Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
superuser vulnerabilities and exploits
(subscribe to this query)
187
VMScore
CVE-2007-3721
The ULE process scheduler in the FreeBSD kernel gives preference to "interactive" processes that perform voluntary sleeps, which allows local users to cause a denial of service (CPU consumption), as described in "Secretly Monopolizing the CPU Without Superuser Priv...
Freebsd Freebsd
187
VMScore
CVE-2007-3719
The process scheduler in the Linux kernel 2.6.16 gives preference to "interactive" processes that perform voluntary sleeps, which allows local users to cause a denial of service (CPU consumption), as described in "Secretly Monopolizing the CPU Without Superuser Pri...
Linux Linux Kernel 2.6.16
668
VMScore
CVE-2014-4811
IBM Storwize 3500, 3700, 5000, and 7000 devices and SAN Volume Controller 6.x and 7.x prior to 7.2.0.8 allow remote malicious users to reset the administrator superuser password to its default value via a direct request to the administrative IP address.
Ibm San Volume Controller Software 6.1.0.5
Ibm San Volume Controller Software 6.1.0.6
Ibm San Volume Controller Software 6.2.0.3
Ibm San Volume Controller Software 6.1.0.10
Ibm San Volume Controller Software 6.1.0.2
Ibm San Volume Controller Software 6.1.0.9
Ibm San Volume Controller Software 6.2.0.0
Ibm San Volume Controller Software 6.3.0.1
Ibm San Volume Controller Software 6.3.0.2
Ibm San Volume Controller Software 6.4.0.1
Ibm San Volume Controller Software 6.4.0.2
Ibm San Volume Controller Software 6.4.1.5
Ibm San Volume Controller Software 6.4.1.6
Ibm San Volume Controller Software 7.1.0.6
Ibm San Volume Controller Software 7.1.0.7
Ibm San Volume Controller Software 7.2.0.6
Ibm San Volume Controller Software 7.2.0.7
Ibm San Volume Controller Software 6.1.0.3
Ibm San Volume Controller Software 6.1.0.4
Ibm San Volume Controller Software 6.2.0.1
Ibm San Volume Controller Software 6.2.0.2
Ibm San Volume Controller Software 6.3.0.3
578
VMScore
CVE-2022-25806
An issue exists in the IGEL Universal Management Suite (UMS) 6.07.100. A hardcoded DES key in the PrefDBCredentials class allows an attacker, who has discovered encrypted superuser credentials, to decrypt those credentials using a static 8-byte DES key.
Igel Universal Management Suite 6.07.100
NA
CVE-2023-32305
aiven-extras is a PostgreSQL extension. Versions before 1.1.9 contain a privilege escalation vulnerability, allowing elevation to superuser inside PostgreSQL databases that use the aiven-extras package. The vulnerability leverages missing schema qualifiers on privileged functions...
Aiven Aiven
NA
CVE-2023-30625
rudder-server is part of RudderStack, an open source Customer Data Platform (CDP). Versions of rudder-server before 1.3.0-rc.1 are vulnerable to SQL injection. This issue may lead to Remote Code Execution (RCE) due to the `rudder` role in PostgresSQL having superuser permissions ...
Rudderstack Rudder-server
801
VMScore
CVE-2015-0518
The Properties service in the D2FS web-service component in EMC Documentum D2 3.1 through SP1, 4.0 and 4.1 prior to 4.1 P22, and 4.2 before P11 allows remote authenticated users to obtain superuser privileges via an unspecified method call that modifies group permissions.
Emc Documentum D2 3.1
Emc Documentum D2 4.0
Emc Documentum D2 4.1
Emc Documentum D2 4.2
801
VMScore
CVE-2008-2053
Unspecified vulnerability in Cisco Unified Customer Voice Portal (CVP) 4.0.x prior to 4.0(2)_ES14, 4.1.x prior to 4.1(1)_ES11, and 7.x prior to 7.0(1) allows remote authenticated users with administrator role privileges to create, modify, or delete a superuser account.
Cisco Unified Customer Voice Portal 4.0
Cisco Unified Customer Voice Portal 4.1
Cisco Unified Customer Voice Portal 7.0
NA
CVE-2022-26392
The Baxter Spectrum WBM (v16, v16D38) and Baxter Spectrum WBM (v17, v17D19, v20D29 to v20D32) when in superuser mode is susceptible to format string attacks via application messaging. An attacker could use this to read memory in the WBM to access sensitive information.
Baxter Spectrum Wireless Battery Module Firmware 16
Baxter Spectrum Wireless Battery Module Firmware 16d38
Baxter Spectrum Wireless Battery Module Firmware 17
Baxter Spectrum Wireless Battery Module Firmware 17d19
Baxter Spectrum Wireless Battery Module Firmware
Baxter Sigma Spectrum 35700bax Firmware -
Baxter Sigma Spectrum 35700bax2 Firmware -
Baxter Baxter Spectrum Iq 35700bax3 Firmware -
641
VMScore
CVE-2006-3784
Symantec pcAnywhere 12.5 uses weak default permissions for the "Symantec\pcAnywhere\Hosts" folder, which allows local users to gain privileges by inserting a superuser .cif (aka caller or CallerID) file into the folder, and then using a pcAnywhere client to login as a l...
Symantec Pcanywhere 12.5
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
XXE
CVE-2024-34490
SQL injection
CVE-2024-34488
CVE-2024-4507
CVE-2023-7028
CVE-2024-23187
TCP
CVE-2024-4439
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »