Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

u-root u-root vulnerabilities and exploits

(subscribe to this query)
5
CVSSv2
CVE-2020-7666
This affects all versions of package github.com/u-root/u-root/pkg/cpio. It is vulnerable to leading, non-leading relative path traversal attacks and symlink based (relative and absolute) path traversal attacks in cpio file extraction.
U-root U-root
5
CVSSv2
CVE-2020-7665
This affects all versions of package github.com/u-root/u-root/pkg/uzip. It is vulnerable to both leading and non-leading relative path traversal attacks in zip file extraction.
U-root U-root
5
CVSSv2
CVE-2020-7669
This affects all versions of package github.com/u-root/u-root/pkg/tarutil. It is vulnerable to both leading and non-leading relative path traversal attacks in tar file extraction.
U-root U-root
3.3
CVSSv2
CVE-2010-2022
jail.c in jail in FreeBSD 8.0 and 8.1-PRERELEASE, when the "-l -U root" options are omitted, does not properly restrict access to the current working directory, which might allow local users to read, modify, or create arbitrary files via standard filesystem operations.
Freebsd Freebsd 8.0Freebsd Freebsd 8.1-prerelease
10
CVSSv2
CVE-2007-2429
ManageEngine PasswordManager Pro (PMP) allows remote malicious users to obtain administrative access to a database by injecting a certain command line for the mysql program, as demonstrated by the "-port 2345" and "-u root" arguments. NOTE: the provenance of t...
Manageengine Passwordmanager Pro
6.2
CVSSv2
CVE-2010-2956
Sudo 1.7.0 up to and including 1.7.4p3, when a Runas group is configured, does not properly handle use of the -u option in conjunction with the -g option, which allows local users to gain privileges via a command line containing a "-u root" sequence.
Todd Miller Sudo 1.7.2p5Todd Miller Sudo 1.7.0Todd Miller Sudo 1.7.2p6Todd Miller Sudo 1.7.2Todd Miller Sudo 1.7.2p1Todd Miller Sudo 1.7.4p1Todd Miller Sudo 1.7.4Todd Miller Sudo 1.7.2p3Todd Miller Sudo 1.7.3b1Todd Miller Sudo 1.7.2p7Todd Miller Sudo 1.7.4p3Todd Miller Sudo 1.7.4p2Todd Miller Sudo 1.7.2p2Todd Miller Sudo 1.7.2p4Todd Miller Sudo 1.7.1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463CVE-2024-29895injectCVE-2023-52689CVE-2024-5049CVE-2024-5051privilege escalationphysicalCVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook