SUSE-SU-2026:1063-1 Security update for frr

This update for frr fixes the following issues: Security issues: - CVE-2025-61099: NULL Pointer Dereference in FRRouting bsc1252838. - CVE-2025-61100: NULL Pointer Dereference in FRRouting bsc1252829. - CVE-2025-61101: NULL Pointer Dereference in FRRouting bsc1252833. - CVE-2025-61102: NULL Point...

Relative Path Traversal

Overview Affected versions of this package are vulnerable to Relative Path Traversal in the untar process. An attacker can execute arbitrary code with elevated privileges by crafting a malicious archive containing symbolic links that overwrite critical files such as /var/run/argo/argoexec, which...

EUVD-2012-4409

Malware in sbrugna...

NewStart CGSL MAIN 6.06 : initscripts Vulnerability (NS-SA-2025-0229)

The remote NewStart CGSL host, running version MAIN 6.06, has initscripts packages installed that are affected by a vulnerability: - rc.sysinit in initscripts before 8.76.3-1 on Fedora 9 and other Linux platforms allows local users to delete arbitrary files via a symlink attack on a file or...

Linux Distros Unpatched Vulnerability : CVE-2017-18226

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The Gentoo net-im/jabberd2 package through 2.6.1 sets the ownership of /var/run/jabber to the jabber account, which might allow local users to kill arbitrary...

SUSE CVE-2011-1784

The pidfilewrite function in core/pidfile.c in keepalived 1.2.2 and earlier uses 0666 permissions for the 1 keepalived.pid, 2 checkers.pid, and 3 vrrp.pid files in /var/run/, which allows local users to kill arbitrary processes by writing a PID to one of these files...

CVE-2022-22215

A Missing Release of File Descriptor or Handle after Effective Lifetime vulnerability in plugable authentication module PAM of Juniper Networks Junos OS and Junos OS Evolved allows a locally authenticated attacker with low privileges to cause a Denial of Service DoS. It is possible that after the...

CVE-2012-4480

mom creates world-writable pid files in /var/run...

Code injection

mom creates world-writable pid files in /var/run...

CVE-2012-4480

CVE-2012-4480 affects the mom tool, where it creates world-writable PID files in /var/run. This local issue could let an attacker influence PID handling and terminate other processes, as indicated by CNVD/Fedora advisories and the NVD entry. The vulnerability is tied to local access and uncertain...

CVE-2012-4480

mom creates world-writable pid files in /var/run...

DEBIAN-CVE-2017-18226

The Gentoo net-im/jabberd2 package through 2.6.1 sets the ownership of /var/run/jabber to the jabber account, which might allow local users to kill arbitrary processes by leveraging access to this account for PID file modification before a root script executes a "kill -TERM cat...

CVE-2017-18226

The Gentoo net-im/jabberd2 package through 2.6.1 sets the ownership of /var/run/jabber to the jabber account, which might allow local users to kill arbitrary processes by leveraging access to this account for PID file modification before a root script executes a "kill -TERM cat...

RHEL 7 : sos (RHSA-2016:0188)

The remote Redhat Enterprise Linux 7 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2016:0188 advisory. The sos package contains a set of utilities that gather information from system hardware, logs, and configuration files. The information can then be...

sos security and bug fix update

3.2-35.0.1.3 - Recreated patch for orabug 18913115 - Make the selinux plugin fixfiles option useful John Haxby orabug 18913115 - Added removegpgstring.patch Bug 18313898 - Added sos-oracle-enterprise.patch - Added sos-oraclelinux-vendor-vendorurl.patch = 3.2-37 - sosreport prepare report in a...

openSUSE Security Update : inn (openSUSE-SU-2012:1171-1)

fix starttls command injection issue CVE-2012-3523, bnc776967 - handle /var/run on tmpfs. bnc778439 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update openSUSE-2012-600. The text description of...

Fedora 17 : tor-0.2.3.25-1702.fc17 (2013-3773)

Significant package cleanup, including : - remove dependency on fedora-usermgmt - merge tor-core, tor-systemd and torify into previously empty tor package - remove unnecessary /var/run/tor - disallow group read for /var/log/tor - use --defaults-torrc as recommended by upstream - increase...

Fedora 15 : polipo-1.0.4.1-6.fc15 (2012-0849)

add daily cache cleanup - fix missing creation of /var/run directory bz 755198 - make sure log directory context is set correctly bz 741779 - fix denial of service vulnerability CVE-2011-3596 bz 742897 Note that Tenable Network Security has extracted the preceding description block directly from...

CVE-2011-1784

The pidfilewrite function in core/pidfile.c in keepalived 1.2.2 and earlier uses 0666 permissions for the 1 keepalived.pid, 2 checkers.pid, and 3 vrrp.pid files in /var/run/, which allows local users to kill arbitrary processes by writing a PID to one of these files...

Code injection

The pidfilewrite function in core/pidfile.c in keepalived 1.2.2 and earlier uses 0666 permissions for the 1 keepalived.pid, 2 checkers.pid, and 3 vrrp.pid files in /var/run/, which allows local users to kill arbitrary processes by writing a PID to one of these files...