Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
rpath vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2023-26031
Relative library resolution in linux container-executor binary in Apache Hadoop 3.3.1-3.3.4 on Linux allows local user to gain root privileges. If the YARN cluster is accepting work from remote (authenticated) users, this MAY permit remote users to gain root privileges. Hadoop 3....
Apache Hadoop
6.1
CVSSv3
CVE-2022-27258
Multiple Cross-Site Scripting (XSS) vulnerabilities in Hubzilla 7.0.3 and previous versions allows remote malicious user to include arbitrary web script or HTML via the rpath parameter.
Hubzilla Hubzilla 7.0.3
8.8
CVSSv3
CVE-2021-28249
CA eHealth Performance Manager up to and including 6.3.2.12 is affected by Privilege Escalation via a Dynamically Linked Shared Object Library. To exploit the vulnerability, the ehealth user must create a malicious library in the writable RPATH, to be dynamically linked when the ...
Ca Ehealth Performance Manager
7.8
CVSSv3
CVE-2021-28246
CA eHealth Performance Manager up to and including 6.3.2.12 is affected by Privilege Escalation via a Dynamically Linked Shared Object Library. A regular user must create a malicious library in the writable RPATH, to be dynamically linked when the emtgtctl2 executable is run. The...
Broadcom Ehealth
7.8
CVSSv3
CVE-2020-26947
monero-wallet-gui in Monero GUI prior to 0.17.1.0 includes the . directory in an embedded RPATH (with a preference ahead of /usr/lib), which allows local users to gain privileges via a Trojan horse library in the current working directory.
Getmonero Monero
7.8
CVSSv3
CVE-2013-7172
Slackware 13.1, 13.37, 14.0 and 14.1 contain world-writable permissions on the iodbctest and iodbctestw programs within the libiodbc package, which could allow local users to use RPATH information to execute arbitrary code with root privileges.
Slackware Slackware Linux 13.37
Slackware Slackware Linux 14.1
Slackware Slackware Linux 14.0
Slackware Slackware Linux 13.1
7.8
CVSSv3
CVE-2008-3278
frysk packages through 2008-08-05 as shipped in Red Hat Enterprise Linux 5 are built with an insecure RPATH set in the ELF header of multiple binaries in /usr/bin/f* (e.g. fcore, fcatch, fstack, fstep, ...) shipped in the package. A local attacker can exploit this vulnerability b...
Redhat Frysk
7.8
CVSSv3
CVE-2019-4473
Multiple binaries in IBM SDK, Java Technology Edition 7, 7R, and 8 on the AIX platform use insecure absolute RPATHs, which may facilitate code injection and privilege elevation by local users. IBM X-Force ID: 163984.
Ibm Java 7.0.0.0
Ibm Java 8.0
Ibm Java 7.1.4.50
7.8
CVSSv3
CVE-2019-11771
AIX builds of Eclipse OpenJ9 prior to 0.15.0 contain unused RPATHs which may facilitate code injection and privilege elevation by local users.
Eclipse Openj9
9.8
CVSSv3
CVE-2018-11236
stdlib/canonicalize.c in the GNU C Library (aka glibc or libc6) 2.27 and previous versions, when processing very long pathname arguments to the realpath function, could encounter an integer overflow on 32-bit architectures, leading to a stack-based buffer overflow and, potentiall...
Gnu Glibc
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Server 7.0
Redhat Virtualization Host 4.0
Oracle Enterprise Communications Broker 3.0.0
Oracle Enterprise Communications Broker 3.1.0
Oracle Communications Session Border Controller 8.1.0
Oracle Communications Session Border Controller 8.2.0
Oracle Communications Session Border Controller 8.0.0
Netapp Data Ontap Edge -
Netapp Element Software Management -
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23692
CVE-2012-1823
memory leak
CVE-2024-0627
CVE-2024-31402
privilege escalation
CVE-2024-36418
remote code execution
CVE-2024-27844
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »