Vulnerabilities > MAN DB Project

DATE CVE VULNERABILITY TITLE RISK
2023-01-26 CVE-2018-25078 Unspecified vulnerability in Man-Db Project Man-Db
man-db before 2.8.5 on Gentoo allows local users (with access to the man user account) to gain root privileges because /usr/bin/mandb is executed by root but not owned by root.
local
low complexity
man-db-project
7.8
2017-09-28 CVE-2015-1336 Improper Access Control vulnerability in Man-Db Project Man-Db
The daily mandb cleanup job in Man-db before 2.7.6.1-1 as packaged in Ubuntu and Debian allows local users with access to the man account to gain privileges via vectors involving insecure chown use.
local
low complexity
man-db-project canonical debian CWE-284
7.2