Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
u-root u-root vulnerabilities and exploits
(subscribe to this query)
446
VMScore
CVE-2020-7665
This affects all versions of package github.com/u-root/u-root/pkg/uzip. It is vulnerable to both leading and non-leading relative path traversal attacks in zip file extraction.
U-root U-root
446
VMScore
CVE-2020-7666
This affects all versions of package github.com/u-root/u-root/pkg/cpio. It is vulnerable to leading, non-leading relative path traversal attacks and symlink based (relative and absolute) path traversal attacks in cpio file extraction.
U-root U-root
445
VMScore
CVE-2020-7669
This affects all versions of package github.com/u-root/u-root/pkg/tarutil. It is vulnerable to both leading and non-leading relative path traversal attacks in tar file extraction.
U-root U-root
294
VMScore
CVE-2010-2022
jail.c in jail in FreeBSD 8.0 and 8.1-PRERELEASE, when the "-l -U root" options are omitted, does not properly restrict access to the current working directory, which might allow local users to read, modify, or create arbitrary files via standard filesystem operations.
Freebsd Freebsd 8.0
Freebsd Freebsd 8.1-prerelease
1000
VMScore
CVE-2007-2429
ManageEngine PasswordManager Pro (PMP) allows remote malicious users to obtain administrative access to a database by injecting a certain command line for the mysql program, as demonstrated by the "-port 2345" and "-u root" arguments. NOTE: the provenance of t...
Manageengine Passwordmanager Pro
1 EDB exploit
552
VMScore
CVE-2010-2956
Sudo 1.7.0 up to and including 1.7.4p3, when a Runas group is configured, does not properly handle use of the -u option in conjunction with the -g option, which allows local users to gain privileges via a command line containing a "-u root" sequence.
Todd Miller Sudo 1.7.2p5
Todd Miller Sudo 1.7.0
Todd Miller Sudo 1.7.2p6
Todd Miller Sudo 1.7.2
Todd Miller Sudo 1.7.2p1
Todd Miller Sudo 1.7.4p1
Todd Miller Sudo 1.7.4
Todd Miller Sudo 1.7.2p3
Todd Miller Sudo 1.7.3b1
Todd Miller Sudo 1.7.2p7
Todd Miller Sudo 1.7.4p3
Todd Miller Sudo 1.7.4p2
Todd Miller Sudo 1.7.2p2
Todd Miller Sudo 1.7.2p4
Todd Miller Sudo 1.7.1
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
HTML injection
CVE-2024-35894
SQL
CVE-2024-5105
CVE-2014-100005
CVE-2024-35895
unauthorized
CVE-2024-22120
CVE-2024-35890
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started