Common Weakness Enumeration

CWE-272

Allowed

Least Privilege Violation

Abstraction: Base · Status: Incomplete

The elevated privilege level required to perform operations such as chroot() should be dropped immediately after the operation is performed.

54 vulnerabilities reference this CWE, most recent first.

CVE-2023-28046 (GCVE-0-2023-28046)

Vulnerability from cvelistv5 – Published: 2023-04-06 06:07 – Updated: 2025-02-10 20:23
VLAI
Summary
Dell Display Manager, versions 2.1.0 and prior, contains an arbitrary file or folder deletion vulnerability during uninstallation A local low privilege attacker could potentially exploit this vulnerability, leading to the deletion of arbitrary files on the operating system with high privileges.
SSVC
Exploitation: none Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-272 - Least Privilege Violation
Assigner
References
Impacted products
Vendor Product Version
Dell Dell Display Manager Affected: 2.1.0 and prior
Create a notification for this product.
Date Public
2023-04-04 06:30
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T12:30:22.686Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://www.dell.com/support/kbdoc/en-us/000211727/dsa-2023"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-28046",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-02-10T20:23:17.529642Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-02-10T20:23:20.926Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Dell Display Manager",
          "vendor": "Dell",
          "versions": [
            {
              "status": "affected",
              "version": "2.1.0 and prior"
            }
          ]
        }
      ],
      "datePublic": "2023-04-04T06:30:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eDell Display Manager, versions 2.1.0 and prior, contains an arbitrary file or folder deletion vulnerability during uninstallation A local low privilege attacker could potentially exploit this vulnerability, leading to the deletion of arbitrary files on the operating system with high privileges.\u003c/span\u003e\n\n"
            }
          ],
          "value": "\nDell Display Manager, versions 2.1.0 and prior, contains an arbitrary file or folder deletion vulnerability during uninstallation A local low privilege attacker could potentially exploit this vulnerability, leading to the deletion of arbitrary files on the operating system with high privileges.\n\n"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 6.6,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-272",
              "description": "CWE-272: Least Privilege Violation",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-04-06T06:07:35.341Z",
        "orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
        "shortName": "dell"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://www.dell.com/support/kbdoc/en-us/000211727/dsa-2023"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
    "assignerShortName": "dell",
    "cveId": "CVE-2023-28046",
    "datePublished": "2023-04-06T06:07:35.341Z",
    "dateReserved": "2023-03-10T05:01:43.869Z",
    "dateUpdated": "2025-02-10T20:23:20.926Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2021-26726 (GCVE-0-2021-26726)

Vulnerability from cvelistv5 – Published: 2022-02-16 15:15 – Updated: 2024-09-17 00:36
VLAI
Title
Remote code execution in Valmet DNA before Collection 2021
Summary
A remote code execution vulnerability affecting a Valmet DNA service listening on TCP port 1517, allows an attacker to execute commands with SYSTEM privileges This issue affects: Valmet DNA versions from Collection 2012 until Collection 2021.
CWE
  • CWE-305 - Authentication Bypass by Primary Weakness
  • CWE-209 - Information Exposure Through an Error Message
  • CWE-272 - Least Privilege Violation
  • CWE-78 - OS Command Injection
Assigner
References
Impacted products
Vendor Product Version
Valmet DNA Valmet DNA Affected: Collection 2012 , < Collection 2021 (custom)
Create a notification for this product.
Date Public
2022-02-15 00:00
Credits
This bug was found by Ivan Speziale of Nozomi Networks
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T20:33:41.017Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.nozominetworks.com/labs/vulnerability-advisories/cve-2021-26726/"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.valmet.com/about-us/research-and-development/vulnerabilityadvisories/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Valmet DNA",
          "vendor": "Valmet DNA",
          "versions": [
            {
              "lessThan": "Collection 2021",
              "status": "affected",
              "version": "Collection 2012",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "This bug was found by Ivan Speziale of Nozomi Networks"
        }
      ],
      "datePublic": "2022-02-15T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A remote code execution vulnerability affecting a Valmet DNA service listening on TCP port 1517, allows an attacker to execute commands with SYSTEM privileges This issue affects: Valmet DNA versions from Collection 2012 until Collection 2021."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-305",
              "description": "CWE-305 Authentication Bypass by Primary Weakness",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-209",
              "description": "CWE-209 Information Exposure Through an Error Message",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-272",
              "description": "CWE-272 Least Privilege Violation",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-78",
              "description": "CWE-78 OS Command Injection",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-02-16T15:15:12.000Z",
        "orgId": "bec8025f-a851-46e5-b3a3-058e6b0aa23c",
        "shortName": "Nozomi"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.nozominetworks.com/labs/vulnerability-advisories/cve-2021-26726/"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.valmet.com/about-us/research-and-development/vulnerabilityadvisories/"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "value": "Upgrade to Valmet DNA version Collection 2021"
        }
      ],
      "source": {
        "advisory": "https://security.nozominetworks.com/NN-2021:2-01",
        "defect": [
          "NN_2021-0021"
        ],
        "discovery": "EXTERNAL"
      },
      "title": "Remote code execution in Valmet DNA before Collection 2021",
      "workarounds": [
        {
          "lang": "en",
          "value": "Use Valmet DNA Firewall feature to limit access to TCP port 1517"
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.0.9"
      },
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "prodsec@nozominetworks.com",
          "DATE_PUBLIC": "2022-02-15T23:00:00.000Z",
          "ID": "CVE-2021-26726",
          "STATE": "PUBLIC",
          "TITLE": "Remote code execution in Valmet DNA before Collection 2021"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Valmet DNA",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_name": "Collection 2012",
                            "version_value": "Collection 2021"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Valmet DNA"
              }
            ]
          }
        },
        "credit": [
          {
            "lang": "eng",
            "value": "This bug was found by Ivan Speziale of Nozomi Networks"
          }
        ],
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "A remote code execution vulnerability affecting a Valmet DNA service listening on TCP port 1517, allows an attacker to execute commands with SYSTEM privileges This issue affects: Valmet DNA versions from Collection 2012 until Collection 2021."
            }
          ]
        },
        "generator": {
          "engine": "Vulnogram 0.0.9"
        },
        "impact": {
          "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-305 Authentication Bypass by Primary Weakness"
                }
              ]
            },
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-209 Information Exposure Through an Error Message"
                }
              ]
            },
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-272 Least Privilege Violation"
                }
              ]
            },
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-78 OS Command Injection"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.nozominetworks.com/labs/vulnerability-advisories/cve-2021-26726/",
              "refsource": "CONFIRM",
              "url": "https://www.nozominetworks.com/labs/vulnerability-advisories/cve-2021-26726/"
            },
            {
              "name": "https://www.valmet.com/about-us/research-and-development/vulnerabilityadvisories/",
              "refsource": "MISC",
              "url": "https://www.valmet.com/about-us/research-and-development/vulnerabilityadvisories/"
            }
          ]
        },
        "solution": [
          {
            "lang": "en",
            "value": "Upgrade to Valmet DNA version Collection 2021"
          }
        ],
        "source": {
          "advisory": "https://security.nozominetworks.com/NN-2021:2-01",
          "defect": [
            "NN_2021-0021"
          ],
          "discovery": "EXTERNAL"
        },
        "work_around": [
          {
            "lang": "en",
            "value": "Use Valmet DNA Firewall feature to limit access to TCP port 1517"
          }
        ]
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "bec8025f-a851-46e5-b3a3-058e6b0aa23c",
    "assignerShortName": "Nozomi",
    "cveId": "CVE-2021-26726",
    "datePublished": "2022-02-16T15:15:12.708Z",
    "dateReserved": "2021-02-05T00:00:00.000Z",
    "dateUpdated": "2024-09-17T00:36:09.622Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

GHSA-29RW-JX9G-7H6H

Vulnerability from github – Published: 2023-04-20 09:30 – Updated: 2024-04-04 03:36
VLAI
Details

Dell Display Manager, versions 2.1.0 and prior, contains an arbitrary file or folder creation vulnerability during installation. A local low privilege attacker could potentially exploit this vulnerability, leading to the execution of arbitrary code on the operating system with high privileges.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-28047"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-272"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-04-20T07:15:07Z",
    "severity": "HIGH"
  },
  "details": "\nDell Display Manager, versions 2.1.0 and prior, contains an arbitrary file or folder creation vulnerability during installation. A local low privilege attacker could potentially exploit this vulnerability, leading to the execution of arbitrary code on the operating system with high privileges.\n\n",
  "id": "GHSA-29rw-jx9g-7h6h",
  "modified": "2024-04-04T03:36:35Z",
  "published": "2023-04-20T09:30:16Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-28047"
    },
    {
      "type": "WEB",
      "url": "https://www.dell.com/support/kbdoc/en-uk/000211727/dsa-2023"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-2RFR-R5FG-2857

Vulnerability from github – Published: 2025-05-16 03:30 – Updated: 2025-05-16 03:30
VLAI
Details

Wibu CodeMeter before 8.30a sometimes allows privilege escalation immediately after installation (before a logoff or reboot). For exploitation, there must have been an unprivileged installation with UAC, and the CodeMeter Control Center component must be installed, and the CodeMeter Control Center component must not have been restarted. In this scenario, the local user can navigate from Import License to a privileged instance of Windows Explorer.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-47809"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-272"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-05-16T01:15:51Z",
    "severity": "HIGH"
  },
  "details": "Wibu CodeMeter before 8.30a sometimes allows privilege escalation immediately after installation (before a logoff or reboot). For exploitation, there must have been an unprivileged installation with UAC, and the CodeMeter Control Center component must be installed, and the CodeMeter Control Center component must not have been restarted. In this scenario, the local user can navigate from Import License to a privileged instance of Windows Explorer.",
  "id": "GHSA-2rfr-r5fg-2857",
  "modified": "2025-05-16T03:30:33Z",
  "published": "2025-05-16T03:30:33Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-47809"
    },
    {
      "type": "WEB",
      "url": "https://www.wibu.com/support/security-advisories/wibu-100120.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-5PGQ-563R-5Q77

Vulnerability from github – Published: 2023-04-06 09:31 – Updated: 2023-04-12 21:30
VLAI
Details

Dell Display Manager, versions 2.1.0 and prior, contains an arbitrary file or folder deletion vulnerability during uninstallation A local low privilege attacker could potentially exploit this vulnerability, leading to the deletion of arbitrary files on the operating system with high privileges.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-28046"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-272"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-04-06T07:15:00Z",
    "severity": "HIGH"
  },
  "details": "Dell Display Manager, versions 2.1.0 and prior, contains an arbitrary file or folder deletion vulnerability during uninstallation A local low privilege attacker could potentially exploit this vulnerability, leading to the deletion of arbitrary files on the operating system with high privileges.",
  "id": "GHSA-5pgq-563r-5q77",
  "modified": "2023-04-12T21:30:21Z",
  "published": "2023-04-06T09:31:03Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-28046"
    },
    {
      "type": "WEB",
      "url": "https://www.dell.com/support/kbdoc/en-us/000211727/dsa-2023"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-8Q44-9G8Q-JMQV

Vulnerability from github – Published: 2024-03-22 12:30 – Updated: 2024-03-22 12:30
VLAI
Details

Least privilege violation in the Checkmk agent plugins mk_oracle, mk_oracle.ps1, and mk_oracle_crs before Checkmk 2.3.0b4 (beta), 2.2.0p24, 2.1.0p41 and 2.0.0 (EOL) allows local users to escalate privileges.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-0638"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-272"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-03-22T11:15:46Z",
    "severity": "HIGH"
  },
  "details": "Least privilege violation in the Checkmk agent plugins mk_oracle, mk_oracle.ps1, and mk_oracle_crs before Checkmk 2.3.0b4 (beta), 2.2.0p24, 2.1.0p41 and 2.0.0 (EOL) allows local users to escalate privileges.",
  "id": "GHSA-8q44-9g8q-jmqv",
  "modified": "2024-03-22T12:30:45Z",
  "published": "2024-03-22T12:30:45Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-0638"
    },
    {
      "type": "WEB",
      "url": "https://checkmk.com/werk/16232"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-9242-G69W-GF26

Vulnerability from github – Published: 2024-06-14 06:34 – Updated: 2024-07-04 06:35
VLAI
Details

Toshiba printers contain a suidperl binary and it has a Local Privilege Escalation vulnerability. A local attacker can get root privileges. As for the affected products/models/versions, see the reference URL.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-27165"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-272"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-06-14T04:15:33Z",
    "severity": "HIGH"
  },
  "details": "Toshiba printers contain a suidperl binary and it has a Local Privilege Escalation vulnerability. A local attacker can get root privileges. As for the affected products/models/versions, see the reference URL.",
  "id": "GHSA-9242-g69w-gf26",
  "modified": "2024-07-04T06:35:04Z",
  "published": "2024-06-14T06:34:46Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-27165"
    },
    {
      "type": "WEB",
      "url": "https://jvn.jp/en/vu/JVNVU97136265/index.html"
    },
    {
      "type": "WEB",
      "url": "https://www.toshibatec.com/information/20240531_01.html"
    },
    {
      "type": "WEB",
      "url": "https://www.toshibatec.com/information/pdf/information20240531_01.pdf"
    },
    {
      "type": "WEB",
      "url": "http://seclists.org/fulldisclosure/2024/Jul/1"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-92MG-7Q42-FFQV

Vulnerability from github – Published: 2025-12-16 18:31 – Updated: 2025-12-16 18:31
VLAI
Details

In JetBrains TeamCity before 2025.11.1 excessive privileges were possible due to storing GitHub personal access token instead of an installation token

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-68267"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-272"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-12-16T16:16:06Z",
    "severity": "MODERATE"
  },
  "details": "In JetBrains TeamCity before 2025.11.1 excessive privileges were possible due to storing GitHub personal access token instead of an installation token",
  "id": "GHSA-92mg-7q42-ffqv",
  "modified": "2025-12-16T18:31:32Z",
  "published": "2025-12-16T18:31:32Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-68267"
    },
    {
      "type": "WEB",
      "url": "https://www.jetbrains.com/privacy-security/issues-fixed"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-9FC8-V7VW-438W

Vulnerability from github – Published: 2024-02-06 09:31 – Updated: 2024-02-06 09:31
VLAI
Details

Dell Display Manager application, version 2.1.1.17, contains a vulnerability that low privilege user can execute malicious code during installation and uninstallation

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-32451"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-269",
      "CWE-272"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-02-06T08:15:48Z",
    "severity": "HIGH"
  },
  "details": "\nDell Display Manager application, version 2.1.1.17, contains a vulnerability that low privilege user can execute malicious code during installation and uninstallation\n\n",
  "id": "GHSA-9fc8-v7vw-438w",
  "modified": "2024-02-06T09:31:38Z",
  "published": "2024-02-06T09:31:38Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-32451"
    },
    {
      "type": "WEB",
      "url": "https://www.dell.com/support/kbdoc/en-us/000215216/dsa-2023-182-dell"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-G5FC-F834-RCR2

Vulnerability from github – Published: 2026-04-03 03:31 – Updated: 2026-07-10 12:31
VLAI
Details

In Sudo through 1.9.17p2 before 3e474c2, a failure of a setuid, setgid, or setgroups call, during a privilege drop before running the mailer, is not a fatal error and can lead to privilege escalation.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-35535"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-271",
      "CWE-272"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-04-03T03:16:18Z",
    "severity": "HIGH"
  },
  "details": "In Sudo through 1.9.17p2 before 3e474c2, a failure of a setuid, setgid, or setgroups call, during a privilege drop before running the mailer, is not a fatal error and can lead to privilege escalation.",
  "id": "GHSA-g5fc-f834-rcr2",
  "modified": "2026-07-10T12:31:27Z",
  "published": "2026-04-03T03:31:02Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-35535"
    },
    {
      "type": "WEB",
      "url": "https://github.com/sudo-project/sudo/commit/3e474c2f201484be83d994ae10a4e20e8c81bb69"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:21656"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:21690"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:21695"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:23233"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:28887"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:30088"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:34098"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/security/cve/CVE-2026-35535"
    },
    {
      "type": "WEB",
      "url": "https://bugs.debian.org/1130593"
    },
    {
      "type": "WEB",
      "url": "https://bugs.launchpad.net/ubuntu/+source/sudo/+bug/2143042"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2454714"
    },
    {
      "type": "WEB",
      "url": "https://cert-portal.siemens.com/productcert/html/ssa-253495.html"
    },
    {
      "type": "WEB",
      "url": "https://lists.debian.org/debian-lts-announce/2026/06/msg00003.html"
    },
    {
      "type": "WEB",
      "url": "https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-35535.json"
    },
    {
      "type": "WEB",
      "url": "https://www.qualys.com/2026/03/10/crack-armor.txt"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:10758"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:11521"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:12310"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:13731"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:13888"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:13889"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:13891"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:13892"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:13895"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:13896"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:14228"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:14437"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:19067"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:19220"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:20040"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:20087"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2026:21275"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

Mitigation MIT-1
Architecture and Design Operation

Very carefully manage the setting, management, and handling of privileges. Explicitly manage trust zones in the software.

Mitigation MIT-48
Architecture and Design

Strategy: Separation of Privilege

Follow the principle of least privilege when assigning access rights to entities in a software system.

Mitigation MIT-46
Architecture and Design

Strategy: Separation of Privilege

  • Compartmentalize the system to have "safe" areas where trust boundaries can be unambiguously drawn. Do not allow sensitive data to go outside of the trust boundary and always be careful when interfacing with a compartment outside of the safe area.
  • Ensure that appropriate compartmentalization is built into the system design, and the compartmentalization allows for and reinforces privilege separation functionality. Architects and designers should rely on the principle of least privilege to decide the appropriate time to use privileges and the time to drop privileges.
CAPEC-17: Using Malicious Files

An attack of this type exploits a system's configuration that allows an adversary to either directly access an executable file, for example through shell access; or in a possible worst case allows an adversary to upload a file and then execute it. Web servers, ftp servers, and message oriented middleware systems which have many integration points are particularly vulnerable, because both the programmers and the administrators must be in synch regarding the interfaces and the correct privileges for each interface.

CAPEC-35: Leverage Executable Code in Non-Executable Files

An attack of this type exploits a system's trust in configuration and resource files. When the executable loads the resource (such as an image file or configuration file) the attacker has modified the file to either execute malicious code directly or manipulate the target process (e.g. application server) to execute based on the malicious configuration parameters. Since systems are increasingly interrelated mashing up resources from local and remote sources the possibility of this attack occurring is high.

CAPEC-76: Manipulating Web Input to File System Calls

An attacker manipulates inputs to the target software which the target software passes to file system calls in the OS. The goal is to gain access to, and perhaps modify, areas of the file system that the target software did not intend to be accessible.