excluded. All versions of Xen supporting PCI passthrough are affected. Only x86 systems are vulnerable. Arm systems are not vulnerable. Only guests with passed through PCI devices may be able to leverage the vulnerability. Only systems passing through devices with out-of-spec ("backdoor") functionality can cause issues. Experience shows that such out-of-spec functionality is common; unless you have reason to believe that your device does not have such functionality, it's better to assume that it does.

Action-Not Available
Vendor-n/aFedora ProjectDebian GNU/LinuxopenSUSEXen Project
Product-xendebian_linuxfedoraleapn/a
CWE ID-CWE-269
Improper Privilege Management
CVE-2022-41974
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.61% / 44.68%
||
7 Day CHG~0.00%
Published-29 Oct, 2022 | 00:00
Updated-03 Aug, 2024 | 12:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

multipath-tools 0.7.0 through 0.9.x before 0.9.2 allows local users to obtain root access, as exploited alone or in conjunction with CVE-2022-41973. Local users able to write to UNIX domain sockets can bypass access controls and manipulate the multipath setup. This can lead to local privilege escalation to root. This occurs because an attacker can repeat a keyword, which is mishandled because arithmetic ADD is used instead of bitwise OR.

Action-Not Available
Vendor-opensvcn/aDebian GNU/LinuxFedora Project
Product-fedoradebian_linuxmultipath-toolsn/a
CWE ID-CWE-269
Improper Privilege Management
CVE-2013-2016
Matching Score-6
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-6
Assigner-Red Hat, Inc.
CVSS Score-7.8||HIGH
EPSS-0.51% / 39.45%
||
7 Day CHG~0.00%
Published-30 Dec, 2019 | 21:47
Updated-06 Aug, 2024 | 15:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A flaw was found in the way qemu v1.3.0 and later (virtio-rng) validates addresses when guest accesses the config space of a virtio device. If the virtio device has zero/small sized config space, such as virtio-rng, a privileged guest user could use this flaw to access the matching host's qemu address space and thus increase their privileges on the host.

Action-Not Available
Vendor-Debian GNU/LinuxQEMUNovell
Product-open_enterprise_serverdebian_linuxqemuopen_desktop_serverqemu (virtio-rng)
CWE ID-CWE-269
Improper Privilege Management
CVE-2020-12689
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-1.56% / 72.25%
||
7 Day CHG~0.00%
Published-06 May, 2020 | 23:43
Updated-04 Aug, 2024 | 12:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in OpenStack Keystone before 15.0.1, and 16.0.0. Any user authenticated within a limited scope (trust/oauth/application credential) can create an EC2 credential with an escalated permission, such as obtaining admin while the user is on a limited viewer role. This potentially allows a malicious user to act as the admin on a project another user has the admin role on, which can effectively grant that user global admin privileges.

Action-Not Available
Vendor-n/aCanonical Ltd.OpenStack
Product-ubuntu_linuxkeystonen/a
CWE ID-CWE-269
Improper Privilege Management
CVE-2022-39286
Matching Score-6
Assigner-GitHub, Inc.
ShareView Details
Matching Score-6
Assigner-GitHub, Inc.
CVSS Score-8.8||HIGH
EPSS-1.06% / 60.30%
||
7 Day CHG~0.00%
Published-26 Oct, 2022 | 00:00
Updated-23 Apr, 2025 | 16:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Execution with Unnecessary Privileges in JupyterApp

Jupyter Core is a package for the core common functionality of Jupyter projects. Jupyter Core prior to version 4.11.2 contains an arbitrary code execution vulnerability in `jupyter_core` that stems from `jupyter_core` executing untrusted files in CWD. This vulnerability allows one user to run code as another. Version 4.11.2 contains a patch for this issue. There are no known workarounds.

Action-Not Available
Vendor-jupyterjupyterFedora ProjectDebian GNU/Linux
Product-debian_linuxfedorajupyter_corejupyter_core
CWE ID-CWE-250
Execution with Unnecessary Privileges
CWE ID-CWE-269
Improper Privilege Management
CWE ID-CWE-427
Uncontrolled Search Path Element
CVE-2012-1104
Matching Score-6
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-6
Assigner-Red Hat, Inc.
CVSS Score-5.3||MEDIUM
EPSS-1.71% / 74.58%
||
7 Day CHG~0.00%
Published-05 Dec, 2019 | 17:49
Updated-06 Aug, 2024 | 18:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A Security Bypass vulnerability exists in the phpCAS 1.2.2 library from the jasig project due to the way proxying of services are managed.

Action-Not Available
Vendor-apereojasig projectLinux Kernel Organization, IncDebian GNU/Linux
Product-phpcasdebian_linuxlinux_kernelphpCAS
CWE ID-CWE-269
Improper Privilege Management
CVE-2022-3088
Matching Score-6
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-6
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-7.8||HIGH
EPSS-0.19% / 8.59%
||
7 Day CHG~0.00%
Published-22 Nov, 2022 | 00:00
Updated-16 Apr, 2025 | 17:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

UC-8100A-ME-T System Image: Versions v1.0 to v1.6, UC-2100 System Image: Versions v1.0 to v1.12, UC-2100-W System Image: Versions v1.0 to v 1.12, UC-3100 System Image: Versions v1.0 to v1.6, UC-5100 System Image: Versions v1.0 to v1.4, UC-8100 System Image: Versions v3.0 to v3.5, UC-8100-ME-T System Image: Versions v3.0 and v3.1, UC-8200 System Image: v1.0 to v1.5, AIG-300 System Image: v1.0 to v1.4, UC-8410A with Debian 9 System Image: Versions v4.0.2 and v4.1.2, UC-8580 with Debian 9 System Image: Versions v2.0 and v2.1, UC-8540 with Debian 9 System Image: Versions v2.0 and v2.1, and DA-662C-16-LX (GLB) System Image: Versions v1.0.2 to v1.1.2 of Moxa's ARM-based computers have an execution with unnecessary privileges vulnerability, which could allow an attacker with user-level privileges to gain root privileges.

Action-Not Available
Vendor-Moxa Inc.Debian GNU/Linux
Product-uc-8540-lxaig-301-t-azu-lx_firmwareuc-8220-t-lxaig-301-ap-azu-lxuc-2102-t-lxuc-8540-t-ct-lxda-662c-16-lxuc-8112-me-t-lx1aig-301-us-azu-lxaig-301-cn-azu-lxuc-8540-t-ct-lx_firmwareuc-8580-t-lxuc-2102-lx_firmwareuc-3121-t-us-lxaig-301-eu-azu-lxuc-8580-t-ct-lx_firmwareuc-5111-lxuc-2112-lxuc-8112-me-t-lx1_firmwareuc-3111-t-eu-lxaig-301-eu-azu-lx_firmwaredebian_linuxuc-3111-t-eu-lx-nw_firmwareuc-5112-t-lx_firmwareuc-3121-t-us-lx_firmwareuc-8112a-me-t-lxuc-8162-lxaig-301-ap-azu-lx_firmwareuc-2104-lxaig-301-t-ap-azu-lx_firmwareuc-8162-lx_firmwareuc-8112-me-t-lxuc-5112-t-lxuc-3111-t-us-lxuc-8410a-lxuc-3101-t-us-lx_firmwareuc-5112-lxuc-8580-q-lx_firmwareuc-5102-t-lx_firmwareuc-8580-lx_firmwareuc-5102-lx_firmwareuc-8112-lxuc-3111-t-ap-lx-nwuc-3121-t-eu-lxuc-8220-t-lx-eu-saig-301-cn-azu-lx_firmwareuc-2101-lxuc-8220-t-lx-us-suc-3121-t-eu-lx_firmwareuc-3101-t-ap-lx_firmwareuc-8220-t-lx-ap-suc-8131-lx_firmwareuc-3111-t-ap-lx_firmwareuc-8410a-t-lxaig-301-t-us-azu-lx_firmwareuc-2102-lxuc-8132-lxuc-8220-t-lx-suc-3121-t-ap-lxuc-2116-t-lx_firmwareaig-301-t-eu-azu-lx_firmwareaig-301-t-ap-azu-lxuc-8220-t-lx-s_firmwareuc-2111-lx_firmwareuc-3111-t-us-lx-nwuc-8580-t-ct-lxuc-8131-lxuc-5101-t-lxuc-2114-t-lxuc-8112-lx_firmwareuc-3121-t-ap-lx_firmwareuc-8540-t-lxaig-301-t-azu-lxaig-301-t-us-azu-lxuc-8220-t-lx_firmwareaig-301-us-azu-lx_firmwareuc-8410a-t-lx_firmwareuc-8580-t-lx_firmwareuc-3111-t-eu-lx_firmwareuc-8220-t-lx-eu-s_firmwareaig-301-t-eu-azu-lxuc-3101-t-ap-lxuc-8132-lx_firmwareuc-5111-t-lx_firmwareuc-8580-q-lxuc-5111-t-lxuc-8410a-nw-t-lxuc-3111-t-eu-lx-nwuc-3101-t-eu-lx_firmwareuc-2102-t-lx_firmwareuc-5102-lxuc-3111-t-ap-lxuc-5101-lx_firmwareuc-2104-lx_firmwareuc-8220-t-lx-us-s_firmwareuc-8410a-lx_firmwareuc-3101-t-us-lxda-662c-16-lx_firmwareuc-5111-lx_firmwareuc-8580-t-q-lx_firmwareuc-5102-t-lxuc-8580-lxuc-8220-t-lx-ap-s_firmwareuc-2114-t-lx_firmwareuc-8580-t-ct-q-lx_firmwareuc-3111-t-ap-lx-nw_firmwareuc-3111-t-us-lx_firmwareuc-5112-lx_firmwareuc-3101-t-eu-lxuc-8112a-me-t-lx_firmwareaig-301-t-cn-azu-lx_firmwareuc-8580-t-ct-q-lxaig-301-azu-lxuc-5101-t-lx_firmwareuc-8580-t-q-lxuc-5101-lxaig-301-t-cn-azu-lxuc-2112-lx_firmwareaig-301-azu-lx_firmwareuc-8410a-nw-t-lx_firmwareuc-2101-lx_firmwareuc-8540-lx_firmwareuc-8410a-nw-lx_firmwareuc-8112-me-t-lx_firmwareuc-8410a-nw-lxuc-2111-lxuc-3111-t-us-lx-nw_firmwareuc-2116-t-lxuc-8540-t-lx_firmwareUC-8580 with Debian 9 System ImageUC-8100 System ImageUC-2100-W System ImageUC-8100-ME-T System ImageDA-662C-16-LX (GLB) System ImageUC-2100 System ImageUC-8100A-ME-T System ImaageUC-8540 with Debian 9 System ImageUC-3100 System ImageUC-8200 System ImageAIG-300 System ImageUC-5100 System ImageUC-8410A with Debian 9 System Image
CWE ID-CWE-250
Execution with Unnecessary Privileges
CWE ID-CWE-269
Improper Privilege Management
CVE-2022-31676
Matching Score-6
Assigner-VMware by Broadcom
ShareView Details
Matching Score-6
Assigner-VMware by Broadcom
CVSS Score-7.8||HIGH
EPSS-0.54% / 41.47%
||
7 Day CHG~0.00%
Published-23 Aug, 2022 | 00:00
Updated-03 Aug, 2024 | 07:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

VMware Tools (12.0.0, 11.x.y and 10.x.y) contains a local privilege escalation vulnerability. A malicious actor with local non-administrative access to the Guest OS can escalate privileges as a root user in the virtual machine.

Action-Not Available
Vendor-n/aFedora ProjectVMware (Broadcom Inc.)Microsoft CorporationLinux Kernel Organization, IncNetApp, Inc.Debian GNU/Linux
Product-debian_linuxlinux_kernelontap_select_deploy_administration_utilityfedoratoolswindowsVMware Tools
CWE ID-CWE-269
Improper Privilege Management
CVE-2010-4664
Matching Score-6
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-6
Assigner-Red Hat, Inc.
CVSS Score-8.8||HIGH
EPSS-1.21% / 64.65%
||
7 Day CHG~0.00%
Published-13 Nov, 2019 | 21:43
Updated-07 Aug, 2024 | 03:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In ConsoleKit before 0.4.2, an intended security policy restriction bypass was found. This flaw allows an authenticated system user to escalate their privileges by initiating a remote VNC session.

Action-Not Available
Vendor-consolekit_projectconsolekitDebian GNU/LinuxRed Hat, Inc.
Product-consolekitdebian_linuxenterprise_linuxconsolekit
CWE ID-CWE-269
Improper Privilege Management
CVE-2019-15790
Matching Score-6
Assigner-Canonical Ltd.
ShareView Details
Matching Score-6
Assigner-Canonical Ltd.
CVSS Score-2.8||LOW
EPSS-0.48% / 38.19%
||
7 Day CHG~0.00%
Published-27 Apr, 2020 | 23:25
Updated-03 Nov, 2025 | 20:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Apport reads PID files with elevated privileges

Apport reads and writes information on a crashed process to /proc/pid with elevated privileges. Apport then determines which user the crashed process belongs to by reading /proc/pid through get_pid_info() in data/apport. An unprivileged user could exploit this to read information about a privileged running process by exploiting PID recycling. This information could then be used to obtain ASLR offsets for a process with an existing memory corruption vulnerability. The initial fix introduced regressions in the Python Apport library due to a missing argument in Report.add_proc_environ in apport/report.py. It also caused an autopkgtest failure when reading /proc/pid and with Python 2 compatibility by reading /proc maps. The initial and subsequent regression fixes are in 2.20.11-0ubuntu16, 2.20.11-0ubuntu8.6, 2.20.9-0ubuntu7.12, 2.20.1-0ubuntu2.22 and 2.14.1-0ubuntu3.29+esm3.

Action-Not Available
Vendor-apport_projectCanonical Ltd.
Product-apportubuntu_linuxApport
CWE ID-CWE-250
Execution with Unnecessary Privileges
CWE ID-CWE-269
Improper Privilege Management
CVE-2022-25636
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-2.63% / 83.69%
||
7 Day CHG~0.00%
Published-22 Feb, 2022 | 01:41
Updated-03 Aug, 2024 | 04:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

net/netfilter/nf_dup_netdev.c in the Linux kernel 5.4 through 5.6.10 allows local users to gain privileges because of a heap out-of-bounds write. This is related to nf_tables_offload.

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncNetApp, Inc.Debian GNU/LinuxOracle Corporation
Product-h300edebian_linuxlinux_kernelh500eh500scommunications_cloud_native_core_network_exposure_functioncommunications_cloud_native_core_binding_support_functionh410sh700eh410ch300sh700scommunications_cloud_native_core_policyn/a
CWE ID-CWE-269
Improper Privilege Management
CVE-2019-3843
Matching Score-6
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-6
Assigner-Red Hat, Inc.
CVSS Score-4.5||MEDIUM
EPSS-0.91% / 55.68%
||
7 Day CHG~0.00%
Published-26 Apr, 2019 | 20:27
Updated-09 Jun, 2025 | 15:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

It was discovered that a systemd service that uses DynamicUser property can create a SUID/SGID binary that would be allowed to run as the transient service UID/GID even after the service is terminated. A local attacker may use this flaw to access resources that will be owned by a potentially different service in the future, when the UID/GID will be recycled.

Action-Not Available
Vendor-systemd_projectNetApp, Inc.Fedora ProjectCanonical Ltd.freedesktop.org
Product-ubuntu_linuxcn1610hci_management_nodefedorasystemdcn1610_firmwaresnapprotectsolidfiresystemd
CWE ID-CWE-266
Incorrect Privilege Assignment
CWE ID-CWE-269
Improper Privilege Management
CVE-2025-7044
Matching Score-6
Assigner-Canonical Ltd.
ShareView Details
Matching Score-6
Assigner-Canonical Ltd.
CVSS Score-7.7||HIGH
EPSS-0.24% / 14.61%
||
7 Day CHG+0.01%
Published-03 Dec, 2025 | 15:45
Updated-18 Dec, 2025 | 21:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Privilege Escalation in MAAS via Websocket Request Manipulation

An Improper Input Validation vulnerability exists in the user websocket handler of MAAS. An authenticated, unprivileged attacker can intercept a user.update websocket request and inject the is_superuser property set to true. The server improperly validates this input, allowing the attacker to self-promote to an administrator role. This results in full administrative control over the MAAS deployment.

Action-Not Available
Vendor-Canonical Ltd.Ubuntu
Product-maasMAAS
CWE ID-CWE-269
Improper Privilege Management
CVE-2019-13738
Matching Score-6
Assigner-Chrome
ShareView Details
Matching Score-6
Assigner-Chrome
CVSS Score-6.5||MEDIUM
EPSS-1.31% / 67.17%
||
7 Day CHG~0.00%
Published-10 Dec, 2019 | 21:01
Updated-05 Aug, 2024 | 00:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient policy enforcement in navigation in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to bypass site isolation via a crafted HTML page.

Action-Not Available
Vendor-Google LLCRed Hat, Inc.Fedora ProjectDebian GNU/Linux
Product-enterprise_linux_serverenterprise_linux_for_scientific_computingdebian_linuxchromeenterprise_linux_workstationfedoraenterprise_linux_desktopChrome
CWE ID-CWE-269
Improper Privilege Management
CVE-2009-2848
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-5.9||MEDIUM
EPSS-0.52% / 40.13%
||
7 Day CHG~0.00%
Published-18 Aug, 2009 | 20:41
Updated-23 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The execve function in the Linux kernel, possibly 2.6.30-rc6 and earlier, does not properly clear the current->clear_child_tid pointer, which allows local users to cause a denial of service (memory corruption) or possibly gain privileges via a clone system call with CLONE_CHILD_SETTID or CLONE_CHILD_CLEARTID enabled, which is not properly handled during thread creation and exit.

Action-Not Available
Vendor-n/aCanonical Ltd.openSUSELinux Kernel Organization, IncSUSENovellRed Hat, Inc.VMware (Broadcom Inc.)Fedora Project
Product-vmaubuntu_linuxlinux_enterprise_desktopenterprise_linux_serverenterprise_linux_workstationesxlinux_desktopenterprise_linux_desktoplinux_enterprise_serverfedoraenterprise_linuxlinux_kernelopensusen/a
CWE ID-CWE-269
Improper Privilege Management
CVE-2022-21699
Matching Score-6
Assigner-GitHub, Inc.
ShareView Details
Matching Score-6
Assigner-GitHub, Inc.
CVSS Score-8.2||HIGH
EPSS-0.66% / 46.95%
||
7 Day CHG~0.00%
Published-19 Jan, 2022 | 21:15
Updated-22 Apr, 2025 | 18:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Execution with Unnecessary Privileges in ipython

IPython (Interactive Python) is a command shell for interactive computing in multiple programming languages, originally developed for the Python programming language. Affected versions are subject to an arbitrary code execution vulnerability achieved by not properly managing cross user temporary files. This vulnerability allows one user to run code as another on the same machine. All users are advised to upgrade.

Action-Not Available
Vendor-ipythonipythonDebian GNU/LinuxFedora Project
Product-ipythondebian_linuxfedoraipython
CWE ID-CWE-250
Execution with Unnecessary Privileges
CWE ID-CWE-279
Incorrect Execution-Assigned Permissions
CWE ID-CWE-269
Improper Privilege Management
CVE-2022-1804
Matching Score-6
Assigner-Canonical Ltd.
ShareView Details
Matching Score-6
Assigner-Canonical Ltd.
CVSS Score-5.5||MEDIUM
EPSS-0.14% / 3.47%
||
7 Day CHG~0.00%
Published-25 Mar, 2025 | 12:28
Updated-26 Aug, 2025 | 17:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Accountsservice incorrectly drops privileges

accountsservice no longer drops permissions when writting .pam_environment

Action-Not Available
Vendor-UbuntuCanonical Ltd.
Product-accountsserviceubuntu_linuxLinux
CWE ID-CWE-269
Improper Privilege Management
CVE-2018-6080
Matching Score-6
Assigner-Chrome
ShareView Details
Matching Score-6
Assigner-Chrome
CVSS Score-6.5||MEDIUM
EPSS-1.37% / 68.66%
||
7 Day CHG~0.00%
Published-14 Nov, 2018 | 15:00
Updated-05 Aug, 2024 | 05:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Lack of access control checks in Instrumentation in Google Chrome prior to 65.0.3325.146 allowed a remote attacker who had compromised the renderer process to obtain memory metadata from privileged processes .

Action-Not Available
Vendor-Red Hat, Inc.Google LLCDebian GNU/Linux
Product-enterprise_linux_serverdebian_linuxchromeenterprise_linux_workstationenterprise_linux_desktopChrome
CWE ID-CWE-269
Improper Privilege Management
CVE-2024-0751
Matching Score-6
Assigner-Mozilla Corporation
ShareView Details
Matching Score-6
Assigner-Mozilla Corporation
CVSS Score-8.8||HIGH
EPSS-0.63% / 45.90%
||
7 Day CHG~0.00%
Published-23 Jan, 2024 | 13:48
Updated-20 Jun, 2025 | 19:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A malicious devtools extension could have been used to escalate privileges. This vulnerability affects Firefox < 122, Firefox ESR < 115.7, and Thunderbird < 115.7.

Action-Not Available
Vendor-Mozilla CorporationDebian GNU/Linux
Product-thunderbirdfirefox_esrfirefoxdebian_linuxFirefoxThunderbirdFirefox ESR
CWE ID-CWE-269
Improper Privilege Management
CVE-2018-5166
Matching Score-6
Assigner-Mozilla Corporation
ShareView Details
Matching Score-6
Assigner-Mozilla Corporation
CVSS Score-7.5||HIGH
EPSS-2.43% / 82.27%
||
7 Day CHG~0.00%
Published-11 Jun, 2018 | 21:00
Updated-05 Aug, 2024 | 05:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

WebExtensions can use request redirection and a "filterReponseData" filter to bypass host permission settings to redirect network traffic and access content from a host for which they do not have explicit user permission. This vulnerability affects Firefox < 60.

Action-Not Available
Vendor-Mozilla CorporationCanonical Ltd.
Product-firefoxubuntu_linuxFirefox
CWE ID-CWE-269
Improper Privilege Management
CVE-2026-46333
Matching Score-6
Assigner-kernel.org
ShareView Details
Matching Score-6
Assigner-kernel.org
CVSS Score-7.1||HIGH
EPSS-1.38% / 68.78%
||
7 Day CHG+0.17%
Published-15 May, 2026 | 12:58
Updated-01 Jul, 2026 | 13:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
ptrace: slightly saner 'get_dumpable()' logic

In the Linux kernel, the following vulnerability has been resolved: ptrace: slightly saner 'get_dumpable()' logic The 'dumpability' of a task is fundamentally about the memory image of the task - the concept comes from whether it can core dump or not - and makes no sense when you don't have an associated mm. And almost all users do in fact use it only for the case where the task has a mm pointer. But we have one odd special case: ptrace_may_access() uses 'dumpable' to check various other things entirely independently of the MM (typically explicitly using flags like PTRACE_MODE_READ_FSCREDS). Including for threads that no longer have a VM (and maybe never did, like most kernel threads). It's not what this flag was designed for, but it is what it is. The ptrace code does check that the uid/gid matches, so you do have to be uid-0 to see kernel thread details, but this means that the traditional "drop capabilities" model doesn't make any difference for this all. Make it all make a *bit* more sense by saying that if you don't have a MM pointer, we'll use a cached "last dumpability" flag if the thread ever had a MM (it will be zero for kernel threads since it is never set), and require a proper CAP_SYS_PTRACE capability to override.

Action-Not Available
Vendor-Debian GNU/LinuxRed Hat, Inc.Linux Kernel Organization, Inc
Product-debian_linuxlinux_kernelLinuxRed Hat Enterprise Linux Real Time for NFV E4S (v.9.2)Red Hat Enterprise Linux Real Time (v. 10)Red Hat Enterprise Linux AppStream E4S (v.9.2)Red Hat Enterprise Linux Real Time EUS (v.9.6)Red Hat Enterprise Linux AppStream EUS (v.9.6)Red Hat Enterprise Linux AppStream (v. 10)Red Hat Enterprise Linux CRB (v. 8)Red Hat Enterprise Linux BaseOS E4S (v.9.2)Red Hat Enterprise Linux BaseOS EUS EXTENSION (v.8.4)Red Hat Enterprise Linux BaseOS (v. 10)Red Hat Enterprise Linux BaseOS E4S (v.9.4)Red Hat Enterprise Linux Real Time for NFV EUS (v.9.4)Red Hat Enterprise Linux BaseOS E4S (v.8.6)Red Hat Enterprise Linux BaseOS EUS (v.9.4)Red Hat Enterprise Linux BaseOS EUS (v.9.6)Red Hat Enterprise Linux NFV (v. 8)Red Hat Enterprise Linux CodeReady Linux Builder EUS (v. 10.0)Red Hat Enterprise Linux AppStream (v. 9)Red Hat Enterprise Linux CodeReady Linux Builder (v. 9)Red Hat Enterprise Linux CodeReady Linux Builder (v. 10)Red Hat Enterprise Linux Real Time EUS (v.9.4)NVIDIA for RHEL 10Red Hat Enterprise Linux Real Time for NFV EUS (v.9.6)Red Hat Enterprise Linux BaseOS E4S (v.9.0)Red Hat CodeReady Linux Builder EUS (v.9.4)Red Hat Enterprise Linux BaseOS (v. 8)Red Hat Enterprise Linux 7Red Hat Enterprise Linux RT (v. 8)Red Hat Enterprise Linux 6Red Hat Enterprise Linux Real Time for NFV EUS (v. 10.0)Red Hat Enterprise Linux BaseOS TUS (v.8.8)Red Hat Enterprise Linux Real Time EUS (v. 10.0)Red Hat Enterprise Linux AppStream E4S (v.9.0)Red Hat Enterprise Linux AppStream EUS (v. 10.0)Red Hat Enterprise Linux BaseOS (v. 9)Red Hat Enterprise Linux BaseOS EUS (v. 10.0)Red Hat Enterprise Linux NFV E4S (v.9.0)Red Hat Enterprise Linux BaseOS E4S (v.8.8)Red Hat OpenShift Container Platform 4Red Hat Enterprise Linux Real Time E4S (v.9.2)Red Hat Enterprise Linux Real Time for NFV (v. 10)Red Hat Enterprise Linux Real Time E4S (v.9.0)Red Hat Enterprise Linux Real Time (v. 9)Red Hat OpenShift Container Platform 4.20Red Hat Enterprise Linux Real Time for NFV (v. 9)Red Hat Enterprise Linux AppStream EUS (v.9.4)Red Hat Enterprise Linux BaseOS AUS (v.8.4)Red Hat Enterprise Linux BaseOS AUS (v.8.6)Red Hat Enterprise Linux BaseOS TUS (v.8.6)Red Hat CodeReady Linux Builder EUS (v.9.6)
CWE ID-CWE-269
Improper Privilege Management
CVE-2018-18344
Matching Score-6
Assigner-Chrome
ShareView Details
Matching Score-6
Assigner-Chrome
CVSS Score-6.5||MEDIUM
EPSS-1.50% / 71.13%
||
7 Day CHG~0.00%
Published-11 Dec, 2018 | 15:00
Updated-05 Aug, 2024 | 11:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Inappropriate allowance of the setDownloadBehavior devtools protocol feature in Extensions in Google Chrome prior to 71.0.3578.80 allowed a remote attacker with control of an installed extension to access files on the local file system via a crafted Chrome Extension.

Action-Not Available
Vendor-n/aRed Hat, Inc.Google LLCDebian GNU/Linux
Product-enterprise_linux_serverdebian_linuxchromeenterprise_linux_workstationenterprise_linux_desktopn/a
CWE ID-CWE-269
Improper Privilege Management
CVE-2018-16888
Matching Score-6
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-6
Assigner-Red Hat, Inc.
CVSS Score-4.4||MEDIUM
EPSS-0.30% / 21.52%
||
7 Day CHG~0.00%
Published-14 Jan, 2019 | 22:00
Updated-05 Aug, 2024 | 10:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

It was discovered systemd does not correctly check the content of PIDFile files before using it to kill processes. When a service is run from an unprivileged user (e.g. User field set in the service file), a local attacker who is able to write to the PIDFile of the mentioned service may use this flaw to trick systemd into killing other services and/or privileged processes. Versions before v237 are vulnerable.

Action-Not Available
Vendor-systemd_projectThe systemd ProjectRed Hat, Inc.NetApp, Inc.Canonical Ltd.
Product-ubuntu_linuxenterprise_linuxsystemdactive_iq_performance_analytics_serviceselement_softwaresystemd
CWE ID-CWE-250
Execution with Unnecessary Privileges
CWE ID-CWE-269
Improper Privilege Management
CVE-2021-43528
Matching Score-6
Assigner-Mozilla Corporation
ShareView Details
Matching Score-6
Assigner-Mozilla Corporation
CVSS Score-6.5||MEDIUM
EPSS-1.27% / 66.20%
||
7 Day CHG~0.00%
Published-08 Dec, 2021 | 21:21
Updated-04 Aug, 2024 | 03:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Thunderbird unexpectedly enabled JavaScript in the composition area. The JavaScript execution context was limited to this area and did not receive chrome-level privileges, but could be used as a stepping stone to further an attack with other vulnerabilities. This vulnerability affects Thunderbird < 91.4.0.

Action-Not Available
Vendor-Debian GNU/LinuxMozilla Corporation
Product-thunderbirddebian_linuxThunderbird
CWE ID-CWE-269
Improper Privilege Management
CVE-2021-43860
Matching Score-6
Assigner-GitHub, Inc.
ShareView Details
Matching Score-6
Assigner-GitHub, Inc.
CVSS Score-8.2||HIGH
EPSS-1.35% / 68.01%
||
7 Day CHG~0.00%
Published-12 Jan, 2022 | 00:00
Updated-04 Aug, 2024 | 04:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Permissions granted to applications can be hidden from the user at install time

Flatpak is a Linux application sandboxing and distribution framework. Prior to versions 1.12.3 and 1.10.6, Flatpak doesn't properly validate that the permissions displayed to the user for an app at install time match the actual permissions granted to the app at runtime, in the case that there's a null byte in the metadata file of an app. Therefore apps can grant themselves permissions without the consent of the user. Flatpak shows permissions to the user during install by reading them from the "xa.metadata" key in the commit metadata. This cannot contain a null terminator, because it is an untrusted GVariant. Flatpak compares these permissions to the *actual* metadata, from the "metadata" file to ensure it wasn't lied to. However, the actual metadata contents are loaded in several places where they are read as simple C-style strings. That means that, if the metadata file includes a null terminator, only the content of the file from *before* the terminator gets compared to xa.metadata. Thus, any permissions that appear in the metadata file after a null terminator are applied at runtime but not shown to the user. So maliciously crafted apps can give themselves hidden permissions. Users who have Flatpaks installed from untrusted sources are at risk in case the Flatpak has a maliciously crafted metadata file, either initially or in an update. This issue is patched in versions 1.12.3 and 1.10.6. As a workaround, users can manually check the permissions of installed apps by checking the metadata file or the xa.metadata key on the commit metadata.

Action-Not Available
Vendor-flatpakflatpakDebian GNU/LinuxRed Hat, Inc.Fedora Project
Product-fedoradebian_linuxflatpakenterprise_linuxflatpak
CWE ID-CWE-269
Improper Privilege Management
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2018-13405
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-1.01% / 58.86%
||
7 Day CHG-0.01%
Published-06 Jul, 2018 | 14:00
Updated-05 Aug, 2024 | 09:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The inode_init_owner function in fs/inode.c in the Linux kernel through 3.16 allows local users to create files with an unintended group ownership, in a scenario where a directory is SGID to a certain group and is writable by a user who is not a member of that group. Here, the non-member can trigger creation of a plain file whose group ownership is that group. The intended behavior was that the non-member can trigger creation of a directory (but not a plain file) whose group ownership is that group. The non-member can escalate privileges by making the plain file executable and SGID.

Action-Not Available
Vendor-n/aFedora ProjectCanonical Ltd.Red Hat, Inc.Linux Kernel Organization, IncDebian GNU/LinuxF5, Inc.
Product-enterprise_linux_serverubuntu_linuxbig-ip_webacceleratorvirtualizationbig-ip_application_acceleration_managerbig-ip_advanced_firewall_managerbig-ip_policy_enforcement_managerbig-ip_fraud_protection_serviceenterprise_linux_server_ausenterprise_linux_ausbig-ip_global_traffic_managerbig-ip_local_traffic_managerbig-ip_analyticsbig-ip_domain_name_systembig-ip_application_security_managerbig-ip_edge_gatewaydebian_linuxlinux_kernelbig-ip_link_controllermrg_realtimeenterprise_linux_workstationfedoraenterprise_linux_eusbig-ip_access_policy_managerenterprise_linux_server_tusenterprise_linux_desktopenterprise_linux_for_real_timen/a
CWE ID-CWE-269
Improper Privilege Management
CVE-2023-26604
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-1.05% / 60.12%
||
7 Day CHG~0.00%
Published-03 Mar, 2023 | 00:00
Updated-20 Jun, 2025 | 19:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

systemd before 247 does not adequately block local privilege escalation for some Sudo configurations, e.g., plausible sudoers files in which the "systemctl status" command may be executed. Specifically, systemd does not set LESSSECURE to 1, and thus other programs may be launched from the less program. This presents a substantial security risk when running systemctl from Sudo, because less executes as root when the terminal size is too small to show the complete systemctl output.

Action-Not Available
Vendor-systemd_projectn/aDebian GNU/Linux
Product-systemddebian_linuxn/a
CWE ID-CWE-269
Improper Privilege Management
CVE-2017-9324
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-2.35% / 81.64%
||
7 Day CHG~0.00%
Published-12 Jun, 2017 | 06:00
Updated-13 May, 2026 | 00:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Open Ticket Request System (OTRS) 3.3.x through 3.3.16, 4.x through 4.0.23, and 5.x through 5.0.19, an attacker with agent permission is capable of opening a specific URL in a browser to gain administrative privileges / full access. Afterward, all system settings can be read and changed. The URLs in question contain index.pl?Action=Installer with ;Subaction=Intro or ;Subaction=Start or ;Subaction=System appended at the end.

Action-Not Available
Vendor-n/aOTRS AGDebian GNU/Linux
Product-debian_linuxotrsn/a
CWE ID-CWE-269
Improper Privilege Management
CVE-2017-3257
Matching Score-6
Assigner-Oracle
ShareView Details
Matching Score-6
Assigner-Oracle
CVSS Score-6.5||MEDIUM
EPSS-2.59% / 83.41%
||
7 Day CHG~0.00%
Published-27 Jan, 2017 | 22:01
Updated-13 May, 2026 | 00:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: InnoDB). Supported versions that are affected are 5.6.34 and earlier5.7.16 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 6.5 (Availability impacts).

Action-Not Available
Vendor-Debian GNU/LinuxMariaDB FoundationOracle Corporation
Product-mariadbmysqldebian_linuxMySQL Server
CWE ID-CWE-269
Improper Privilege Management
CVE-2002-0080
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-2.1||LOW
EPSS-0.52% / 40.41%
||
7 Day CHG~0.00%
Published-25 Jun, 2002 | 04:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

rsync, when running in daemon mode, does not properly call setgroups before dropping privileges, which could provide supplemental group privileges to local users, who could then read certain files that would otherwise be disallowed.

Action-Not Available
Vendor-n/aRed Hat, Inc.Samba
Product-linuxrsyncn/a
CWE ID-CWE-269
Improper Privilege Management
CVE-2017-13721
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-4.7||MEDIUM
EPSS-0.36% / 27.68%
||
7 Day CHG~0.00%
Published-09 Oct, 2017 | 14:00
Updated-13 May, 2026 | 00:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In X.Org Server (aka xserver and xorg-server) before 1.19.4, an attacker authenticated to an X server with the X shared memory extension enabled can cause aborts of the X server or replace shared memory segments of other X clients in the same session.

Action-Not Available
Vendor-n/aDebian GNU/LinuxX.Org Foundation
Product-x_serverdebian_linuxn/a
CWE ID-CWE-269
Improper Privilege Management
CVE-2017-10689
Matching Score-6
Assigner-Perforce
ShareView Details
Matching Score-6
Assigner-Perforce
CVSS Score-5.5||MEDIUM
EPSS-0.36% / 28.31%
||
7 Day CHG~0.00%
Published-09 Feb, 2018 | 20:00
Updated-17 Sep, 2024 | 00:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In previous versions of Puppet Agent it was possible to install a module with world writable permissions. Puppet Agent 5.3.4 and 1.10.10 included a fix to this vulnerability.

Action-Not Available
Vendor-Canonical Ltd.Red Hat, Inc.Perforce Software, Inc. ("Puppet")
Product-puppet_enterprisepuppetsatelliteubuntu_linuxPuppet AgentPuppet Enterprise
CWE ID-CWE-269
Improper Privilege Management
CVE-2018-0503
Matching Score-6
Assigner-Debian GNU/Linux
ShareView Details
Matching Score-6
Assigner-Debian GNU/Linux
CVSS Score-4.3||MEDIUM
EPSS-1.53% / 71.68%
||
7 Day CHG+0.01%
Published-04 Oct, 2018 | 20:00
Updated-17 Sep, 2024 | 01:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
$wgRateLimits entry for 'user' overrides 'newbie'

Mediawiki 1.31 before 1.31.1, 1.30.1, 1.29.3 and 1.27.5 contains a flaw where contrary to the documentation, $wgRateLimits entry for 'user' overrides that for 'newbie'.

Action-Not Available
Vendor-Debian GNU/LinuxWikimedia Foundation
Product-debian_linuxmediawikimediawiki
CWE ID-CWE-269
Improper Privilege Management
CVE-2016-9928
Matching Score-6
Assigner-Debian GNU/Linux
ShareView Details
Matching Score-6
Assigner-Debian GNU/Linux
CVSS Score-7.4||HIGH
EPSS-4.51% / 90.36%
||
7 Day CHG~0.00%
Published-06 Feb, 2020 | 13:16
Updated-06 Aug, 2024 | 03:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

MCabber before 1.0.4 is vulnerable to roster push attacks, which allows remote attackers to intercept communications, or add themselves as an entity on a 3rd party's roster as another user, which will also garner associated privileges, via crafted XMPP packets.

Action-Not Available
Vendor-mcabberMCabberCanonical Ltd.Debian GNU/Linux
Product-ubuntu_linuxmcabberdebian_linuxMCabber
CWE ID-CWE-269
Improper Privilege Management
CVE-2017-7803
Matching Score-6
Assigner-Mozilla Corporation
ShareView Details
Matching Score-6
Assigner-Mozilla Corporation
CVSS Score-7.5||HIGH
EPSS-2.03% / 78.68%
||
7 Day CHG~0.00%
Published-11 Jun, 2018 | 21:00
Updated-25 Nov, 2025 | 17:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

When a page's content security policy (CSP) header contains a "sandbox" directive, other directives are ignored. This results in the incorrect enforcement of CSP. This vulnerability affects Thunderbird < 52.3, Firefox ESR < 52.3, and Firefox < 55.

Action-Not Available
Vendor-Mozilla CorporationDebian GNU/LinuxRed Hat, Inc.
Product-thunderbirdfirefoxenterprise_linux_desktopenterprise_linux_server_eusenterprise_linux_serverdebian_linuxenterprise_linux_workstationenterprise_linux_server_ausThunderbirdFirefox ESRFirefox
CWE ID-CWE-269
Improper Privilege Management
CVE-2016-1572
Matching Score-6
Assigner-Canonical Ltd.
ShareView Details
Matching Score-6
Assigner-Canonical Ltd.
CVSS Score-8.4||HIGH
EPSS-0.37% / 28.80%
||
7 Day CHG~0.00%
Published-22 Jan, 2016 | 15:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

mount.ecryptfs_private.c in eCryptfs-utils does not validate mount destination filesystem types, which allows local users to gain privileges by mounting over a nonstandard filesystem, as demonstrated by /proc/$pid.

Action-Not Available
Vendor-ecryptfsn/aCanonical Ltd.openSUSEDebian GNU/LinuxFedora Project
Product-debian_linuxubuntu_linuxleapecryptfs-utilsfedoraopensusen/a
CWE ID-CWE-269
Improper Privilege Management
CVE-2015-9267
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-5.5||MEDIUM
EPSS-0.39% / 30.57%
||
7 Day CHG~0.00%
Published-01 Oct, 2018 | 08:00
Updated-06 Aug, 2024 | 08:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Nullsoft Scriptable Install System (NSIS) before 2.49 uses temporary folder locations that allow unprivileged local users to overwrite files. This allows a local attack in which either a plugin or the uninstaller can be replaced by a Trojan horse program.

Action-Not Available
Vendor-nullsoftn/aDebian GNU/Linux
Product-nullsoft_scriptable_install_systemdebian_linuxn/a
CWE ID-CWE-269
Improper Privilege Management
  • Previous
  • 1
  • 2
  • ...
  • 7
  • 8
  • 9
  • ...
  • 12
  • 13
  • Next
Details not found