Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2013-2152

Summary
Assigner-redhat
Assigner Org ID-53f830b8-0a3f-465b-8143-3b8a9948e749
Published At-21 Jan, 2014 | 18:00
Updated At-06 Aug, 2024 | 15:27
Rejected At-
Credits

Unquoted Windows search path vulnerability in the SPICE service, as used in Red Hat Enterprise Virtualization (RHEV) 3.2, allows local users to gain privileges via a crafted application in an unspecified folder.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:redhat
Assigner Org ID:53f830b8-0a3f-465b-8143-3b8a9948e749
Published At:21 Jan, 2014 | 18:00
Updated At:06 Aug, 2024 | 15:27
Rejected At:
▼CVE Numbering Authority (CNA)

Unquoted Windows search path vulnerability in the SPICE service, as used in Red Hat Enterprise Virtualization (RHEV) 3.2, allows local users to gain privileges via a crafted application in an unspecified folder.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
http://rhn.redhat.com/errata/RHSA-2013-0924.html
vendor-advisory
x_refsource_REDHAT
https://exchange.xforce.ibmcloud.com/vulnerabilities/84866
vdb-entry
x_refsource_XF
http://rhn.redhat.com/errata/RHSA-2013-0925.html
vendor-advisory
x_refsource_REDHAT
http://www.securityfocus.com/bid/60475
vdb-entry
x_refsource_BID
https://bugzilla.redhat.com/show_bug.cgi?id=971172
x_refsource_MISC
Hyperlink: http://rhn.redhat.com/errata/RHSA-2013-0924.html
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/84866
Resource:
vdb-entry
x_refsource_XF
Hyperlink: http://rhn.redhat.com/errata/RHSA-2013-0925.html
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: http://www.securityfocus.com/bid/60475
Resource:
vdb-entry
x_refsource_BID
Hyperlink: https://bugzilla.redhat.com/show_bug.cgi?id=971172
Resource:
x_refsource_MISC
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
http://rhn.redhat.com/errata/RHSA-2013-0924.html
vendor-advisory
x_refsource_REDHAT
x_transferred
https://exchange.xforce.ibmcloud.com/vulnerabilities/84866
vdb-entry
x_refsource_XF
x_transferred
http://rhn.redhat.com/errata/RHSA-2013-0925.html
vendor-advisory
x_refsource_REDHAT
x_transferred
http://www.securityfocus.com/bid/60475
vdb-entry
x_refsource_BID
x_transferred
https://bugzilla.redhat.com/show_bug.cgi?id=971172
x_refsource_MISC
x_transferred
Hyperlink: http://rhn.redhat.com/errata/RHSA-2013-0924.html
Resource:
vendor-advisory
x_refsource_REDHAT
x_transferred
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/84866
Resource:
vdb-entry
x_refsource_XF
x_transferred
Hyperlink: http://rhn.redhat.com/errata/RHSA-2013-0925.html
Resource:
vendor-advisory
x_refsource_REDHAT
x_transferred
Hyperlink: http://www.securityfocus.com/bid/60475
Resource:
vdb-entry
x_refsource_BID
x_transferred
Hyperlink: https://bugzilla.redhat.com/show_bug.cgi?id=971172
Resource:
x_refsource_MISC
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:secalert@redhat.com
Published At:21 Jan, 2014 | 18:55
Updated At:29 Apr, 2026 | 01:13

Unquoted Windows search path vulnerability in the SPICE service, as used in Red Hat Enterprise Virtualization (RHEV) 3.2, allows local users to gain privileges via a crafted application in an unspecified folder.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary2.07.2HIGH
AV:L/AC:L/Au:N/C:C/I:C/A:C
Type: Primary
Version: 2.0
Base score: 7.2
Base severity: HIGH
Vector:
AV:L/AC:L/Au:N/C:C/I:C/A:C
CPE Matches

Red Hat, Inc.
redhat
>>enterprise_virtualization>>3.2
cpe:2.3:a:redhat:enterprise_virtualization:3.2:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
NVD-CWE-OtherPrimarynvd@nist.gov
CWE ID: NVD-CWE-Other
Type: Primary
Source: nvd@nist.gov
Evaluator Description

Per: http://cwe.mitre.org/data/definitions/426.html "CWE-426: Untrusted Search Path"
Evaluator Impact

Evaluator Solution

Vendor Statements

References
HyperlinkSourceResource
http://rhn.redhat.com/errata/RHSA-2013-0924.htmlsecalert@redhat.com
Vendor Advisory
http://rhn.redhat.com/errata/RHSA-2013-0925.htmlsecalert@redhat.com
Vendor Advisory
http://www.securityfocus.com/bid/60475secalert@redhat.com
N/A
https://bugzilla.redhat.com/show_bug.cgi?id=971172secalert@redhat.com
N/A
https://exchange.xforce.ibmcloud.com/vulnerabilities/84866secalert@redhat.com
N/A
http://rhn.redhat.com/errata/RHSA-2013-0924.htmlaf854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://rhn.redhat.com/errata/RHSA-2013-0925.htmlaf854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://www.securityfocus.com/bid/60475af854a3a-2127-422b-91ae-364da2661108
N/A
https://bugzilla.redhat.com/show_bug.cgi?id=971172af854a3a-2127-422b-91ae-364da2661108
N/A
https://exchange.xforce.ibmcloud.com/vulnerabilities/84866af854a3a-2127-422b-91ae-364da2661108
N/A
Hyperlink: http://rhn.redhat.com/errata/RHSA-2013-0924.html
Source: secalert@redhat.com
Resource:
Vendor Advisory
Hyperlink: http://rhn.redhat.com/errata/RHSA-2013-0925.html
Source: secalert@redhat.com
Resource:
Vendor Advisory
Hyperlink: http://www.securityfocus.com/bid/60475
Source: secalert@redhat.com
Resource: N/A
Hyperlink: https://bugzilla.redhat.com/show_bug.cgi?id=971172
Source: secalert@redhat.com
Resource: N/A
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/84866
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://rhn.redhat.com/errata/RHSA-2013-0924.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory
Hyperlink: http://rhn.redhat.com/errata/RHSA-2013-0925.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory
Hyperlink: http://www.securityfocus.com/bid/60475
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://bugzilla.redhat.com/show_bug.cgi?id=971172
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/84866
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

185Records found

CVE-2000-0606
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.56% / 42.69%
||
7 Day CHG~0.00%
Published-19 Jul, 2000 | 04:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in kon program in Kanji on Console (KON) package on Linux may allow local users to gain root privileges via a long -StartupMessage parameter.

Action-Not Available
Vendor-n/aDebian GNU/LinuxRed Hat, Inc.Mandriva (Mandrakesoft)
Product-debian_linuxmandrake_linuxlinuxn/a
CVE-2000-0229
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.80% / 52.29%
||
7 Day CHG~0.00%
Published-02 Jun, 2000 | 04:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

gpm-root in the gpm package does not properly drop privileges, which allows local users to gain privileges by starting a utility from gpm-root.

Action-Not Available
Vendor-alessandro_rubinin/aDebian GNU/LinuxRed Hat, Inc.SUSE
Product-debian_linuxlinuxsuse_linuxgpmn/a
CVE-2021-3656
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-8.8||HIGH
EPSS-0.66% / 46.97%
||
7 Day CHG~0.00%
Published-04 Mar, 2022 | 18:41
Updated-03 Aug, 2024 | 17:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB (virtual machine control block) provided by the L1 guest to spawn/handle a nested guest (L2). Due to improper validation of the "virt_ext" field, this issue could allow a malicious L1 to disable both VMLOAD/VMSAVE intercepts and VLS (Virtual VMLOAD/VMSAVE) for the L2 guest. As a result, the L2 guest would be allowed to read/write physical pages of the host, resulting in a crash of the entire system, leak of sensitive data or potential guest-to-host escape.

Action-Not Available
Vendor-n/aFedora ProjectLinux Kernel Organization, IncRed Hat, Inc.
Product-enterprise_linux_serversoftware_collectionsenterprise_linux_server_update_services_for_sap_solutionsenterprise_linux_server_ausopenstackvirtualization_hostenterprise_linux3scale_api_managemententerprise_linux_for_real_time_for_nfventerprise_linux_for_real_time_tusenterprise_linux_desktopcodeready_linux_builderenterprise_linux_for_scientific_computinglinux_kernelenterprise_linux_for_real_time_for_nfv_tusenterprise_linux_workstationfedoraenterprise_linux_for_ibm_z_systemsenterprise_linux_eusenterprise_linux_for_power_little_endian_eusenterprise_linux_server_for_power_little_endian_update_services_for_sap_solutionsenterprise_linux_server_tusenterprise_linux_for_power_little_endianenterprise_linux_for_ibm_z_systems_eusenterprise_linux_for_real_timeenterprise_linux_for_power_big_endianKVM
CWE ID-CWE-862
Missing Authorization
CVE-2000-0219
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.95% / 57.07%
||
7 Day CHG~0.00%
Published-22 Mar, 2000 | 05:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Red Hat 6.0 allows local users to gain root access by booting single user and hitting ^C at the password prompt.

Action-Not Available
Vendor-n/aRed Hat, Inc.
Product-linuxn/a
CVE-1999-1186
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.40% / 32.02%
||
7 Day CHG~0.00%
Published-12 Sep, 2001 | 04:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

rxvt, when compiled with the PRINT_PIPE option in various Linux operating systems including Linux Slackware 3.0 and RedHat 2.1, allows local users to gain root privileges by specifying a malicious program using the -print-pipe command line parameter.

Action-Not Available
Vendor-rxvtn/aSlackwareRed Hat, Inc.
Product-linuxslackware_linuxrxvtn/a
CVE-1999-1328
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.40% / 32.05%
||
7 Day CHG~0.00%
Published-09 Mar, 2002 | 05:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

linuxconf before 1.11.r11-rh3 on Red Hat Linux 5.1 allows local users to overwrite arbitrary files and gain root access via a symlink attack.

Action-Not Available
Vendor-n/aRed Hat, Inc.
Product-linuxn/a
CVE-2015-3159
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.8||HIGH
EPSS-0.39% / 31.12%
||
7 Day CHG~0.00%
Published-14 Jan, 2020 | 18:00
Updated-06 Aug, 2024 | 05:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The abrt-action-install-debuginfo-to-abrt-cache help program in Automatic Bug Reporting Tool (ABRT) does not properly handle the process environment before invoking abrt-action-install-debuginfo, which allows local users to gain privileges.

Action-Not Available
Vendor-Red Hat, Inc.ABRT
Product-automatic_bug_reporting_toolABRT
CVE-2017-15097
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.54% / 41.50%
||
7 Day CHG~0.00%
Published-27 Jul, 2018 | 20:00
Updated-05 Aug, 2024 | 19:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Privilege escalation flaws were found in the Red Hat initialization scripts of PostgreSQL. An attacker with access to the postgres user account could use these flaws to obtain root access on the server machine.

Action-Not Available
Vendor-Red Hat, Inc.
Product-enterprise_linux_serverenterprise_linux_server_eusenterprise_linux_server_ausenterprise_linux_workstationenterprise_linux_desktoppostgresql init script
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2002-0506
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.49% / 38.62%
||
7 Day CHG~0.00%
Published-02 Apr, 2003 | 05:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in newt.c of newt windowing library (libnewt) 0.50.33 and earlier may allow attackers to cause a denial of service or execute arbitrary code in setuid programs that use libnewt.

Action-Not Available
Vendor-n/aRed Hat, Inc.
Product-linuxn/a
CVE-2021-4034
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.8||HIGH
EPSS-94.92% / 99.85%
||
7 Day CHG~0.00%
Published-28 Jan, 2022 | 00:00
Updated-06 Nov, 2025 | 14:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2022-07-18||Apply updates per vendor instructions.

A local privilege escalation vulnerability was found on polkit's pkexec utility. The pkexec application is a setuid tool designed to allow unprivileged users to run commands as privileged users according predefined policies. The current version of pkexec doesn't handle the calling parameters count correctly and ends trying to execute environment variables as commands. An attacker can leverage this by crafting environment variables in such a way it'll induce pkexec to execute arbitrary code. When successfully executed the attack can cause a local privilege escalation given unprivileged users administrative rights on the target machine.

Action-Not Available
Vendor-starwindsoftwarepolkit_projectn/aOracle CorporationCanonical Ltd.Siemens AGRed Hat, Inc.SUSE
Product-linux_enterprise_desktopmanager_proxyenterprise_linux_for_power_little_endian_eusenterprise_linuxmanager_serverhttp_serverenterprise_linux_server_update_services_for_sap_solutionsenterprise_linux_server_tusenterprise_linux_workstationenterprise_linux_for_ibm_z_systemsenterprise_linux_for_power_little_endianenterprise_linux_desktopenterprise_linux_for_ibm_z_systems_euspolkitstarwind_virtual_sanubuntu_linuxenterprise_linux_server_euscommand_centerscalance_lpe9403_firmwarelinux_enterprise_high_performance_computingenterprise_linux_server_ausenterprise_linux_for_power_big_endianenterprise_linux_euslinux_enterprise_serversinumerik_edgescalance_lpe9403enterprise_linux_serverlinux_enterprise_workstation_extensionenterprise_storagezfs_storage_appliance_kitenterprise_linux_for_scientific_computingpolkitPolkit
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-787
Out-of-bounds Write
CVE-1999-0390
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.44% / 35.54%
||
7 Day CHG~0.00%
Published-22 Mar, 2000 | 05:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in Dosemu Slang library in Linux.

Action-Not Available
Vendor-n/aRed Hat, Inc.SUSE
Product-linuxsuse_linuxn/a
CVE-1999-0868
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-1.50% / 71.22%
||
7 Day CHG~0.00%
Published-04 Jan, 2000 | 05:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

ucbmail allows remote attackers to execute commands via shell metacharacters that are passed to it from INN.

Action-Not Available
Vendor-n/aNetscape (Yahoo Inc.)Internet Systems Consortium, Inc.NEC CorporationSun Microsystems (Oracle Corporation)Red Hat, Inc.
Product-linuxsparcgoah_intrasvnews_serverinngoah_networksvn/a
CVE-2002-0004
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-1.34% / 67.94%
||
7 Day CHG~0.00%
Published-25 Jun, 2002 | 04:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap corruption vulnerability in the "at" program allows local users to execute arbitrary code via a malformed execution time, which causes at to free the same memory twice.

Action-Not Available
Vendor-n/aDebian GNU/LinuxMandriva (Mandrakesoft)SlackwareNetBSDFreeBSD FoundationRed Hat, Inc.The MITRE Corporation (Caldera)SUSE
Product-debian_linuxopenlinux_serverlinuxmandrake_linuxsuse_linuxopenlinux_workstationfreebsdslackware_linuxnetbsdn/a
CVE-2002-0062
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.48% / 38.26%
||
7 Day CHG~0.00%
Published-02 Apr, 2003 | 05:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in ncurses 5.0, and the ncurses4 compatibility package as used in Red Hat Linux, allows local users to gain privileges, related to "routines for moving the physical cursor and scrolling."

Action-Not Available
Vendor-n/aDebian GNU/LinuxFreeBSD FoundationGNURed Hat, Inc.SUSE
Product-debian_linuxlinuxncursessuse_linuxfreebsdn/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-1999-1329
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.41% / 33.08%
||
7 Day CHG~0.00%
Published-09 Mar, 2002 | 05:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in SysVInit in Red Hat Linux 5.1 and earlier allows local users to gain privileges.

Action-Not Available
Vendor-n/aRed Hat, Inc.
Product-linuxn/a
CVE-1999-1182
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.43% / 34.46%
||
7 Day CHG~0.00%
Published-12 Sep, 2001 | 04:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in run-time linkers (1) ld.so or (2) ld-linux.so for Linux systems allows local users to gain privileges by calling a setuid program with a long program name (argv[0]) and forcing ld.so/ld-linux.so to report an error.

Action-Not Available
Vendor-delixlstn/aDebian GNU/LinuxRed Hat, Inc.The MITRE Corporation (Caldera)SUSE
Product-debian_linuxlinuxlst_power_linuxopenlinux_litesuse_linuxdldn/a
CVE-2001-1374
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.37% / 29.13%
||
7 Day CHG~0.00%
Published-02 Apr, 2003 | 05:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

expect before 5.32 searches for its libraries in /var/tmp before other directories, which could allow local users to gain root privileges via a Trojan horse library that is accessed by mkpasswd.

Action-Not Available
Vendor-conectivadon_libesn/aRed Hat, Inc.
Product-linuxexpectn/a
CVE-2001-0923
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.60% / 44.62%
||
7 Day CHG~0.00%
Published-02 Feb, 2002 | 05:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

RPM Package Manager 4.0.x through 4.0.2.x allows an attacker to execute arbitrary code via corrupted data in the RPM file when the file is queried.

Action-Not Available
Vendor-n/aRed Hat, Inc.
Product-redhat_package_managern/a
CVE-1999-0872
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.36% / 28.10%
||
7 Day CHG~0.00%
Published-04 Feb, 2000 | 05:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in Vixie cron allows local users to gain root access via a long MAILTO environment variable in a crontab file.

Action-Not Available
Vendor-paul_vixien/aDebian GNU/LinuxRed Hat, Inc.The MITRE Corporation (Caldera)
Product-debian_linuxlinuxvixie_cronopenlinuxn/a
CVE-1999-0318
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.61% / 45.02%
||
7 Day CHG~0.00%
Published-04 Jan, 2000 | 05:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in xmcd 2.0p12 allows local users to gain access through an environmental variable.

Action-Not Available
Vendor-n/aHP Inc.Sun Microsystems (Oracle Corporation)IBM CorporationRed Hat, Inc.
Product-sunoslinuxsolarishp-uxaixn/a
CVE-1999-0131
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.58% / 43.28%
||
7 Day CHG~0.00%
Published-29 Sep, 1999 | 04:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow and denial of service in Sendmail 8.7.5 and earlier through GECOS field gives root access to local users.

Action-Not Available
Vendor-scodigitaleric_allmanbsdin/aHP Inc.IBM CorporationFreeBSD FoundationRed Hat, Inc.
Product-openserverlinuxsendmailbsd_osinternet_faststartfreebsdhp-uxaixosf_1n/a
CVE-2021-3612
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.8||HIGH
EPSS-0.69% / 48.18%
||
7 Day CHG-0.01%
Published-09 Jul, 2021 | 10:33
Updated-03 Aug, 2024 | 17:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An out-of-bounds memory write flaw was found in the Linux kernel's joystick devices subsystem in versions before 5.9-rc1, in the way the user calls ioctl JSIOCSBTNMAP. This flaw allows a local user to crash the system or possibly escalate their privileges on the system. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.

Action-Not Available
Vendor-n/aFedora ProjectRed Hat, Inc.Linux Kernel Organization, IncNetApp, Inc.Debian GNU/LinuxOracle Corporation
Product-h300eh500scloud_backupenterprise_linuxh300s_firmwareh410c_firmwarecommunications_cloud_native_core_network_exposure_functionh410sh300scommunications_cloud_native_core_policysolidfire_baseboard_management_controllerh300e_firmwaredebian_linuxlinux_kernelh500eh410s_firmwarefedorah500s_firmwareh500e_firmwareh700s_firmwarecommunications_cloud_native_core_binding_support_functionh700eh410ch700e_firmwaresolidfire_baseboard_management_controller_firmwareh700skernel
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-3472
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.8||HIGH
EPSS-1.05% / 60.10%
||
7 Day CHG~0.00%
Published-26 Apr, 2021 | 14:29
Updated-03 Aug, 2024 | 16:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A flaw was found in xorg-x11-server in versions before 1.20.11. An integer underflow can occur in xserver which can lead to a local privilege escalation. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

Action-Not Available
Vendor-n/aDebian GNU/LinuxFedora ProjectX.Org FoundationRed Hat, Inc.
Product-enterprise_linuxdebian_linuxfedorax_serverxorg-x11-server
CWE ID-CWE-191
Integer Underflow (Wrap or Wraparound)
CVE-2017-1000253
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-10.70% / 95.27%
||
7 Day CHG~0.00%
Published-04 Oct, 2017 | 01:00
Updated-21 Apr, 2026 | 18:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2024-09-30||Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Linux distributions that have not patched their long-term kernels with https://git.kernel.org/linus/a87938b2e246b81b4fb713edb371a9fa3c5c3c86 (committed on April 14, 2015). This kernel vulnerability was fixed in April 2015 by commit a87938b2e246b81b4fb713edb371a9fa3c5c3c86 (backported to Linux 3.10.77 in May 2015), but it was not recognized as a security threat. With CONFIG_ARCH_BINFMT_ELF_RANDOMIZE_PIE enabled, and a normal top-down address allocation strategy, load_elf_binary() will attempt to map a PIE binary into an address range immediately below mm->mmap_base. Unfortunately, load_elf_ binary() does not take account of the need to allocate sufficient space for the entire binary which means that, while the first PT_LOAD segment is mapped below mm->mmap_base, the subsequent PT_LOAD segment(s) end up being mapped above mm->mmap_base into the are that is supposed to be the "gap" between the stack and the binary.

Action-Not Available
Vendor-centosn/acentosRed Hat, Inc.Linux Kernel Organization, Inc
Product-centoslinux_kernelenterprise_linuxn/alinux_kernelcentosenterprise_linuxKernel
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2017-1000366
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-2.73% / 84.31%
||
7 Day CHG~0.00%
Published-19 Jun, 2017 | 16:00
Updated-13 May, 2026 | 00:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

glibc contains a vulnerability that allows specially crafted LD_LIBRARY_PATH values to manipulate the heap/stack, causing them to alias, potentially resulting in arbitrary code execution. Please note that additional hardening changes have been made to glibc to prevent manipulation of stack and heap memory but these issues are not directly exploitable, as such they have not been given a CVE. This affects glibc 2.25 and earlier.

Action-Not Available
Vendor-n/aopenSUSEGNUOpenStackSUSENovellMcAfee, LLCRed Hat, Inc.Debian GNU/Linux
Product-debian_linuxcloud_magnum_orchestrationsuse_linux_enterprise_point_of_saleenterprise_linux_server_tusenterprise_linux_desktopweb_gatewaylinux_enterprise_serverenterprise_linux_server_eusenterprise_linux_server_long_lifeenterprise_linux_server_auslinux_enterprise_software_development_kitenterprise_linux_serverenterprise_linux_workstationsuse_linux_enterprise_serverglibclinux_enterprise_server_for_raspberry_pileaplinux_enterprise_for_sapsuse_linux_enterprise_desktopenterprise_linuxn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2017-1000111
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.37% / 29.35%
||
7 Day CHG~0.00%
Published-04 Oct, 2017 | 01:00
Updated-13 May, 2026 | 00:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Linux kernel: heap out-of-bounds in AF_PACKET sockets. This new issue is analogous to previously disclosed CVE-2016-8655. In both cases, a socket option that changes socket state may race with safety checks in packet_set_ring. Previously with PACKET_VERSION. This time with PACKET_RESERVE. The solution is similar: lock the socket for the update. This issue may be exploitable, we did not investigate further. As this issue affects PF_PACKET sockets, it requires CAP_NET_RAW in the process namespace. But note that with user namespaces enabled, any process can create a namespace in which it has CAP_NET_RAW.

Action-Not Available
Vendor-n/aRed Hat, Inc.Debian GNU/LinuxLinux Kernel Organization, Inc
Product-debian_linuxenterprise_linux_serverenterprise_linux_workstationenterprise_linux_server_tusenterprise_linux_desktopenterprise_linux_server_eusenterprise_linux_server_auslinux_kernelenterprise_linuxn/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2016-5425
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.8||HIGH
EPSS-3.78% / 88.65%
||
7 Day CHG~0.00%
Published-13 Oct, 2016 | 14:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Tomcat package on Red Hat Enterprise Linux (RHEL) 7, Fedora, CentOS, Oracle Linux, and possibly other Linux distributions uses weak permissions for /usr/lib/tmpfiles.d/tomcat.conf, which allows local users to gain root privileges by leveraging membership in the tomcat group.

Action-Not Available
Vendor-n/aThe Apache Software FoundationRed Hat, Inc.Oracle Corporation
Product-instantis_enterprisetrackenterprise_linux_serverenterprise_linux_workstationtomcatenterprise_linux_server_tusenterprise_linux_desktopenterprise_linux_server_euslinuxenterprise_linux_server_ausn/a
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2016-8657
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.8||HIGH
EPSS-0.42% / 34.06%
||
7 Day CHG~0.00%
Published-31 Jul, 2018 | 19:00
Updated-06 Aug, 2024 | 02:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

It was discovered that EAP packages in certain versions of Red Hat Enterprise Linux use incorrect permissions for /etc/sysconfig/jbossas configuration files. The file is writable to jboss group (root:jboss, 664). On systems using classic /etc/init.d init scripts (i.e. on Red Hat Enterprise Linux 6 and earlier), the file is sourced by the jboss init script and its content executed with root privileges when jboss service is started, stopped, or restarted.

Action-Not Available
Vendor-n/aRed Hat, Inc.
Product-jboss_enterprise_application_platformenterprise_linuxn/a
CWE ID-CWE-264
Not Available
CVE-2016-7545
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-0.38% / 30.15%
||
7 Day CHG~0.00%
Published-19 Jan, 2017 | 20:00
Updated-13 May, 2026 | 00:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

SELinux policycoreutils allows local users to execute arbitrary commands outside of the sandbox via a crafted TIOCSTI ioctl call.

Action-Not Available
Vendor-selinux_projectn/aFedora ProjectRed Hat, Inc.
Product-enterprise_linux_workstationenterprise_linux_serverselinuxenterprise_linux_server_tusenterprise_linux_desktopenterprise_linux_hpc_nodefedoran/a
CWE ID-CWE-284
Improper Access Control
CVE-2016-6325
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.8||HIGH
EPSS-0.69% / 48.37%
||
7 Day CHG~0.00%
Published-13 Oct, 2016 | 14:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Tomcat package on Red Hat Enterprise Linux (RHEL) 5 through 7, JBoss Web Server 3.0, and JBoss EWS 2 uses weak permissions for (1) /etc/sysconfig/tomcat and (2) /etc/tomcat/tomcat.conf, which allows local users to gain privileges by leveraging membership in the tomcat group.

Action-Not Available
Vendor-n/aThe Apache Software FoundationRed Hat, Inc.
Product-enterprise_linux_serverenterprise_linux_workstationtomcatenterprise_linux_desktopjboss_enterprise_web_serverenterprise_linux_hpc_node_eusenterprise_linux_server_eusjboss_web_serverenterprise_linux_hpc_nodeenterprise_linux_server_ausenterprise_linuxn/a
CVE-2016-6322
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-8.4||HIGH
EPSS-0.39% / 31.08%
||
7 Day CHG~0.00%
Published-22 Sep, 2016 | 15:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Red Hat QuickStart Cloud Installer (QCI) uses world-readable permissions for /etc/qci/answers, which allows local users to obtain the root password for the deployed system by reading the file.

Action-Not Available
Vendor-n/aRed Hat, Inc.
Product-quickstart_cloud_installerenterprise_linuxn/a
CVE-2016-7035
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-8.8||HIGH
EPSS-0.40% / 31.48%
||
7 Day CHG~0.00%
Published-10 Sep, 2018 | 16:00
Updated-06 Aug, 2024 | 01:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An authorization flaw was found in Pacemaker before 1.1.16, where it did not properly guard its IPC interface. An attacker with an unprivileged account on a Pacemaker node could use this flaw to, for example, force the Local Resource Manager daemon to execute a script as root and thereby gain root access on the machine.

Action-Not Available
Vendor-clusterlabsClusterLabsRed Hat, Inc.
Product-enterprise_linux_serverpacemakerenterprise_linux_server_euspacemaker
CWE ID-CWE-285
Improper Authorization
CVE-2016-5195
Matching Score-8
Assigner-Chrome
ShareView Details
Matching Score-8
Assigner-Chrome
CVSS Score-7||HIGH
EPSS-83.52% / 99.65%
||
7 Day CHG~0.00%
Published-10 Nov, 2016 | 21:00
Updated-21 Apr, 2026 | 17:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2022-03-24||Apply updates per vendor instructions.

Race condition in mm/gup.c in the Linux kernel 2.x through 4.x before 4.8.3 allows local users to gain privileges by leveraging incorrect handling of a copy-on-write (COW) feature to write to a read-only memory mapping, as exploited in the wild in October 2016, aka "Dirty COW."

Action-Not Available
Vendor-n/aPalo Alto Networks, Inc.NetApp, Inc.Red Hat, Inc.Debian GNU/LinuxCanonical Ltd.Fedora ProjectLinux Kernel Organization, Inc
Product-enterprise_linux_eusdebian_linuxubuntu_linuxontap_select_deploy_administration_utilityoncommand_performance_managerenterprise_linux_tusoncommand_balancefedorasnapprotectlinux_kernelenterprise_linux_ausoncommand_unified_manager_for_clustered_data_ontappan-ossolidfirehci_storage_nodescloud_backupenterprise_linux_long_lifeenterprise_linuxn/aKernel
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVE-2016-4805
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.48% / 37.96%
||
7 Day CHG~0.00%
Published-23 May, 2016 | 10:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use-after-free vulnerability in drivers/net/ppp/ppp_generic.c in the Linux kernel before 4.5.2 allows local users to cause a denial of service (memory corruption and system crash, or spinlock) or possibly have unspecified other impact by removing a network namespace, related to the ppp_register_net_channel and ppp_unregister_channel functions.

Action-Not Available
Vendor-n/aCanonical Ltd.Oracle CorporationLinux Kernel Organization, IncNovellRed Hat, Inc.
Product-suse_linux_enterprise_software_development_kitubuntu_linuxsuse_linux_enterprise_real_time_extensionsuse_linux_enterprise_serversuse_linux_enterprise_live_patchingsuse_linux_enterprise_module_for_public_cloudlinuxsuse_linux_enterprise_workstation_extensionopensuse_leapsuse_linux_enterprise_desktoplinux_kernelenterprise_linuxn/a
CWE ID-CWE-416
Use After Free
CVE-2016-3710
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-8.8||HIGH
EPSS-0.92% / 55.79%
||
7 Day CHG-0.01%
Published-11 May, 2016 | 21:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The VGA module in QEMU improperly performs bounds checking on banked access to video memory, which allows local guest OS administrators to execute arbitrary code on the host by changing access modes after setting the bank register, aka the "Dark Portal" issue.

Action-Not Available
Vendor-n/aCanonical Ltd.QEMUOracle CorporationCitrix (Cloud Software Group, Inc.)Red Hat, Inc.HP Inc.Debian GNU/Linux
Product-debian_linuxubuntu_linuxvm_serverenterprise_linux_serverqemuhelion_openstackenterprise_linux_workstationenterprise_linux_server_tusenterprise_linux_desktopenterprise_linux_server_euslinuxenterprise_linux_server_ausopenstackxenservervirtualizationn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2016-3096
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.8||HIGH
EPSS-0.47% / 37.15%
||
7 Day CHG~0.00%
Published-03 Jun, 2016 | 14:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The create_script function in the lxc_container module in Ansible before 1.9.6-1 and 2.x before 2.0.2.0 allows local users to write to arbitrary files or gain privileges via a symlink attack on (1) /opt/.lxc-attach-script, (2) the archived container in the archive_path directory, or the (3) lxc-attach-script.log or (4) lxc-attach-script.err files in the temporary directory.

Action-Not Available
Vendor-n/aFedora ProjectRed Hat, Inc.
Product-ansiblefedoran/a
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2016-10730
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.56% / 42.39%
||
7 Day CHG~0.00%
Published-24 Oct, 2018 | 21:00
Updated-06 Aug, 2024 | 03:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in Amanda 3.3.1. A user with backup privileges can trivially compromise a client installation. Amstar is an Amanda Application API script. It should not be run by users directly. It uses star to backup and restore data. It runs binaries with root permissions when parsing the command line argument --star-path.

Action-Not Available
Vendor-zmandan/aRed Hat, Inc.
Product-amandaenterprise_linuxn/a
CWE ID-CWE-264
Not Available
CVE-2016-10729
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-1.19% / 64.11%
||
7 Day CHG~0.00%
Published-24 Oct, 2018 | 21:00
Updated-06 Aug, 2024 | 03:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in Amanda 3.3.1. A user with backup privileges can trivially compromise a client installation. The "runtar" setuid root binary does not check for additional arguments supplied after --create, allowing users to manipulate commands and perform command injection as root.

Action-Not Available
Vendor-zmandan/aDebian GNU/LinuxRed Hat, Inc.
Product-amandadebian_linuxenterprise_linuxn/a
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2016-0546
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-7.2||HIGH
EPSS-0.57% / 42.88%
||
7 Day CHG~0.00%
Published-21 Jan, 2016 | 02:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier, 5.6.27 and earlier, and 5.7.9 and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Client. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that these are multiple buffer overflows in the mysqlshow tool that allow remote database servers to have unspecified impact via a long table or database name.

Action-Not Available
Vendor-n/aCanonical Ltd.MariaDB FoundationopenSUSEOracle CorporationRed Hat, Inc.Debian GNU/Linux
Product-debian_linuxubuntu_linuxmariadbenterprise_linux_desktopenterprise_linux_server_eusenterprise_linux_server_ausenterprise_linuxenterprise_linux_hpc_node_eusenterprise_linux_serverenterprise_linux_workstationmysqlleapsolarislinuxenterprise_linux_hpc_nodeopensusen/a
CVE-2021-3543
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.30% / 21.85%
||
7 Day CHG~0.00%
Published-01 Jun, 2021 | 13:20
Updated-03 Aug, 2024 | 17:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A flaw null pointer dereference in the Nitro Enclaves kernel driver was found in the way that Enclaves VMs forces closures on the enclave file descriptor. A local user of a host machine could use this flaw to crash the system or escalate their privileges on the system.

Action-Not Available
Vendor-nitro_enclaves_projectn/aRed Hat, Inc.Fedora Project
Product-nitro_enclavesenterprise_linuxfedorakernel
CWE ID-CWE-416
Use After Free
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2015-6240
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.44% / 35.55%
||
7 Day CHG~0.00%
Published-07 Jun, 2017 | 20:00
Updated-13 May, 2026 | 00:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The chroot, jail, and zone connection plugins in ansible before 1.9.2 allow local users to escape a restricted environment via a symlink attack.

Action-Not Available
Vendor-n/aRed Hat, Inc.
Product-ansiblen/a
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2015-4819
Matching Score-8
Assigner-Oracle
ShareView Details
Matching Score-8
Assigner-Oracle
CVSS Score-7.2||HIGH
EPSS-0.45% / 36.05%
||
7 Day CHG~0.00%
Published-21 Oct, 2015 | 21:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Oracle MySQL Server 5.5.44 and earlier, and 5.6.25 and earlier, allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Client programs.

Action-Not Available
Vendor-n/aCanonical Ltd.MariaDB FoundationOracle CorporationRed Hat, Inc.Debian GNU/LinuxFedora Project
Product-debian_linuxubuntu_linuxenterprise_linux_serverenterprise_linux_workstationmariadbmysqlenterprise_linux_desktopsolarisenterprise_linux_server_euslinuxfedoraenterprise_linux_hpc_nodeenterprise_linux_server_ausenterprise_linux_hpc_node_eusn/a
CVE-2015-5277
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.2||HIGH
EPSS-0.59% / 43.80%
||
7 Day CHG~0.00%
Published-17 Dec, 2015 | 19:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The get_contents function in nss_files/files-XXX.c in the Name Service Switch (NSS) in GNU C Library (aka glibc or libc6) before 2.20 might allow local users to cause a denial of service (heap corruption) or gain privileges via a long line in the NSS files database.

Action-Not Available
Vendor-n/aCanonical Ltd.Red Hat, Inc.GNU
Product-ubuntu_linuxenterprise_linux_serverenterprise_linux_workstationglibcenterprise_linux_desktopenterprise_linux_hpc_noden/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2015-5157
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.2||HIGH
EPSS-0.62% / 45.55%
||
7 Day CHG~0.00%
Published-31 Aug, 2015 | 10:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

arch/x86/entry/entry_64.S in the Linux kernel before 4.1.6 on the x86_64 platform mishandles IRET faults in processing NMIs that occurred during userspace execution, which might allow local users to gain privileges by triggering an NMI.

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncRed Hat, Inc.
Product-enterprise_linux_serverenterprise_linux_workstationenterprise_linux_desktopenterprise_linux_server_eusenterprise_linux_hpc_nodelinux_kerneln/a
CVE-2015-5260
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.8||HIGH
EPSS-0.57% / 43.24%
||
7 Day CHG~0.00%
Published-07 Jun, 2016 | 14:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap-based buffer overflow in SPICE before 0.12.6 allows guest OS users to cause a denial of service (heap-based memory corruption and QEMU-KVM crash) or possibly execute arbitrary code on the host via QXL commands related to the surface_id parameter.

Action-Not Available
Vendor-spice_projectn/aCanonical Ltd.Red Hat, Inc.Debian GNU/Linux
Product-debian_linuxubuntu_linuxspiceenterprise_linux_workstationenterprise_linux_serverenterprise_linux_desktopenterprise_linux_server_eusenterprise_linux_hpc_nodeenterprise_linux_hpc_node_eusn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2015-5225
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.2||HIGH
EPSS-0.53% / 41.07%
||
7 Day CHG~0.00%
Published-06 Nov, 2015 | 21:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in the vnc_refresh_server_surface function in the VNC display driver in QEMU before 2.4.0.1 allows guest users to cause a denial of service (heap memory corruption and process crash) or possibly execute arbitrary code on the host via unspecified vectors, related to refreshing the server display surface.

Action-Not Available
Vendor-n/aRed Hat, Inc.QEMUFedora Project
Product-openstackqemufedoran/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2014-9322
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-1.50% / 71.23%
||
7 Day CHG~0.00%
Published-17 Dec, 2014 | 11:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

arch/x86/kernel/entry_64.S in the Linux kernel before 3.17.5 does not properly handle faults associated with the Stack Segment (SS) segment register, which allows local users to gain privileges by triggering an IRET instruction that leads to access to a GS Base address from the wrong space.

Action-Not Available
Vendor-n/aCanonical Ltd.openSUSEGoogle LLCLinux Kernel Organization, IncSUSERed Hat, Inc.
Product-evergreenubuntu_linuxsuse_linux_enterprise_serverenterprise_linux_eusandroidlinux_kerneln/a
CWE ID-CWE-269
Improper Privilege Management
CVE-2015-3151
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.8||HIGH
EPSS-0.56% / 42.48%
||
7 Day CHG~0.00%
Published-14 Jan, 2020 | 17:47
Updated-06 Aug, 2024 | 05:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Directory traversal vulnerability in abrt-dbus in Automatic Bug Reporting Tool (ABRT) allows local users to read, write to, or change ownership of arbitrary files via unspecified vectors to the (1) NewProblem, (2) GetInfo, (3) SetElement, or (4) DeleteElement method.

Action-Not Available
Vendor-Red Hat, Inc.ABRT
Product-automatic_bug_reporting_toolABRT
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2015-3246
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.2||HIGH
EPSS-6.85% / 93.26%
||
7 Day CHG~0.00%
Published-11 Aug, 2015 | 14:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

libuser before 0.56.13-8 and 0.60 before 0.60-7, as used in the userhelper program in the usermode package, directly modifies /etc/passwd, which allows local users to cause a denial of service (inconsistent file state) by causing an error during the modification. NOTE: this issue can be combined with CVE-2015-3245 to gain privileges.

Action-Not Available
Vendor-n/aRed Hat, Inc.
Product-libusern/a
CVE-1999-0297
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.40% / 31.96%
||
7 Day CHG~0.00%
Published-04 Jan, 2000 | 05:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in Vixie Cron library up to version 3.0 allows local users to obtain root access via a long environmental variable.

Action-Not Available
Vendor-paul_vixiebsdin/aFreeBSD FoundationRed Hat, Inc.NetBSD
Product-linuxbsd_osvixie_cronfreebsdnetbsdn/a
  • Previous
  • 1
  • 2
  • 3
  • 4
  • Next
Details not found