Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
u-root u-root vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2020-7666
This affects all versions of package github.com/u-root/u-root/pkg/cpio. It is vulnerable to leading, non-leading relative path traversal attacks and symlink based (relative and absolute) path traversal attacks in cpio file extraction.
U-root U-root
7.5
CVSSv3
CVE-2020-7665
This affects all versions of package github.com/u-root/u-root/pkg/uzip. It is vulnerable to both leading and non-leading relative path traversal attacks in zip file extraction.
U-root U-root
7.5
CVSSv3
CVE-2020-7669
This affects all versions of package github.com/u-root/u-root/pkg/tarutil. It is vulnerable to both leading and non-leading relative path traversal attacks in tar file extraction.
U-root U-root
NA
CVE-2010-2022
jail.c in jail in FreeBSD 8.0 and 8.1-PRERELEASE, when the "-l -U root" options are omitted, does not properly restrict access to the current working directory, which might allow local users to read, modify, or create arbitrary files via standard filesystem operations.
Freebsd Freebsd 8.0
Freebsd Freebsd 8.1-prerelease
NA
CVE-2007-2429
ManageEngine PasswordManager Pro (PMP) allows remote malicious users to obtain administrative access to a database by injecting a certain command line for the mysql program, as demonstrated by the "-port 2345" and "-u root" arguments. NOTE: the provenance of t...
Manageengine Passwordmanager Pro
1 EDB exploit
NA
CVE-2010-2956
Sudo 1.7.0 up to and including 1.7.4p3, when a Runas group is configured, does not properly handle use of the -u option in conjunction with the -g option, which allows local users to gain privileges via a command line containing a "-u root" sequence.
Todd Miller Sudo 1.7.2p5
Todd Miller Sudo 1.7.0
Todd Miller Sudo 1.7.2p6
Todd Miller Sudo 1.7.2
Todd Miller Sudo 1.7.2p1
Todd Miller Sudo 1.7.4p1
Todd Miller Sudo 1.7.4
Todd Miller Sudo 1.7.2p3
Todd Miller Sudo 1.7.3b1
Todd Miller Sudo 1.7.2p7
Todd Miller Sudo 1.7.4p3
Todd Miller Sudo 1.7.4p2
Todd Miller Sudo 1.7.2p2
Todd Miller Sudo 1.7.2p4
Todd Miller Sudo 1.7.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started