Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
suid vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2006-4227
MySQL prior to 5.0.25 and 5.1 prior to 5.1.12 evaluates arguments of suid routines in the security context of the routine's definer instead of the routine's caller, which allows remote authenticated users to gain privileges through a routine that has been made available...
Mysql Mysql 5.0.3
Mysql Mysql 5.0.24
Mysql Mysql 5.0.2
Mysql Mysql 5.0.22.1.0.1
Mysql Mysql 5.0.20
Mysql Mysql 5.0.1
Mysql Mysql 5.0.4
Mysql Mysql 5.1.5
Oracle Mysql 5.0.0
Oracle Mysql 5.1.6
Oracle Mysql 5.1.9
Oracle Mysql 5.1.10
1 EDB exploit
NA
CVE-2010-2059
lib/fsm.c in RPM 4.8.0 and unspecified 4.7.x and 4.6.x versions, and RPM prior to 4.4.3, does not properly reset the metadata of an executable file during replacement of the file in an RPM package upgrade, which might allow local users to gain privileges by creating a hard link t...
Rpm Rpm 2.3.5
Rpm Rpm 4.4.2.1
Rpm Rpm 1.4.3
Rpm Rpm 3.0.1
Rpm Rpm 4.1
Rpm Rpm 2.2.3.11
Rpm Rpm 2.4.4
Rpm Rpm 2.3.8
Rpm Rpm 2.0.6
Rpm Rpm 1.4.4
Rpm Rpm 4.4.2
Rpm Rpm 1.4.2/a
Rpm Rpm 2.4.1
Rpm Rpm 2.4.9
Rpm Rpm 2.6.7
Rpm Rpm 2..4.10
Rpm Rpm 1.4
Rpm Rpm 2.0.10
Rpm Rpm 2.4.5
Rpm Rpm 4.0.1
Rpm Rpm 2.2.11
Rpm Rpm 4.0.4
NA
CVE-2001-0169
When using the LD_PRELOAD environmental variable in SUID or SGID applications, glibc does not verify that preloaded libraries in /etc/ld.so.cache are also SUID/SGID, which could allow a local user to overwrite arbitrary files by loading a library from /lib or /usr/lib.
Mandrakesoft Mandrake Linux 7.2
Trustix Secure Linux 1.1
Redhat Linux 6.1
Redhat Linux 6.2
Mandrakesoft Mandrake Linux 7.0
Redhat Linux 6.0
Mandrakesoft Mandrake Linux Corporate Server 1.0.1
Turbolinux Turbolinux
Mandrakesoft Mandrake Linux 7.1
Mandrakesoft Mandrake Linux 6.0
Turbolinux Turbolinux 6.1
Trustix Secure Linux 1.2
Mandrakesoft Mandrake Linux 6.1
1 EDB exploit
9.8
CVSSv3
CVE-2022-30525
A OS command injection vulnerability in the CGI program of Zyxel USG FLEX 100(W) firmware versions 5.00 up to and including 5.21 Patch 1, USG FLEX 200 firmware versions 5.00 up to and including 5.21 Patch 1, USG FLEX 500 firmware versions 5.00 up to and including 5.21 Patch 1, US...
Zyxel Usg Flex 100w Firmware
Zyxel Usg Flex 200 Firmware
Zyxel Usg Flex 500 Firmware
Zyxel Usg Flex 700 Firmware
Zyxel Vpn100 Firmware
Zyxel Vpn1000 Firmware
Zyxel Vpn300 Firmware
Zyxel Vpn50 Firmware
Zyxel Atp100 Firmware
Zyxel Atp100w Firmware
Zyxel Atp200 Firmware
Zyxel Atp500 Firmware
Zyxel Atp700 Firmware
Zyxel Atp800 Firmware
Zyxel Usg Flex 50w Firmware
Zyxel Usg20w-vpn Firmware
1 Metasploit module
17 Github repositories
NA
CVE-2004-0806
cdrecord in the cdrtools package prior to 2.01, when installed setuid root, does not properly drop privileges before executing a program specified in the RSH environment variable, which allows local users to gain privileges.
Cdrtools Cdrecord 1.11
Cdrtools Cdrecord 2.0
2 EDB exploits
1 Github repository
7
CVSSv3
CVE-2016-1757
Race condition in the kernel in Apple iOS prior to 9.3 and OS X prior to 10.11.4 allows malicious users to execute arbitrary code in a privileged context via a crafted app.
Apple Iphone Os
Apple Mac Os X
2 EDB exploits
6 Github repositories
1 Article
NA
CVE-2003-0462
A race condition in the way env_start and env_end pointers are initialized in the execve system call and used in fs/proc/base.c on Linux 2.4 allows local users to cause a denial of service (crash).
Mandrakesoft Mandrake Multi Network Firewall 8.2
Linux Linux Kernel 2.4.15
Linux Linux Kernel 2.4.11
Mandrakesoft Mandrake Linux 8.2
Mandrakesoft Mandrake Linux Corporate Server 2.1
Linux Linux Kernel 2.4.12
Linux Linux Kernel 2.4.13
Linux Linux Kernel 2.4.17
Linux Linux Kernel 2.4.21
Linux Linux Kernel 2.4.7
Linux Linux Kernel 2.4.9
Mandrakesoft Mandrake Linux 9.0
Linux Linux Kernel 2.4.10
Linux Linux Kernel 2.4.0
Linux Linux Kernel 2.4.2
Linux Linux Kernel 2.4.16
Linux Linux Kernel 2.4.8
Linux Linux Kernel 2.4.19
Linux Linux Kernel 2.4.14
Linux Linux Kernel 2.4.5
Linux Linux Kernel 2.4.18
Linux Linux Kernel 2.4.3
1 EDB exploit
NA
CVE-2000-0824
The unsetenv function in glibc 2.1.1 does not properly unset an environmental variable if the variable is provided twice to a program, which could allow local users to execute arbitrary commands in setuid programs by specifying their own duplicate environmental variables such as ...
Gnu Glibc 2.1.1
1 EDB exploit
7
CVSSv3
CVE-2021-3864
A flaw was found in the way the dumpable flag setting was handled when certain SUID binaries executed its descendants. The prerequisite is a SUID binary that sets real UID equal to effective UID, and real GID equal to effective GID. The descendant will then have a dumpable value ...
Linux Linux Kernel -
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 6.0
Redhat Enterprise Linux 9.0
2 Github repositories
NA
CVE-2012-0056
The mem_write function in the Linux kernel prior to 3.2.2, when ASLR is disabled, does not properly check permissions when writing to /proc/<pid>/mem, which allows local users to gain privileges by modifying process memory, as demonstrated by Mempodipper.
Linux Linux Kernel
2 EDB exploits
25 Github repositories
1 Article
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
buffer overflow
type confusion
server-side request forgery
CVE-2024-38440
CVE-2024-27801
CVE-2024-5868
CVE-2024-0582
CVE-2024-37643
CVE-2024-3105
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »