Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2017-8849

Summary
Assigner-mitre
Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At-17 May, 2017 | 14:00
Updated At-05 Aug, 2024 | 16:48
Rejected At-
Credits

smb4k before 2.0.1 allows local users to gain root privileges by leveraging failure to verify arguments to the mount helper DBUS service.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:mitre
Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At:17 May, 2017 | 14:00
Updated At:05 Aug, 2024 | 16:48
Rejected At:
▼CVE Numbering Authority (CNA)

smb4k before 2.0.1 allows local users to gain root privileges by leveraging failure to verify arguments to the mount helper DBUS service.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
https://cgit.kde.org/smb4k.git/commit/?id=a90289b0962663bc1d247bbbd31b9e65b2ca000e
x_refsource_CONFIRM
https://www.exploit-db.com/exploits/42053/
exploit
x_refsource_EXPLOIT-DB
https://bugzilla.redhat.com/show_bug.cgi?id=1449656
x_refsource_CONFIRM
http://www.debian.org/security/2017/dsa-3951
vendor-advisory
x_refsource_DEBIAN
https://security.gentoo.org/glsa/201705-14
vendor-advisory
x_refsource_GENTOO
https://www.kde.org/info/security/advisory-20170510-2.txt
x_refsource_CONFIRM
https://cgit.kde.org/smb4k.git/commit/?id=71554140bdaede27b95dbe4c9b5a028a83c83cce
x_refsource_CONFIRM
http://www.securityfocus.com/bid/98690
vdb-entry
x_refsource_BID
http://www.openwall.com/lists/oss-security/2017/05/10/3
mailing-list
x_refsource_MLIST
http://www.securityfocus.com/bid/98737
vdb-entry
x_refsource_BID
Hyperlink: https://cgit.kde.org/smb4k.git/commit/?id=a90289b0962663bc1d247bbbd31b9e65b2ca000e
Resource:
x_refsource_CONFIRM
Hyperlink: https://www.exploit-db.com/exploits/42053/
Resource:
exploit
x_refsource_EXPLOIT-DB
Hyperlink: https://bugzilla.redhat.com/show_bug.cgi?id=1449656
Resource:
x_refsource_CONFIRM
Hyperlink: http://www.debian.org/security/2017/dsa-3951
Resource:
vendor-advisory
x_refsource_DEBIAN
Hyperlink: https://security.gentoo.org/glsa/201705-14
Resource:
vendor-advisory
x_refsource_GENTOO
Hyperlink: https://www.kde.org/info/security/advisory-20170510-2.txt
Resource:
x_refsource_CONFIRM
Hyperlink: https://cgit.kde.org/smb4k.git/commit/?id=71554140bdaede27b95dbe4c9b5a028a83c83cce
Resource:
x_refsource_CONFIRM
Hyperlink: http://www.securityfocus.com/bid/98690
Resource:
vdb-entry
x_refsource_BID
Hyperlink: http://www.openwall.com/lists/oss-security/2017/05/10/3
Resource:
mailing-list
x_refsource_MLIST
Hyperlink: http://www.securityfocus.com/bid/98737
Resource:
vdb-entry
x_refsource_BID
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
https://cgit.kde.org/smb4k.git/commit/?id=a90289b0962663bc1d247bbbd31b9e65b2ca000e
x_refsource_CONFIRM
x_transferred
https://www.exploit-db.com/exploits/42053/
exploit
x_refsource_EXPLOIT-DB
x_transferred
https://bugzilla.redhat.com/show_bug.cgi?id=1449656
x_refsource_CONFIRM
x_transferred
http://www.debian.org/security/2017/dsa-3951
vendor-advisory
x_refsource_DEBIAN
x_transferred
https://security.gentoo.org/glsa/201705-14
vendor-advisory
x_refsource_GENTOO
x_transferred
https://www.kde.org/info/security/advisory-20170510-2.txt
x_refsource_CONFIRM
x_transferred
https://cgit.kde.org/smb4k.git/commit/?id=71554140bdaede27b95dbe4c9b5a028a83c83cce
x_refsource_CONFIRM
x_transferred
http://www.securityfocus.com/bid/98690
vdb-entry
x_refsource_BID
x_transferred
http://www.openwall.com/lists/oss-security/2017/05/10/3
mailing-list
x_refsource_MLIST
x_transferred
http://www.securityfocus.com/bid/98737
vdb-entry
x_refsource_BID
x_transferred
Hyperlink: https://cgit.kde.org/smb4k.git/commit/?id=a90289b0962663bc1d247bbbd31b9e65b2ca000e
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: https://www.exploit-db.com/exploits/42053/
Resource:
exploit
x_refsource_EXPLOIT-DB
x_transferred
Hyperlink: https://bugzilla.redhat.com/show_bug.cgi?id=1449656
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://www.debian.org/security/2017/dsa-3951
Resource:
vendor-advisory
x_refsource_DEBIAN
x_transferred
Hyperlink: https://security.gentoo.org/glsa/201705-14
Resource:
vendor-advisory
x_refsource_GENTOO
x_transferred
Hyperlink: https://www.kde.org/info/security/advisory-20170510-2.txt
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: https://cgit.kde.org/smb4k.git/commit/?id=71554140bdaede27b95dbe4c9b5a028a83c83cce
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://www.securityfocus.com/bid/98690
Resource:
vdb-entry
x_refsource_BID
x_transferred
Hyperlink: http://www.openwall.com/lists/oss-security/2017/05/10/3
Resource:
mailing-list
x_refsource_MLIST
x_transferred
Hyperlink: http://www.securityfocus.com/bid/98737
Resource:
vdb-entry
x_refsource_BID
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cve@mitre.org
Published At:17 May, 2017 | 14:29
Updated At:13 May, 2026 | 00:24

smb4k before 2.0.1 allows local users to gain root privileges by leveraging failure to verify arguments to the mount helper DBUS service.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.07.8HIGH
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Primary2.07.2HIGH
AV:L/AC:L/Au:N/C:C/I:C/A:C
Type: Primary
Version: 3.0
Base score: 7.8
Base severity: HIGH
Vector:
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Type: Primary
Version: 2.0
Base score: 7.2
Base severity: HIGH
Vector:
AV:L/AC:L/Au:N/C:C/I:C/A:C
CPE Matches

smb4k_project
smb4k_project
>>smb4k>>Versions up to 2.0.0(inclusive)
cpe:2.3:a:smb4k_project:smb4k:*:*:*:*:*:*:*:*
Debian GNU/Linux
debian
>>debian_linux>>8.0
cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-20Primarynvd@nist.gov
CWE ID: CWE-20
Type: Primary
Source: nvd@nist.gov
Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References
HyperlinkSourceResource
http://www.debian.org/security/2017/dsa-3951cve@mitre.org
Third Party Advisory
http://www.openwall.com/lists/oss-security/2017/05/10/3cve@mitre.org
Exploit
Mailing List
Patch
Third Party Advisory
http://www.securityfocus.com/bid/98690cve@mitre.org
Third Party Advisory
VDB Entry
http://www.securityfocus.com/bid/98737cve@mitre.org
Third Party Advisory
VDB Entry
https://bugzilla.redhat.com/show_bug.cgi?id=1449656cve@mitre.org
Issue Tracking
Patch
Third Party Advisory
VDB Entry
https://cgit.kde.org/smb4k.git/commit/?id=71554140bdaede27b95dbe4c9b5a028a83c83ccecve@mitre.org
Patch
Third Party Advisory
https://cgit.kde.org/smb4k.git/commit/?id=a90289b0962663bc1d247bbbd31b9e65b2ca000ecve@mitre.org
Patch
Third Party Advisory
https://security.gentoo.org/glsa/201705-14cve@mitre.org
Third Party Advisory
https://www.exploit-db.com/exploits/42053/cve@mitre.org
Exploit
Third Party Advisory
VDB Entry
https://www.kde.org/info/security/advisory-20170510-2.txtcve@mitre.org
Third Party Advisory
http://www.debian.org/security/2017/dsa-3951af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.openwall.com/lists/oss-security/2017/05/10/3af854a3a-2127-422b-91ae-364da2661108
Exploit
Mailing List
Patch
Third Party Advisory
http://www.securityfocus.com/bid/98690af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
VDB Entry
http://www.securityfocus.com/bid/98737af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
VDB Entry
https://bugzilla.redhat.com/show_bug.cgi?id=1449656af854a3a-2127-422b-91ae-364da2661108
Issue Tracking
Patch
Third Party Advisory
VDB Entry
https://cgit.kde.org/smb4k.git/commit/?id=71554140bdaede27b95dbe4c9b5a028a83c83cceaf854a3a-2127-422b-91ae-364da2661108
Patch
Third Party Advisory
https://cgit.kde.org/smb4k.git/commit/?id=a90289b0962663bc1d247bbbd31b9e65b2ca000eaf854a3a-2127-422b-91ae-364da2661108
Patch
Third Party Advisory
https://security.gentoo.org/glsa/201705-14af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
https://www.exploit-db.com/exploits/42053/af854a3a-2127-422b-91ae-364da2661108
Exploit
Third Party Advisory
VDB Entry
https://www.kde.org/info/security/advisory-20170510-2.txtaf854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Hyperlink: http://www.debian.org/security/2017/dsa-3951
Source: cve@mitre.org
Resource:
Third Party Advisory
Hyperlink: http://www.openwall.com/lists/oss-security/2017/05/10/3
Source: cve@mitre.org
Resource:
Exploit
Mailing List
Patch
Third Party Advisory
Hyperlink: http://www.securityfocus.com/bid/98690
Source: cve@mitre.org
Resource:
Third Party Advisory
VDB Entry
Hyperlink: http://www.securityfocus.com/bid/98737
Source: cve@mitre.org
Resource:
Third Party Advisory
VDB Entry
Hyperlink: https://bugzilla.redhat.com/show_bug.cgi?id=1449656
Source: cve@mitre.org
Resource:
Issue Tracking
Patch
Third Party Advisory
VDB Entry
Hyperlink: https://cgit.kde.org/smb4k.git/commit/?id=71554140bdaede27b95dbe4c9b5a028a83c83cce
Source: cve@mitre.org
Resource:
Patch
Third Party Advisory
Hyperlink: https://cgit.kde.org/smb4k.git/commit/?id=a90289b0962663bc1d247bbbd31b9e65b2ca000e
Source: cve@mitre.org
Resource:
Patch
Third Party Advisory
Hyperlink: https://security.gentoo.org/glsa/201705-14
Source: cve@mitre.org
Resource:
Third Party Advisory
Hyperlink: https://www.exploit-db.com/exploits/42053/
Source: cve@mitre.org
Resource:
Exploit
Third Party Advisory
VDB Entry
Hyperlink: https://www.kde.org/info/security/advisory-20170510-2.txt
Source: cve@mitre.org
Resource:
Third Party Advisory
Hyperlink: http://www.debian.org/security/2017/dsa-3951
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: http://www.openwall.com/lists/oss-security/2017/05/10/3
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Exploit
Mailing List
Patch
Third Party Advisory
Hyperlink: http://www.securityfocus.com/bid/98690
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
VDB Entry
Hyperlink: http://www.securityfocus.com/bid/98737
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
VDB Entry
Hyperlink: https://bugzilla.redhat.com/show_bug.cgi?id=1449656
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Issue Tracking
Patch
Third Party Advisory
VDB Entry
Hyperlink: https://cgit.kde.org/smb4k.git/commit/?id=71554140bdaede27b95dbe4c9b5a028a83c83cce
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Third Party Advisory
Hyperlink: https://cgit.kde.org/smb4k.git/commit/?id=a90289b0962663bc1d247bbbd31b9e65b2ca000e
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Third Party Advisory
Hyperlink: https://security.gentoo.org/glsa/201705-14
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: https://www.exploit-db.com/exploits/42053/
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Exploit
Third Party Advisory
VDB Entry
Hyperlink: https://www.kde.org/info/security/advisory-20170510-2.txt
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory

Change History

0
Information is not available yet

Similar CVEs

1335Records found

CVE-2018-16276
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.44% / 35.29%
||
7 Day CHG~0.00%
Published-31 Aug, 2018 | 16:00
Updated-05 Aug, 2024 | 10:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in yurex_read in drivers/usb/misc/yurex.c in the Linux kernel before 4.17.7. Local attackers could use user access read/writes with incorrect bounds checking in the yurex USB driver to crash the kernel or potentially escalate privileges.

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncDebian GNU/LinuxCanonical Ltd.
Product-ubuntu_linuxdebian_linuxlinux_kerneln/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2018-17182
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-3.21% / 86.60%
||
7 Day CHG~0.00%
Published-19 Sep, 2018 | 09:00
Updated-05 Aug, 2024 | 10:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in the Linux kernel through 4.18.8. The vmacache_flush_all function in mm/vmacache.c mishandles sequence number overflows. An attacker can trigger a use-after-free (and possibly gain privileges) via certain thread creation, map, unmap, invalidation, and dereference operations.

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncNetApp, Inc.Debian GNU/LinuxCanonical Ltd.
Product-ubuntu_linuxdebian_linuxlinux_kernelactive_iq_performance_analytics_serviceselement_softwaren/a
CWE ID-CWE-416
Use After Free
CVE-2018-16741
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-1.32% / 67.43%
||
7 Day CHG~0.00%
Published-13 Sep, 2018 | 16:00
Updated-05 Aug, 2024 | 10:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in mgetty before 1.2.1. In fax/faxq-helper.c, the function do_activate() does not properly sanitize shell metacharacters to prevent command injection. It is possible to use the ||, &&, or > characters within a file created by the "faxq-helper activate <jobid>" command.

Action-Not Available
Vendor-mgetty_projectn/aDebian GNU/Linux
Product-debian_linuxmgettyn/a
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2018-16837
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.8||HIGH
EPSS-0.35% / 27.41%
||
7 Day CHG~0.00%
Published-23 Oct, 2018 | 15:00
Updated-05 Aug, 2024 | 10:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Ansible "User" module leaks any data which is passed on as a parameter to ssh-keygen. This could lean in undesirable situations such as passphrases credentials passed as a parameter for the ssh-keygen executable. Showing those credentials in clear text form for every user which have access just to the process list.

Action-Not Available
Vendor-[UNKNOWN]Red Hat, Inc.Debian GNU/LinuxSUSE
Product-debian_linuxlinux_enterprisepackage_hubansible_engineansible_towerAnsible
CWE ID-CWE-214
Invocation of Process Using Visible Sensitive Information
CWE ID-CWE-311
Missing Encryption of Sensitive Data
CVE-2022-0729
Matching Score-8
Assigner-Protect AI (formerly huntr.dev)
ShareView Details
Matching Score-8
Assigner-Protect AI (formerly huntr.dev)
CVSS Score-7.8||HIGH
EPSS-1.62% / 73.17%
||
7 Day CHG~0.00%
Published-23 Feb, 2022 | 00:00
Updated-02 Aug, 2024 | 23:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Use of Out-of-range Pointer Offset in vim/vim

Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2.4440.

Action-Not Available
Vendor-VimFedora ProjectDebian GNU/LinuxApple Inc.
Product-vimdebian_linuxmacosfedoravim/vim
CWE ID-CWE-823
Use of Out-of-range Pointer Offset
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2005-0102
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-3.18% / 86.50%
||
7 Day CHG~0.00%
Published-29 Jan, 2005 | 05:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Integer overflow in camel-lock-helper in Evolution 2.0.2 and earlier allows local users or remote malicious POP3 servers to execute arbitrary code via a length value of -1, which leads to a zero byte memory allocation and a buffer overflow.

Action-Not Available
Vendor-n/aDebian GNU/LinuxThe GNOME Project
Product-debian_linuxevolutionn/a
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2005-0076
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.45% / 35.94%
||
7 Day CHG~0.00%
Published-10 Feb, 2005 | 05:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple buffer overflows in the XView library 3.2 may allow local users to execute arbitrary code via setuid applications that use the library.

Action-Not Available
Vendor-n/aDebian GNU/Linux
Product-debian_linuxn/a
CVE-2018-11506
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.39% / 30.51%
||
7 Day CHG~0.00%
Published-28 May, 2018 | 04:00
Updated-05 Aug, 2024 | 08:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The sr_do_ioctl function in drivers/scsi/sr_ioctl.c in the Linux kernel through 4.16.12 allows local users to cause a denial of service (stack-based buffer overflow) or possibly have unspecified other impact because sense buffers have different sizes at the CDROM layer and the SCSI layer, as demonstrated by a CDROMREADMODE2 ioctl call.

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncDebian GNU/LinuxCanonical Ltd.
Product-ubuntu_linuxdebian_linuxlinux_kerneln/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2004-2768
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.41% / 32.97%
||
7 Day CHG~0.00%
Published-08 Jun, 2010 | 18:00
Updated-29 Apr, 2026 | 01:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

dpkg 1.9.21 does not properly reset the metadata of a file during replacement of the file in a package upgrade, which might allow local users to gain privileges by creating a hard link to a vulnerable (1) setuid file, (2) setgid file, or (3) device, a related issue to CVE-2010-2059.

