Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
superuser vulnerabilities and exploits
(subscribe to this query)
1000
VMScore
CVE-2003-0722
The default installation of sadmind on Solaris uses weak authentication (AUTH_SYS), which allows local and remote malicious users to spoof Solstice AdminSuite clients and gain root privileges via a certain sequence of RPC packets.
Sun Solaris
2 EDB exploits
685
VMScore
CVE-2020-16134
An issue exists on Swisscom Internet Box 2, Internet Box Standard, Internet Box Plus before 10.04.38, Internet Box 3 before 11.01.20, and Internet Box light before 08.06.06. Given the (user-configurable) credentials for the local Web interface or physical access to a device'...
Swisscom Internet-box 2 Firmware
Swisscom Internet-box Standard Firmware
Swisscom Internet-box Plus Firmware
Swisscom Internet-box 3 Firmware
Swisscom Internet-box Light Firmware
NA
CVE-2024-0985
Late privilege drop in REFRESH MATERIALIZED VIEW CONCURRENTLY in PostgreSQL allows an object creator to execute arbitrary SQL functions as the command issuer. The command intends to run SQL functions as the owner of the materialized view, enabling safe refresh of untrusted materi...
Postgresql Postgresql
655
VMScore
CVE-2017-15276
OpenText Documentum Content Server (formerly EMC Documentum Content Server) up to and including 7.3 contains the following design gap, which allows an authenticated user to gain superuser privileges: Content Server allows uploading content using batches (TAR archives). When unpac...
Opentext Documentum Content Server
1 EDB exploit
NA
CVE-2020-21469
An issue exists in PostgreSQL 12.2 allows malicious users to cause a denial of service via repeatedly sending SIGHUP signals. NOTE: this is disputed by the vendor because untrusted users cannot send SIGHUP signals; they can only be sent by a PostgreSQL superuser, a user with pg_r...
Postgresql Postgresql 12.2
890
VMScore
CVE-2020-9409
The administrative UI component of TIBCO Software Inc.'s TIBCO JasperReports Server, TIBCO JasperReports Server for AWS Marketplace, and TIBCO JasperReports Server for ActiveMatrix BPM contains a vulnerability that theoretically allows an unauthenticated malicious user to ob...
Tibco Jasperreports Server
Oracle Retail Order Broker 15.0
Oracle Retail Order Broker 16.0
NA
CVE-2023-41113
An issue exists in EnterpriseDB Postgres Advanced Server (EPAS) prior to 11.21.32, 12.x prior to 12.16.20, 13.x prior to 13.12.16, 14.x prior to 14.9.0, and 15.x prior to 15.4.0. It allows an authenticated user to to obtain information about whether certain files exist on disk, w...
Enterprisedb Postgres Advanced Server
578
VMScore
CVE-2020-25695
A flaw was found in PostgreSQL versions prior to 13.1, prior to 12.5, prior to 11.10, prior to 10.15, prior to 9.6.20 and prior to 9.5.24. An attacker having permission to create non-temporary objects in at least one schema can execute arbitrary SQL functions under the identity o...
Postgresql Postgresql
Debian Debian Linux 9.0
1 Github repository
NA
CVE-2024-2339
PostgreSQL Anonymizer v1.2 contains a vulnerability that allows a user who owns a table to elevate to superuser. A user can define a masking function for a column and place malicious code in that function. When a privileged user applies the masking rules using the static masking ...
1000
VMScore
CVE-2003-0240
The web-based administration capability for various Axis Network Camera products allows remote malicious users to bypass access restrictions and modify configuration via an HTTP request to the admin/admin.shtml containing a leading // (double slash).
Axis 2110 Network Camera
Axis 2120 Network Camera
Axis 2100 Network Camera
Axis 250s Video Server
Axis 2130 Ptz Network Camera
Axis 2400 Video Server
Axis 2401 Video Server
Axis 2420 Network Camera
Axis 2460 Network Dvr
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversal
CVE-2024-33545
CVE-2024-35725
CVE-2024-32704
overflow
file upload
CVE-2024-0230
CVE-2024-32705
CVE-2024-23692
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
6
7
8
9
10
NEXT »