← Back

Man Db

man-db

Vendor: Man Db Project • 2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2018-25078
1Man Db Project
1Man Db
Apr 2, 2025
Jan 26, 2023
N/A· v4
7.8 HIGH· v3
N/A· v2
man-db before 2.8.5 on Gentoo allows local users (with access to the man user account) to gain root privileges because /usr/bin/mandb is executed by root but not owned by root. (Also, the owner can strip the setuid and s...Show more
man-db before 2.8.5 on Gentoo allows local users (with access to the man user account) to gain root privileges because /usr/bin/mandb is executed by root but not owned by root. (Also, the owner can strip the setuid and setgid bits.)Show less
CVE-2015-1336
1Man Db Project
1Man Db
May 13, 2026
Sep 28, 2017
N/A· v4
7.8 HIGH· v3
7.2 HIGH· v2
The daily mandb cleanup job in Man-db before 2.7.6.1-1 as packaged in Ubuntu and Debian allows local users with access to the man account to gain privileges via vectors involving insecure chown use.