Action-Not Available
Vendor-n/aDebian GNU/Linux
Product-dpkgn/a
CVE-2004-1076
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.65% / 46.75%
||
7 Day CHG~0.00%
Published-08 Dec, 2004 | 05:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple buffer overflows in the RtConfigLoad function in rt-config.c for Atari800 before 1.3.4 allow local users to execute arbitrary code via large values in the configuration file.

Action-Not Available
Vendor-atari800n/aDebian GNU/Linux
Product-debian_linuxatari800n/a
CVE-2018-14665
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-6.6||MEDIUM
EPSS-27.04% / 97.80%
||
7 Day CHG~0.00%
Published-25 Oct, 2018 | 20:00
Updated-29 Aug, 2025 | 13:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A flaw was found in xorg-x11-server before 1.20.3. An incorrect permission check for -modulepath and -logfile options when starting Xorg. X server allows unprivileged users with the ability to log in to the system via physical console to escalate their privileges and run arbitrary code under root privileges.

Action-Not Available
Vendor-n/aDebian GNU/LinuxRed Hat, Inc.X.Org FoundationCanonical Ltd.
Product-debian_linuxenterprise_linux_desktopenterprise_linux_server_ausx_serverenterprise_linux_serverubuntu_linuxenterprise_linux_workstationenterprise_linux_server_eusenterprise_linux_server_tusn/a
CWE ID-CWE-863
Incorrect Authorization
CVE-2018-14678
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.41% / 32.84%
||
7 Day CHG~0.00%
Published-28 Jul, 2018 | 18:00
Updated-05 Aug, 2024 | 09:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in the Linux kernel through 4.17.11, as used in Xen through 4.11.x. The xen_failsafe_callback entry point in arch/x86/entry/entry_64.S does not properly maintain RBX, which allows local users to cause a denial of service (uninitialized memory usage and system crash). Within Xen, 64-bit x86 PV Linux guest OS users can trigger a guest OS crash or possibly gain privileges.

Action-Not Available
Vendor-n/aXen ProjectLinux Kernel Organization, IncDebian GNU/LinuxCanonical Ltd.
Product-ubuntu_linuxxendebian_linuxlinux_kerneln/a
CWE ID-CWE-665
Improper Initialization
CVE-2004-0579
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.43% / 34.47%
||
7 Day CHG~0.00%
Published-23 Jun, 2004 | 04:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Format string vulnerability in super before 3.23 allows local users to execute arbitrary code as root.

Action-Not Available
Vendor-william_deichn/aDebian GNU/Linux
Product-debian_linuxsupern/a
CVE-2018-14734
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.57% / 42.83%
||
7 Day CHG~0.00%
Published-29 Jul, 2018 | 16:00
Updated-05 Aug, 2024 | 09:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

drivers/infiniband/core/ucma.c in the Linux kernel through 4.17.11 allows ucma_leave_multicast to access a certain data structure after a cleanup step in ucma_process_join, which allows attackers to cause a denial of service (use-after-free).

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncDebian GNU/LinuxCanonical Ltd.
Product-ubuntu_linuxdebian_linuxlinux_kerneln/a
CWE ID-CWE-416
Use After Free
CVE-2004-0455
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.52% / 40.18%
||
7 Day CHG~0.00%
Published-30 Jun, 2004 | 04:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in cgi.c in www-sql before 0.5.7 allows local users to execute arbitrary code via a web page that is processed by www-sql.

Action-Not Available
Vendor-www-sql_projectn/aDebian GNU/Linux
Product-debian_linuxwww-sqln/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-4197
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.8||HIGH
EPSS-0.54% / 41.48%
||
7 Day CHG~0.00%
Published-23 Mar, 2022 | 19:46
Updated-03 Aug, 2024 | 17:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An unprivileged write to the file handler flaw in the Linux kernel's control groups and namespaces subsystem was found in the way users have access to some less privileged process that are controlled by cgroups and have higher privileged parent process. It is actually both for cgroup2 and cgroup1 versions of control groups. A local user could use this flaw to crash the system or escalate their privileges on the system.

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncBroadcom Inc.NetApp, Inc.Debian GNU/LinuxOracle Corporation
Product-debian_linuxlinux_kernelh500sh410s_firmwareh700s_firmwareh300s_firmwareh500s_firmwareh410c_firmwarecommunications_cloud_native_core_binding_support_functionh410sh410ch300sh700sbrocade_fabric_operating_system_firmwarekernel
CWE ID-CWE-287
Improper Authentication
CVE-2003-0308
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.40% / 31.79%
||
7 Day CHG~0.00%
Published-17 May, 2003 | 04:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Sendmail 8.12.3 package in Debian GNU/Linux 3.0 does not securely create temporary files, which could allow local users to gain additional privileges via (1) expn, (2) checksendmail, or (3) doublebounce.pl.

Action-Not Available
Vendor-sendmailn/aDebian GNU/Linux
Product-sendmaildebian_linuxn/a
CVE-2021-4011
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.8||HIGH
EPSS-0.56% / 42.79%
||
7 Day CHG~0.00%
Published-17 Dec, 2021 | 00:00
Updated-03 Aug, 2024 | 17:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A flaw was found in xorg-x11-server in versions before 21.1.2 and before 1.20.14. An out-of-bounds access can occur in the SwapCreateRegister function. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

Action-Not Available
Vendor-n/aDebian GNU/LinuxFedora ProjectX.Org Foundation
Product-debian_linuxfedorax_serverxorg-x11-server
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2021-4009
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.8||HIGH
EPSS-0.57% / 43.05%
||
7 Day CHG~0.00%
Published-17 Dec, 2021 | 00:00
Updated-03 Aug, 2024 | 17:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A flaw was found in xorg-x11-server in versions before 21.1.2 and before 1.20.14. An out-of-bounds access can occur in the SProcXFixesCreatePointerBarrier function. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

Action-Not Available
Vendor-n/aDebian GNU/LinuxFedora ProjectX.Org Foundation
Product-debian_linuxfedorax_serverxorg-x11-server
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2018-13406
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.53% / 40.97%
||
7 Day CHG~0.00%
Published-06 Jul, 2018 | 14:00
Updated-05 Aug, 2024 | 09:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An integer overflow in the uvesafb_setcmap function in drivers/video/fbdev/uvesafb.c in the Linux kernel before 4.17.4 could result in local attackers being able to crash the kernel or potentially elevate privileges because kmalloc_array is not used.

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncDebian GNU/LinuxCanonical Ltd.
Product-ubuntu_linuxdebian_linuxlinux_kerneln/a
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2021-41103
Matching Score-8
Assigner-GitHub, Inc.
ShareView Details
Matching Score-8
Assigner-GitHub, Inc.
CVSS Score-5.9||MEDIUM
EPSS-0.48% / 38.08%
||
7 Day CHG~0.00%
Published-04 Oct, 2021 | 00:00
Updated-04 Aug, 2024 | 02:59
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Insufficiently restricted permissions on plugin directories

containerd is an open source container runtime with an emphasis on simplicity, robustness and portability. A bug was found in containerd where container root directories and some plugins had insufficiently restricted permissions, allowing otherwise unprivileged Linux users to traverse directory contents and execute programs. When containers included executable programs with extended permission bits (such as setuid), unprivileged Linux users could discover and execute those programs. When the UID of an unprivileged Linux user on the host collided with the file owner or group inside a container, the unprivileged Linux user on the host could discover, read, and modify those files. This vulnerability has been fixed in containerd 1.4.11 and containerd 1.5.7. Users should update to these version when they are released and may restart containers or update directory permissions to mitigate the vulnerability. Users unable to update should limit access to the host to trusted users. Update directory permission on container bundles directories.

Action-Not Available
Vendor-containerdDebian GNU/LinuxFedora ProjectThe Linux Foundation
Product-containerddebian_linuxfedoracontainerd
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2021-42771
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.72% / 49.25%
||
7 Day CHG~0.00%
Published-20 Oct, 2021 | 20:05
Updated-04 Aug, 2024 | 03:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Babel.Locale in Babel before 2.9.1 allows attackers to load arbitrary locale .dat files (containing serialized Python objects) via directory traversal, leading to code execution.

Action-Not Available
Vendor-pocoon/aDebian GNU/Linux
Product-babeldebian_linuxn/a
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVE-2021-41073
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-1.69% / 74.30%
||
7 Day CHG~0.00%
Published-19 Sep, 2021 | 16:02
Updated-04 Aug, 2024 | 02:59
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

loop_rw_iter in fs/io_uring.c in the Linux kernel 5.10 through 5.14.6 allows local users to gain privileges by using IORING_OP_PROVIDE_BUFFERS to trigger a free of a kernel buffer, as demonstrated by using /proc/<pid>/maps for exploitation.

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncNetApp, Inc.Fedora ProjectDebian GNU/Linux
Product-h300eh500scloud_backuph410c_firmwareh300s_firmwareh410sh300ssolidfire_baseboard_management_controllerh300e_firmwaredebian_linuxlinux_kernelh500eh410s_firmwarefedorah500s_firmwareh500e_firmwareh700s_firmwareh700eh410ch700e_firmwareh700sn/a
CWE ID-CWE-763
Release of Invalid Pointer or Reference
CVE-2021-4010
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.8||HIGH
EPSS-0.57% / 43.05%
||
7 Day CHG~0.00%
Published-17 Dec, 2021 | 00:00
Updated-03 Aug, 2024 | 17:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A flaw was found in xorg-x11-server in versions before 21.1.2 and before 1.20.14. An out-of-bounds access can occur in the SProcScreenSaverSuspend function. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

Action-Not Available
Vendor-n/aDebian GNU/LinuxFedora ProjectX.Org Foundation
Product-debian_linuxfedorax_serverxorg-x11-server
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2021-3760
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.8||HIGH
EPSS-0.35% / 27.45%
||
7 Day CHG~0.00%
Published-16 Feb, 2022 | 18:35
Updated-03 Aug, 2024 | 17:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A flaw was found in the Linux kernel. A use-after-free vulnerability in the NFC stack can lead to a threat to confidentiality, integrity, and system availability.

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncNetApp, Inc.Fedora ProjectDebian GNU/Linux
Product-h300eh500sh300s_firmwareh410c_firmwareh410sh300sh300e_firmwaredebian_linuxlinux_kernelh500eh410s_firmwarefedorah500s_firmwareh500e_firmwareh700s_firmwareh700eh410ch700e_firmwareh700skernel
CWE ID-CWE-416
Use After Free
CVE-2018-11806
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-8.2||HIGH
EPSS-0.82% / 52.86%
||
7 Day CHG~0.00%
Published-13 Jun, 2018 | 16:00
Updated-05 Aug, 2024 | 08:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

m_cat in slirp/mbuf.c in Qemu has a heap-based buffer overflow via incoming fragmented datagrams.

Action-Not Available
Vendor-n/aQEMUCanonical Ltd.Debian GNU/LinuxRed Hat, Inc.
Product-enterprise_linux_serverubuntu_linuxvirtualizationdebian_linuxenterprise_linux_server_ausenterprise_linux_workstationqemuopenstackenterprise_linuxenterprise_linux_eusenterprise_linux_server_tusenterprise_linux_desktopn/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2018-12379
Matching Score-8
Assigner-Mozilla Corporation
ShareView Details
Matching Score-8
Assigner-Mozilla Corporation
CVSS Score-7.8||HIGH
EPSS-0.39% / 31.25%
||
7 Day CHG~0.00%
Published-18 Oct, 2018 | 13:00
Updated-25 Nov, 2025 | 17:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

When the Mozilla Updater opens a MAR format file which contains a very long item filename, an out-of-bounds write can be triggered, leading to a potentially exploitable crash. This requires running the Mozilla Updater manually on the local system with the malicious MAR file in order to occur. This vulnerability affects Firefox < 62, Firefox ESR < 60.2, and Thunderbird < 60.2.1.

Action-Not Available
Vendor-Mozilla CorporationDebian GNU/LinuxRed Hat, Inc.
Product-thunderbirdenterprise_linux_server_tusfirefoxenterprise_linux_desktopenterprise_linux_server_eusenterprise_linux_serverdebian_linuxenterprise_linux_workstationenterprise_linux_server_ausFirefoxFirefox ESRThunderbird
CWE ID-CWE-787
Out-of-bounds Write
CVE-2018-11805
Matching Score-8
Assigner-Apache Software Foundation
ShareView Details
Matching Score-8
Assigner-Apache Software Foundation
CVSS Score-6.7||MEDIUM
EPSS-0.87% / 54.41%
||
7 Day CHG~0.00%
Published-12 Dec, 2019 | 22:11
Updated-05 Aug, 2024 | 08:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Apache SpamAssassin before 3.4.3, nefarious CF files can be configured to run system commands without any output or errors. With this, exploits can be injected in a number of scenarios. In addition to upgrading to SA 3.4.3, we recommend that users should only use update channels or 3rd party .cf files from trusted places.

Action-Not Available
Vendor-The Apache Software FoundationDebian GNU/Linux
Product-debian_linuxspamassassinApache SpamAssassin
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2018-11781
Matching Score-8
Assigner-Apache Software Foundation
ShareView Details
Matching Score-8
Assigner-Apache Software Foundation
CVSS Score-7.8||HIGH
EPSS-0.98% / 58.03%
||
7 Day CHG~0.00%
Published-17 Sep, 2018 | 14:00
Updated-16 Sep, 2024 | 18:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Apache SpamAssassin 3.4.2 fixes a local user code injection in the meta rule syntax.

Action-Not Available
Vendor-Canonical Ltd.The Apache Software FoundationRed Hat, Inc.Debian GNU/Linux
Product-enterprise_linux_serverubuntu_linuxdebian_linuxspamassassinenterprise_linux_server_eusenterprise_linux_workstationenterprise_linux_desktopApache SpamAssassin
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2018-1083
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.8||HIGH
EPSS-0.63% / 45.67%
||
7 Day CHG~0.00%
Published-28 Mar, 2018 | 13:00
Updated-16 Sep, 2024 | 18:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Zsh before version 5.4.2-test-1 is vulnerable to a buffer overflow in the shell autocomplete functionality. A local unprivileged user can create a specially crafted directory path which leads to code execution in the context of the user who tries to use autocomplete to traverse the before mentioned path. If the user affected is privileged, this leads to privilege escalation.

Action-Not Available
Vendor-zshzshCanonical Ltd.Red Hat, Inc.Debian GNU/Linux
Product-enterprise_linux_serverubuntu_linuxdebian_linuxenterprise_linux_workstationzshenterprise_linux_desktopzsh
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2018-10879
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-4.2||MEDIUM
EPSS-0.86% / 54.09%
||
7 Day CHG~0.00%
Published-26 Jul, 2018 | 18:00
Updated-05 Aug, 2024 | 07:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A flaw was found in the Linux kernel's ext4 filesystem. A local user can cause a use-after-free in ext4_xattr_set_entry function and a denial of service or unspecified other impact may occur by renaming a file in a crafted ext4 filesystem image.

Action-Not Available
Vendor-[UNKNOWN]Linux Kernel Organization, IncDebian GNU/LinuxCanonical Ltd.Red Hat, Inc.
Product-enterprise_linux_serverubuntu_linuxdebian_linuxlinux_kernelenterprise_linux_workstationenterprise_linuxenterprise_linux_desktopkernel
CWE ID-CWE-416
Use After Free
CVE-2021-3560
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.8||HIGH
EPSS-22.19% / 97.38%
||
7 Day CHG~0.00%
Published-16 Feb, 2022 | 00:00
Updated-06 Nov, 2025 | 14:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2023-06-02||Apply updates per vendor instructions.

It was found that polkit could be tricked into bypassing the credential checks for D-Bus requests, elevating the privileges of the requestor to the root user. This flaw could be used by an unprivileged local attacker to, for example, create a new local administrator. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

Action-Not Available
Vendor-polkit_projectn/aRed Hat, Inc.Canonical Ltd.Debian GNU/Linux
Product-ubuntu_linuxenterprise_linuxopenshift_container_platformvirtualizationvirtualization_hostdebian_linuxpolkitpolkitPolkit
CWE ID-CWE-754
Improper Check for Unusual or Exceptional Conditions
CWE ID-CWE-863
Incorrect Authorization
CVE-2018-10900
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-8.8||HIGH
EPSS-5.06% / 91.28%
||
7 Day CHG~0.00%
Published-26 Jul, 2018 | 15:00
Updated-05 Aug, 2024 | 07:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Network Manager VPNC plugin (aka networkmanager-vpnc) before version 1.2.6 is vulnerable to a privilege escalation attack. A new line character can be used to inject a Password helper parameter into the configuration data passed to VPNC, allowing an attacker to execute arbitrary commands as root.

Action-Not Available
Vendor-[UNKNOWN]The GNOME ProjectDebian GNU/Linux
Product-network_manager_vpncdebian_linuxnetworkmanager-vpnc
CWE ID-CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2018-10380
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.43% / 34.85%
||
7 Day CHG~0.00%
Published-08 May, 2018 | 08:00
Updated-05 Aug, 2024 | 07:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

kwallet-pam in KDE KWallet before 5.12.6 allows local users to obtain ownership of arbitrary files via a symlink attack.

Action-Not Available
Vendor-n/aKDEDebian GNU/LinuxopenSUSE
Product-plasmadebian_linuxleapn/a
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2018-10875
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.8||HIGH
EPSS-0.59% / 43.79%
||
7 Day CHG~0.00%
Published-13 Jul, 2018 | 22:00
Updated-05 Aug, 2024 | 07:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A flaw was found in ansible. ansible.cfg is read from the current working directory which can be altered to make it point to a plugin or a module path under the control of an attacker, thus allowing the attacker to execute arbitrary code.

Action-Not Available
Vendor-[UNKNOWN]Red Hat, Inc.SUSEDebian GNU/LinuxCanonical Ltd.
Product-ceph_storageubuntu_linuxvirtualizationdebian_linuxopenshiftopenstackvirtualization_hostsuse_linux_enterprise_serverpackage_hubgluster_storageansible_engineansible
CWE ID-CWE-426
Untrusted Search Path
CVE-2018-10982
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-0.49% / 38.51%
||
7 Day CHG~0.00%
Published-10 May, 2018 | 23:00
Updated-05 Aug, 2024 | 07:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in Xen through 4.10.x allowing x86 HVM guest OS users to cause a denial of service (unexpectedly high interrupt number, array overrun, and hypervisor crash) or possibly gain hypervisor privileges by setting up an HPET timer to deliver interrupts in IO-APIC mode, aka vHPET interrupt injection.

Action-Not Available
Vendor-n/aDebian GNU/LinuxXen Project
Product-xendebian_linuxn/a
CVE-2018-1087
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-8||HIGH
EPSS-0.77% / 51.21%
||
7 Day CHG~0.00%
Published-15 May, 2018 | 16:00
Updated-05 Aug, 2024 | 03:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

kernel KVM before versions kernel 4.16, kernel 4.16-rc7, kernel 4.17-rc1, kernel 4.17-rc2 and kernel 4.17-rc3 is vulnerable to a flaw in the way the Linux kernel's KVM hypervisor handled exceptions delivered after a stack switch operation via Mov SS or Pop SS instructions. During the stack switch operation, the processor did not deliver interrupts and exceptions, rather they are delivered once the first instruction after the stack switch is executed. An unprivileged KVM guest user could use this flaw to crash the guest or, potentially, escalate their privileges in the guest.

Action-Not Available
Vendor-Linux Kernel Organization, IncDebian GNU/LinuxRed Hat, Inc.Canonical Ltd.
Product-enterprise_linux_serverubuntu_linuxdebian_linuxlinux_kernelenterprise_linux_server_eusenterprise_linux_server_ausenterprise_linux_workstationenterprise_linuxenterprise_linux_server_tusenterprise_linux_virtualizationenterprise_linux_desktopKVM
CWE ID-CWE-250
Execution with Unnecessary Privileges
CVE-2018-1068
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.45% / 36.07%
||
7 Day CHG~0.00%
Published-16 Mar, 2018 | 16:00
Updated-16 Sep, 2024 | 16:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A flaw was found in the Linux 4.x kernel's implementation of 32-bit syscall interface for bridging. This allowed a privileged user to arbitrarily write to a limited range of kernel memory.

Action-Not Available
Vendor-Linux Kernel Organization, Inc.Linux Kernel Organization, IncDebian GNU/LinuxCanonical Ltd.Red Hat, Inc.
Product-enterprise_linux_serverubuntu_linuxdebian_linuxlinux_kernelenterprise_linux_server_eusenterprise_linux_server_ausenterprise_linux_workstationvirtualization_hostenterprise_linux_server_tusenterprise_linux_desktopLinux Kernel
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-787
Out-of-bounds Write
CVE-2003-0385
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.86% / 53.97%
||
7 Day CHG~0.00%
Published-10 Jun, 2003 | 04:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in xaos 3.0-23 and earlier, when running setuid, allows local users to gain root privileges via a long -language option.

Action-Not Available
Vendor-n/aDebian GNU/Linux
Product-debian_linuxn/a
CVE-2017-9075
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.37% / 28.59%
||
7 Day CHG~0.00%
Published-19 May, 2017 | 06:25
Updated-13 May, 2026 | 00:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The sctp_v6_create_accept_sk function in net/sctp/ipv6.c in the Linux kernel through 4.11.1 mishandles inheritance, which allows local users to cause a denial of service or possibly have unspecified other impact via crafted system calls, a related issue to CVE-2017-8890.

Action-Not Available
Vendor-n/aDebian GNU/LinuxLinux Kernel Organization, Inc
Product-debian_linuxlinux_kerneln/a
CVE-2017-8890
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-1.37% / 68.61%
||
7 Day CHG~0.00%
Published-10 May, 2017 | 16:00
Updated-13 May, 2026 | 00:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The inet_csk_clone_lock function in net/ipv4/inet_connection_sock.c in the Linux kernel through 4.10.15 allows attackers to cause a denial of service (double free) or possibly have unspecified other impact by leveraging use of the accept system call.

Action-Not Available
Vendor-n/aDebian GNU/LinuxLinux Kernel Organization, Inc
Product-debian_linuxlinux_kerneln/a
CWE ID-CWE-415
Double Free
CVE-2017-9780
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.36% / 27.50%
||
7 Day CHG~0.00%
Published-21 Jun, 2017 | 15:00
Updated-13 May, 2026 | 00:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Flatpak before 0.8.7, a third-party app repository could include malicious apps that contain files with inappropriate permissions, for example setuid or world-writable. The files are deployed with those permissions, which would let a local attacker run the setuid executable or write to the world-writable location. In the case of the "system helper" component, files deployed as part of the app are owned by root, so in the worst case they could be setuid root.

