Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
suid vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2006-4227
MySQL prior to 5.0.25 and 5.1 prior to 5.1.12 evaluates arguments of suid routines in the security context of the routine's definer instead of the routine's caller, which allows remote authenticated users to gain privileges through a routine that has been made available...
Oracle Mysql 5.0.0
Mysql Mysql 5.0.1
Mysql Mysql 5.0.24
Mysql Mysql 5.0.3
Mysql Mysql 5.0.4
Mysql Mysql 5.0.22.1.0.1
Oracle Mysql 5.1.10
Mysql Mysql 5.1.5
Mysql Mysql 5.0.2
Mysql Mysql 5.0.20
Oracle Mysql 5.1.6
Oracle Mysql 5.1.9
1 EDB exploit
NA
CVE-2010-2059
lib/fsm.c in RPM 4.8.0 and unspecified 4.7.x and 4.6.x versions, and RPM prior to 4.4.3, does not properly reset the metadata of an executable file during replacement of the file in an RPM package upgrade, which might allow local users to gain privileges by creating a hard link t...
Rpm Rpm 2.3.5
Rpm Rpm 4.4.2.1
Rpm Rpm 1.4.3
Rpm Rpm 3.0.1
Rpm Rpm 4.1
Rpm Rpm 2.2.3.11
Rpm Rpm 2.4.4
Rpm Rpm 2.3.8
Rpm Rpm 2.0.6
Rpm Rpm 1.4.4
Rpm Rpm 4.4.2
Rpm Rpm 1.4.2\\/a
Rpm Rpm 2.4.1
Rpm Rpm 2.4.9
Rpm Rpm 2.6.7
Rpm Rpm 2..4.10
Rpm Rpm 1.4
Rpm Rpm 2.0.10
Rpm Rpm 2.4.5
Rpm Rpm 4.0.1
Rpm Rpm 2.2.11
Rpm Rpm 4.0.4
9.8
CVSSv3
CVE-2022-30525
A OS command injection vulnerability in the CGI program of Zyxel USG FLEX 100(W) firmware versions 5.00 up to and including 5.21 Patch 1, USG FLEX 200 firmware versions 5.00 up to and including 5.21 Patch 1, USG FLEX 500 firmware versions 5.00 up to and including 5.21 Patch 1, US...
Zyxel Usg Flex 100w Firmware
Zyxel Usg Flex 200 Firmware
Zyxel Usg Flex 500 Firmware
Zyxel Usg Flex 700 Firmware
Zyxel Vpn100 Firmware
Zyxel Vpn1000 Firmware
Zyxel Vpn300 Firmware
Zyxel Vpn50 Firmware
Zyxel Atp100 Firmware
Zyxel Atp100w Firmware
Zyxel Atp200 Firmware
Zyxel Atp500 Firmware
Zyxel Atp700 Firmware
Zyxel Atp800 Firmware
Zyxel Usg Flex 50w Firmware
Zyxel Usg20w-vpn Firmware
1 Metasploit module
17 Github repositories
NA
CVE-2001-0169
When using the LD_PRELOAD environmental variable in SUID or SGID applications, glibc does not verify that preloaded libraries in /etc/ld.so.cache are also SUID/SGID, which could allow a local user to overwrite arbitrary files by loading a library from /lib or /usr/lib.
Mandrakesoft Mandrake Linux Corporate Server 1.0.1
Redhat Linux 6.0
Redhat Linux 6.2
Mandrakesoft Mandrake Linux 6.1
Mandrakesoft Mandrake Linux 7.0
Redhat Linux 6.1
Turbolinux Turbolinux
Mandrakesoft Mandrake Linux 7.1
Mandrakesoft Mandrake Linux 7.2
Mandrakesoft Mandrake Linux 6.0
Trustix Secure Linux 1.1
Trustix Secure Linux 1.2
Turbolinux Turbolinux 6.1
1 EDB exploit
NA
CVE-2004-0806
cdrecord in the cdrtools package prior to 2.01, when installed setuid root, does not properly drop privileges before executing a program specified in the RSH environment variable, which allows local users to gain privileges.
Cdrtools Cdrecord 1.11
Cdrtools Cdrecord 2.0
2 EDB exploits
1 Github repository
7
CVSSv3
CVE-2016-1757
Race condition in the kernel in Apple iOS prior to 9.3 and OS X prior to 10.11.4 allows malicious users to execute arbitrary code in a privileged context via a crafted app.
Apple Mac Os X
Apple Iphone Os
2 EDB exploits
6 Github repositories
1 Article
NA
CVE-2003-0462
A race condition in the way env_start and env_end pointers are initialized in the execve system call and used in fs/proc/base.c on Linux 2.4 allows local users to cause a denial of service (crash).
Mandrakesoft Mandrake Multi Network Firewall 8.2
Linux Linux Kernel 2.4.1
Linux Linux Kernel 2.4.10
Linux Linux Kernel 2.4.13
Linux Linux Kernel 2.4.14
Linux Linux Kernel 2.4.20
Linux Linux Kernel 2.4.21
Linux Linux Kernel 2.4.9
Mandrakesoft Mandrake Linux 8.2
Linux Linux Kernel 2.4.11
Linux Linux Kernel 2.4.12
Linux Linux Kernel 2.4.19
Linux Linux Kernel 2.4.2
Linux Linux Kernel 2.4.7
Linux Linux Kernel 2.4.8
Linux Linux Kernel 2.4.17
Linux Linux Kernel 2.4.18
Linux Linux Kernel 2.4.5
Linux Linux Kernel 2.4.6
Linux Linux Kernel 2.4.0
Linux Linux Kernel 2.4.15
Linux Linux Kernel 2.4.16
1 EDB exploit
NA
CVE-2000-0824
The unsetenv function in glibc 2.1.1 does not properly unset an environmental variable if the variable is provided twice to a program, which could allow local users to execute arbitrary commands in setuid programs by specifying their own duplicate environmental variables such as ...
Gnu Glibc 2.1.1
1 EDB exploit
7
CVSSv3
CVE-2021-3864
A flaw was found in the way the dumpable flag setting was handled when certain SUID binaries executed its descendants. The prerequisite is a SUID binary that sets real UID equal to effective UID, and real GID equal to effective GID. The descendant will then have a dumpable value ...
Linux Linux Kernel -
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 6.0
Redhat Enterprise Linux 9.0
2 Github repositories
7.8
CVSSv3
CVE-2012-3409
ecryptfs-utils: suid helper does not restrict mounting filesystems with nosuid,nodev which creates a possible privilege escalation
Ecryptfs Ecryptfs-utils
Debian Debian Linux 8.0
Debian Debian Linux 9.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-17519
open redirect
CVE-2024-21683
cache poisoning
CVE-2021-47524
CVE-2021-47521
CVE-2024-5229
CVE-2021-47560
local
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »