Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
superuser vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2019-6961
Incorrect access control in actionHandlerUtility.php in the RDK RDKB-20181217-1 WebUI module allows a logged in user to control DDNS, QoS, RIP, and other privileged configurations (intended only for the network operator) by sending an HTTP POST to the PHP backend, because the pag...
Rdkcentral Rdkb Ccsppandm Rdkb-20181217-1
NA
CVE-2007-3724
The process scheduler in the Microsoft Windows XP kernel does not make use of the process statistics kept by the kernel, performs scheduling based on CPU billing gathered from periodic process sampling ticks, and gives preference to "interactive" processes that perform ...
Microsoft Windows Xp
8.8
CVSSv3
CVE-2017-7220
OpenText Documentum Content Server allows superuser access via sys_obj_save or save of a crafted object, followed by an unauthorized "UPDATE dm_dbo.dm_user_s SET user_privileges=16" command, aka an "RPC save-commands" attack. NOTE: this vulnerability exists be...
Opentext Documentum Content Server -
4.8
CVSSv3
CVE-2004-1865
Cross-site scripting (XSS) vulnerability in the administration panel in bBlog 0.7.2 allows remote authenticated users with superuser privileges to inject arbitrary web script or HTML via a blog name ($blogname). NOTE: if administrators are normally allowed to add HTML by other me...
Bblog Bblog 0.7.2
8.8
CVSSv3
CVE-2023-25149
TimescaleDB, an open-source time-series SQL database, has a privilege escalation vulnerability in versions 2.8.0 up to and including 2.9.2. During installation, TimescaleDB creates a telemetry job that is runs as the installation user. The queries run as part of the telemetry dat...
Timescale Timescaledb
NA
CVE-2023-3939
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in ZkTeco-based OEM devices allows OS Command Injection. Since all the found command implementations are executed from the superuser, their impact is the maximum pos...
NA
CVE-2000-0993
Format string vulnerability in pw_error function in BSD libutil library allows local users to gain root privileges via a malformed password in commands such as chpass or passwd.
Freebsd Freebsd 3.4
Freebsd Freebsd 3.5
Openbsd Openbsd 2.5
Openbsd Openbsd 2.6
Freebsd Freebsd 4.0
Netbsd Netbsd 1.4
Openbsd Openbsd 2.7
Netbsd Netbsd 1.4.1
Netbsd Netbsd 1.4.2
Freebsd Freebsd 3.2
Freebsd Freebsd 3.3
Openbsd Openbsd 2.3
Openbsd Openbsd 2.4
1 EDB exploit
8.8
CVSSv3
CVE-2023-41118
An issue exists in EnterpriseDB Postgres Advanced Server (EPAS) prior to 11.21.32, 12.x prior to 12.16.20, 13.x prior to 13.12.16, 14.x prior to 14.9.0, and 15.x prior to 15.4.0. It may allow an authenticated user to bypass authorization requirements and access underlying impleme...
Enterprisedb Postgres Advanced Server
NA
CVE-2010-0668
Unspecified vulnerability in MoinMoin 1.5.x up to and including 1.7.x, 1.8.x prior to 1.8.7, and 1.9.x prior to 1.9.2 has unknown impact and attack vectors, related to configurations that have a non-empty superuser list, the xmlrpc action enabled, the SyncPages action enabled, or...
Moinmo Moinmoin 1.8.1
Moinmo Moinmoin 1.8.2
Moinmo Moinmoin 1.5.0
Moinmo Moinmoin 1.5.3
Moinmo Moinmoin 1.6.0
Moinmo Moinmoin 1.7.0
Moinmo Moinmoin 1.7.2
Moinmo Moinmoin 1.7.3
Moinmo Moinmoin 1.8.3
Moinmo Moinmoin 1.8.4
Moinmo Moinmoin 1.5.4
Moinmo Moinmoin 1.5.5
Moinmo Moinmoin 1.8.6
Moinmo Moinmoin 1.5.1
Moinmo Moinmoin 1.5.5a
Moinmo Moinmoin 1.5.6
Moinmo Moinmoin 1.6.1
Moinmo Moinmoin 1.6.2
Moinmo Moinmoin 1.9.0
Moinmo Moinmoin 1.9.1
Moinmo Moinmoin 1.8.0
Moinmo Moinmoin 1.5.2
NA
CVE-2001-0668
Buffer overflow in line printer daemon (rlpdaemon) in HP-UX 10.01 up to and including 11.11 allows remote malicious users to execute arbitrary commands.
Hp Hp-ux 10.01
Hp Hp-ux 10.10
Hp Hp-ux 10.20
Hp Hp-ux 11.00
Hp Hp-ux 11.11
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »