Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
superuser vulnerabilities and exploits
(subscribe to this query)
8.3
CVSSv3
CVE-2019-7319
An issue exists in Cloudera Hue 6.0.0 up to and including 6.1.0. When using one of following authentication backends: LdapBackend, PamBackend, SpnegoDjangoBackend, RemoteUserDjangoBackend, SAML2Backend, OpenIDBackend, or OAuthBackend, external users are created with superuser pri...
Cloudera Cdh 6.0.0
Cloudera Cdh 6.0.1
Cloudera Cdh 6.1.0
9.8
CVSSv3
CVE-2021-28152
Hongdian H8922 3.0.5 devices have an undocumented feature that allows access to a shell as a superuser. To connect, the telnet service is used on port 5188 with the default credentials of root:superzxmn.
Hongdian H8922 Firmware 3.0.5
8.8
CVSSv3
CVE-2018-1198
Pivotal Cloud Cache, versions before 1.3.1, prints a superuser password in plain text during BOSH deployment logs. A malicious user with access to the logs could escalate their privileges using this password.
Pivotal Software Pivotal Cloud Cache
8.8
CVSSv3
CVE-2022-43685
CKAN up to and including 2.9.6 account takeovers by unauthenticated users when an existing user id is sent via an HTTP POST request. This allows a user to take over an existing account including superuser accounts.
Okfn Ckan
9.8
CVSSv3
CVE-2022-28812
In Carlo Gavazzi UWP3.0 in multiple versions and CPY Car Park Server in Version 2.8.3 a remote, unauthenticated attacker could make use of hard-coded credentials to gain SuperUser access to the device.
Gavazziautomation Cpy Car Park Server
Gavazziautomation Uwp 3.0 Monitoring Gateway And Controller Firmware
7.6
CVSSv3
CVE-2022-3086
Cradlepoint IBR600 NCOS versions 6.5.0.160bc2e and prior are vulnerable to shell escape, which enables local attackers with non-superuser credentials to gain full, unrestrictive shell access which may allow an malicious user to execute arbitrary code.
Moxa Uc-8580-t-lx Firmware 1.1
Moxa Uc-8580-t-ct-lx Firmware 1.1
Moxa Uc-8580-t-q-lx Firmware 1.1
Moxa Uc-8580-t-ct-q-lx Firmware 1.1
Moxa Uc-8580-q-lx Firmware 1.1
Moxa Uc-8580-lx Firmware 1.1
Moxa Uc-8540-lx Firmware
Moxa Uc-8540-t-ct-lx Firmware
Moxa Uc-8540-t-lx Firmware
Moxa Uc-8410a-lx Firmware 2.2
Moxa Uc-8410a-nw-lx Firmware 2.2
Moxa Uc-8410a-nw-t-lx Firmware 2.2
Moxa Uc-8410a-t-lx Firmware 2.2
Moxa Uc-8210-t-lx-s Firmware
Moxa Uc-8220-t-lx Firmware
Moxa Uc-8220-t-lx-us-s Firmware
Moxa Uc-8220-t-lx-eu-s Firmware
Moxa Uc-8220-t-lx-ap-s Firmware
Moxa Uc-8112a-me-t-lx Firmware 1.0
Moxa Uc-8112a-me-t-lx Firmware 1.1
Moxa Uc-8131-lx Firmware 1.2
Moxa Uc-8131-lx Firmware 1.3
9.8
CVSSv3
CVE-2023-31240
Snap One OvrC Pro versions before 7.2 have their own locally running web server accessible both from the local network and remotely. OvrC cloud contains a hidden superuser account accessible through hard-coded credentials.
Snapone Orvc
NA
CVE-2024-2338
PostgreSQL Anonymizer v1.2 contains a SQL injection vulnerability that allows a user who owns a table to elevate to superuser when dynamic masking is enabled. PostgreSQL Anonymizer enables users to set security labels on tables to mask specified columns. There is a flaw that allo...
NA
CVE-2002-0755
Kerberos 5 su (k5su) in FreeBSD 4.5 and previous versions does not verify that a user is a member of the wheel group before granting superuser privileges, which could allow unauthorized users to execute commands as root.
Freebsd Freebsd 4.5
Freebsd Freebsd 4.4
9.8
CVSSv3
CVE-2019-11526
An issue exists in Softing uaGate SI 1.60.01. A maintenance script, that is executable via sudo, is vulnerable to file path injection. This enables the malicious user to write files with superuser privileges in specific locations.
Softing Uagate Si Firmware 1.60.01
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3581
reflected XSS
CVE-2024-26925
CVE-2024-27956
LFI
CVE-2024-3607
CVE-2024-3107
CVE-2024-3295
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »