Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
suid vulnerabilities and exploits
(subscribe to this query)
3.3
CVSSv3
CVE-2022-37703
In Amanda 3.5.1, an information leak vulnerability was found in the calcsize SUID binary. An attacker can abuse this vulnerability to know if a directory exists or not anywhere in the fs. The binary will use `opendir()` as root directly without checking the path, letting the atta...
Amanda Amanda 3.5.1
NA
CVE-2003-1040
kmod in the Linux kernel does not set its uid, suid, gid, or sgid to 0, which allows local users to cause a denial of service (crash) by sending certain signals to kmod.
Linux Linux Kernel 2.4.0
NA
CVE-2005-3546
suid.cgi scripts in F-Secure (1) Internet Gatekeeper for Linux prior to 2.15.484 and (2) Anti-Virus Linux Gateway prior to 2.16 are installed SUID with world-executable permissions, which allows local users to gain privilege.
F-secure F-secure Anti-virus
F-secure Internet Gatekeeper
1 EDB exploit
NA
CVE-2006-2183
Untrusted search path vulnerability in Truecrypt 4.1, when running suid root on Linux, allows local users to execute arbitrary commands and gain privileges via a modified PATH environment variable that references a malicious mount command.
Truecrypt Foundation Truecrypt 4.1
6.7
CVSSv3
CVE-2009-1142
An issue exists in open-vm-tools 2009.03.18-154848. Local users can gain privileges via a symlink attack on /tmp files if vmware-user-suid-wrapper is setuid root and the ChmodChownDirectory function is enabled.
Vmware Open Vm Tools 2009.03.18-154848
7.8
CVSSv3
CVE-2022-29849
In Progress OpenEdge prior to 11.7.14 and 12.x prior to 12.2.9, certain SUID binaries within the OpenEdge application were susceptible to privilege escalation. If exploited, a local attacker could elevate their privileges and compromise the affected system.
Progress Openedge
7.8
CVSSv3
CVE-2017-16777
If HashiCorp Vagrant VMware Fusion plugin (aka vagrant-vmware-fusion) 5.0.3 is installed but VMware Fusion is not, a local attacker can create a fake application directory and exploit the suid sudo helper in order to escalate to root.
Hashicorp Vagrant 5.0.3
1 EDB exploit
9.8
CVSSv3
CVE-2019-19905
NetHack 3.6.x prior to 3.6.4 is prone to a buffer overflow vulnerability when reading very long lines from configuration files. This affects systems that have NetHack installed suid/sgid, and shared systems that allow users to upload their own configuration files.
Nethack Nethack
NA
CVE-2003-1426
Openwebmail in cPanel 5.0, when run using suid Perl, adds the directory in the SCRIPT_FILENAME environment variable to Perl's @INC include array, which allows local users to execute arbitrary code by modifying SCRIPT_FILENAME to reference a directory containing a malicious o...
Cpanel Cpanel 5.0
7.8
CVSSv3
CVE-2018-18860
A local privilege escalation vulnerability has been identified in the SwitchVPN client 2.1012.03 for macOS. Due to over-permissive configuration settings and a SUID binary, an attacker is able to execute arbitrary binaries as root.
Switchvpn Switchvpn 2.1012.03
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
buffer overflow
type confusion
server-side request forgery
CVE-2024-38440
CVE-2024-27801
CVE-2024-5868
CVE-2024-0582
CVE-2024-37643
CVE-2024-3105
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »