Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
superuser vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2007-3719
The process scheduler in the Linux kernel 2.6.16 gives preference to "interactive" processes that perform voluntary sleeps, which allows local users to cause a denial of service (CPU consumption), as described in "Secretly Monopolizing the CPU Without Superuser Pri...
Linux Linux Kernel 2.6.16
NA
CVE-2007-3721
The ULE process scheduler in the FreeBSD kernel gives preference to "interactive" processes that perform voluntary sleeps, which allows local users to cause a denial of service (CPU consumption), as described in "Secretly Monopolizing the CPU Without Superuser Priv...
Freebsd Freebsd
8.8
CVSSv3
CVE-2023-30625
rudder-server is part of RudderStack, an open source Customer Data Platform (CDP). Versions of rudder-server before 1.3.0-rc.1 are vulnerable to SQL injection. This issue may lead to Remote Code Execution (RCE) due to the `rudder` role in PostgresSQL having superuser permissions ...
Rudderstack Rudder-server
8.8
CVSSv3
CVE-2023-32305
aiven-extras is a PostgreSQL extension. Versions before 1.1.9 contain a privilege escalation vulnerability, allowing elevation to superuser inside PostgreSQL databases that use the aiven-extras package. The vulnerability leverages missing schema qualifiers on privileged functions...
Aiven Aiven
8.8
CVSSv3
CVE-2022-25806
An issue exists in the IGEL Universal Management Suite (UMS) 6.07.100. A hardcoded DES key in the PrefDBCredentials class allows an attacker, who has discovered encrypted superuser credentials, to decrypt those credentials using a static 8-byte DES key.
Igel Universal Management Suite 6.07.100
NA
CVE-2014-4811
IBM Storwize 3500, 3700, 5000, and 7000 devices and SAN Volume Controller 6.x and 7.x prior to 7.2.0.8 allow remote malicious users to reset the administrator superuser password to its default value via a direct request to the administrative IP address.
Ibm San Volume Controller Software 6.1.0.5
Ibm San Volume Controller Software 6.1.0.6
Ibm San Volume Controller Software 6.2.0.3
Ibm San Volume Controller Software 6.1.0.10
Ibm San Volume Controller Software 6.1.0.2
Ibm San Volume Controller Software 6.1.0.9
Ibm San Volume Controller Software 6.2.0.0
Ibm San Volume Controller Software 6.3.0.1
Ibm San Volume Controller Software 6.3.0.2
Ibm San Volume Controller Software 6.4.0.1
Ibm San Volume Controller Software 6.4.0.2
Ibm San Volume Controller Software 6.4.1.5
Ibm San Volume Controller Software 6.4.1.6
Ibm San Volume Controller Software 7.1.0.6
Ibm San Volume Controller Software 7.1.0.7
Ibm San Volume Controller Software 7.2.0.6
Ibm San Volume Controller Software 7.2.0.7
Ibm San Volume Controller Software 6.1.0.3
Ibm San Volume Controller Software 6.1.0.4
Ibm San Volume Controller Software 6.2.0.1
Ibm San Volume Controller Software 6.2.0.2
Ibm San Volume Controller Software 6.3.0.3
6.5
CVSSv3
CVE-2022-26392
The Baxter Spectrum WBM (v16, v16D38) and Baxter Spectrum WBM (v17, v17D19, v20D29 to v20D32) when in superuser mode is susceptible to format string attacks via application messaging. An attacker could use this to read memory in the WBM to access sensitive information.
Baxter Spectrum Wireless Battery Module Firmware 16
Baxter Spectrum Wireless Battery Module Firmware 16d38
Baxter Spectrum Wireless Battery Module Firmware 17
Baxter Spectrum Wireless Battery Module Firmware 17d19
Baxter Spectrum Wireless Battery Module Firmware
Baxter Sigma Spectrum 35700bax Firmware -
Baxter Sigma Spectrum 35700bax2 Firmware -
Baxter Baxter Spectrum Iq 35700bax3 Firmware -
NA
CVE-2015-0518
The Properties service in the D2FS web-service component in EMC Documentum D2 3.1 through SP1, 4.0 and 4.1 prior to 4.1 P22, and 4.2 before P11 allows remote authenticated users to obtain superuser privileges via an unspecified method call that modifies group permissions.
Emc Documentum D2 3.1
Emc Documentum D2 4.0
Emc Documentum D2 4.1
Emc Documentum D2 4.2
NA
CVE-2008-2053
Unspecified vulnerability in Cisco Unified Customer Voice Portal (CVP) 4.0.x prior to 4.0(2)_ES14, 4.1.x prior to 4.1(1)_ES11, and 7.x prior to 7.0(1) allows remote authenticated users with administrator role privileges to create, modify, or delete a superuser account.
Cisco Unified Customer Voice Portal 4.0
Cisco Unified Customer Voice Portal 4.1
Cisco Unified Customer Voice Portal 7.0
NA
CVE-2006-3784
Symantec pcAnywhere 12.5 uses weak default permissions for the "Symantec\pcAnywhere\Hosts" folder, which allows local users to gain privileges by inserting a superuser .cif (aka caller or CallerID) file into the folder, and then using a pcAnywhere client to login as a l...
Symantec Pcanywhere 12.5
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3581
reflected XSS
CVE-2024-26925
CVE-2024-27956
LFI
CVE-2024-3607
CVE-2024-3107
CVE-2024-3295
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »