CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2021-36983
https://notcve.org/view.php?id=CVE-2021-36983
28 Jul 2021 — replay-sorcery-kms in Replay Sorcery 0.6.0 allows a local attacker to gain root privileges via a symlink attack on /tmp/replay-sorcery or /tmp/replay-sorcery/device.sock. replay-sorcery-kms en Replay Sorcery versión 0.6.0, permite a un atacante local alcanzar privilegios de root por medio de un ataque symlink en los archivos /tmp/replay-sorcery o /tmp/replay-sorcery/device.sock • http://www.openwall.com/lists/oss-security/2021/07/27/1 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2021-26936
https://notcve.org/view.php?id=CVE-2021-26936
10 Feb 2021 — The replay-sorcery program in ReplaySorcery 0.4.0 through 0.5.0, when using the default setuid-root configuration, allows a local attacker to escalate privileges to root by specifying video output paths in privileged locations. El programa replay-sorcery en ReplaySorcery versiones 0.4.0 hasta 0.5.0, cuando se usa la configuración setuid-root predeterminada, permite a un atacante local escalar privilegios a root al especificar rutas de salida de video en ubicaciones privilegiadas • http://www.openwall.com/lists/oss-security/2021/02/10/1 • CWE-269: Improper Privilege Management •