CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2021-26936

The replay-sorcery program in ReplaySorcery 0.4.0 through 0.5.0, when using the default setuid-root configuration, allows a local attacker to escalate privileges to root by specifying video output paths in privileged locations.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 7.6%

CVSS Severity

CVSS v3 Score 7.8

CVSS v2 Score 7.2

References

http://www.openwall.com/lists/oss-security/2021/02/10/1
https://github.com/matanui159/ReplaySorcery/releases
http://www.openwall.com/lists/oss-security/2021/02/10/1
https://github.com/matanui159/ReplaySorcery/releases

Products affected by CVE-2021-26936

Replaysorcery Project » Replaysorcery » Version: 0.4.0

cpe:2.3:a:replaysorcery_project:replaysorcery:0.4.0
Replaysorcery Project » Replaysorcery » Version: 0.4.1

cpe:2.3:a:replaysorcery_project:replaysorcery:0.4.1
Replaysorcery Project » Replaysorcery » Version: 0.4.2

cpe:2.3:a:replaysorcery_project:replaysorcery:0.4.2
Replaysorcery Project » Replaysorcery » Version: 0.5.0

cpe:2.3:a:replaysorcery_project:replaysorcery:0.5.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-26936

Products

Pricing

Contact Us