Action-Not Available
Vendor-flatpakn/aDebian GNU/Linux
Product-debian_linuxflatpakn/a
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2017-7980
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.62% / 45.59%
||
7 Day CHG~0.00%
Published-25 Jul, 2017 | 14:00
Updated-13 May, 2026 | 00:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap-based buffer overflow in Cirrus CLGD 54xx VGA Emulator in Quick Emulator (Qemu) 2.8 and earlier allows local guest OS users to execute arbitrary code or cause a denial of service (crash) via vectors related to a VNC client updating its display after a VGA operation.

Action-Not Available
Vendor-n/aCanonical Ltd.QEMURed Hat, Inc.Debian GNU/Linux
Product-debian_linuxubuntu_linuxenterprise_linux_serverqemuenterprise_linux_workstationenterprise_linux_server_tusenterprise_linux_desktopenterprise_linux_server_eusenterprise_linux_server_ausopenstackvirtualizationenterprise_linuxn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2017-7487
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.8||HIGH
EPSS-0.40% / 31.49%
||
7 Day CHG~0.00%
Published-14 May, 2017 | 22:00
Updated-13 May, 2026 | 00:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The ipxitf_ioctl function in net/ipx/af_ipx.c in the Linux kernel through 4.11.1 mishandles reference counts, which allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via a failed SIOCGIFADDR ioctl call for an IPX interface.

Action-Not Available
Vendor-n/aDebian GNU/LinuxLinux Kernel Organization, Inc
Product-debian_linuxlinux_kernelLinux kernel through 4.11.1
CWE ID-CWE-416
Use After Free
CVE-2017-7482
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.1||HIGH
EPSS-0.47% / 37.56%
||
7 Day CHG~0.00%
Published-30 Jul, 2018 | 14:00
Updated-05 Aug, 2024 | 16:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In the Linux kernel before version 4.12, Kerberos 5 tickets decoded when using the RXRPC keys incorrectly assumes the size of a field. This could lead to the size-remaining variable wrapping and the data pointer going over the end of the buffer. This could possibly lead to memory corruption and possible privilege escalation.

Action-Not Available
Vendor-[UNKNOWN]Linux Kernel Organization, IncDebian GNU/LinuxRed Hat, Inc.
Product-linux_kerneldebian_linuxenterprise_mrgkernel:
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2001-0128
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.42% / 33.90%
||
7 Day CHG~0.00%
Published-07 May, 2001 | 04:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Zope before 2.2.4 does not properly compute local roles, which could allow users to bypass specified access restrictions and gain privileges.

Action-Not Available
Vendor-conectivazopen/aDebian GNU/LinuxMandriva (Mandrakesoft)FreeBSD FoundationRed Hat, Inc.
Product-debian_linuxlinuxzopemandrake_linuxfreebsdlinux_powertoolsn/a
CVE-2001-0111
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-1.26% / 66.12%
||
7 Day CHG~0.00%
Published-07 May, 2001 | 04:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Format string vulnerability in splitvt before 1.6.5 allows local users to execute arbitrary commands via the -rcfile command line argument.

Action-Not Available
Vendor-sam_lantingan/aDebian GNU/Linux
Product-debian_linuxsplitvtn/a
CVE-2001-0193
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-1.06% / 60.50%
||
7 Day CHG~0.00%
Published-07 May, 2001 | 04:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Format string vulnerability in man in some Linux distributions allows local users to gain privileges via a malformed -l parameter.

Action-Not Available
Vendor-n/aDebian GNU/LinuxSUSE
Product-debian_linuxsuse_linuxn/a
CVE-2017-6964
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.47% / 37.25%
||
7 Day CHG~0.00%
Published-28 Mar, 2017 | 01:00
Updated-13 May, 2026 | 00:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

dmcrypt-get-device, as shipped in the eject package of Debian and Ubuntu, does not check the return value of the (1) setuid or (2) setgid function, which might cause dmcrypt-get-device to execute code, which was intended to run as an unprivileged user, as root. This affects eject through 2.1.5+deb1+cvs20081104-13.1 on Debian, eject before 2.1.5+deb1+cvs20081104-13.1ubuntu0.16.10.1 on Ubuntu 16.10, eject before 2.1.5+deb1+cvs20081104-13.1ubuntu0.16.04.1 on Ubuntu 16.04 LTS, eject before 2.1.5+deb1+cvs20081104-13.1ubuntu0.14.04.1 on Ubuntu 14.04 LTS, and eject before 2.1.5+deb1+cvs20081104-9ubuntu0.1 on Ubuntu 12.04 LTS.

Action-Not Available
Vendor-n/aCanonical Ltd.Debian GNU/Linux
Product-debian_linuxubuntu_linuxn/a
CWE ID-CWE-252
Unchecked Return Value
CVE-2000-0867
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.41% / 32.58%
||
7 Day CHG~0.00%
Published-22 Jan, 2001 | 05:00
Updated-16 Apr, 2026 | 00:27
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Kernel logging daemon (klogd) in Linux does not properly cleanse user-injected format strings, which allows local users to gain root privileges by triggering malformed kernel messages.

Action-Not Available
Vendor-trustixn/aDebian GNU/LinuxMandriva (Mandrakesoft)SlackwareRed Hat, Inc.
Product-debian_linuxlinuxmandrake_linuxsecure_linuxslackware_linuxn/a
  • Previous
  • 1
  • 2
  • 3
  • 4
  • ...
  • 26
  • 27
  • Next
Details not found