Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
u-root u-root vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2020-7666
This affects all versions of package github.com/u-root/u-root/pkg/cpio. It is vulnerable to leading, non-leading relative path traversal attacks and symlink based (relative and absolute) path traversal attacks in cpio file extraction.
U-root U-root
5
CVSSv2
CVE-2020-7665
This affects all versions of package github.com/u-root/u-root/pkg/uzip. It is vulnerable to both leading and non-leading relative path traversal attacks in zip file extraction.
U-root U-root
5
CVSSv2
CVE-2020-7669
This affects all versions of package github.com/u-root/u-root/pkg/tarutil. It is vulnerable to both leading and non-leading relative path traversal attacks in tar file extraction.
U-root U-root
3.3
CVSSv2
CVE-2010-2022
jail.c in jail in FreeBSD 8.0 and 8.1-PRERELEASE, when the "-l -U root" options are omitted, does not properly restrict access to the current working directory, which might allow local users to read, modify, or create arbitrary files via standard filesystem operations.
Freebsd Freebsd 8.0
Freebsd Freebsd 8.1-prerelease
10
CVSSv2
CVE-2007-2429
ManageEngine PasswordManager Pro (PMP) allows remote malicious users to obtain administrative access to a database by injecting a certain command line for the mysql program, as demonstrated by the "-port 2345" and "-u root" arguments. NOTE: the provenance of t...
Manageengine Passwordmanager Pro
1 EDB exploit
6.2
CVSSv2
CVE-2010-2956
Sudo 1.7.0 up to and including 1.7.4p3, when a Runas group is configured, does not properly handle use of the -u option in conjunction with the -g option, which allows local users to gain privileges via a command line containing a "-u root" sequence.
Todd Miller Sudo 1.7.2p5
Todd Miller Sudo 1.7.0
Todd Miller Sudo 1.7.2p6
Todd Miller Sudo 1.7.2
Todd Miller Sudo 1.7.2p1
Todd Miller Sudo 1.7.4p1
Todd Miller Sudo 1.7.4
Todd Miller Sudo 1.7.2p3
Todd Miller Sudo 1.7.3b1
Todd Miller Sudo 1.7.2p7
Todd Miller Sudo 1.7.4p3
Todd Miller Sudo 1.7.4p2
Todd Miller Sudo 1.7.2p2
Todd Miller Sudo 1.7.2p4
Todd Miller Sudo 1.7.1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started