Siemens Tecnomatix Plant Simulation Out-of-Bounds Write Vulnerability (CNVD-2023-15416)

Siemens Tecnomatix Plant Simulation is an object-oriented, graphical, integrated modeling and simulation tool. An out-of-bounds write vulnerability exists in Siemens Tecnomatix Plant Simulation. An attacker can exploit this vulnerability to execute code in the context of the current process...

Slackware: Security Advisory (SSA:2023-047-01)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Adobe Bridge Stack Buffer Overflow Vulnerability (CNVD-2023-13735)

Adobe Bridge is a file viewer from Adobe. Adobe Bridge is vulnerable to a stack buffer overflow vulnerability that could be exploited to execute arbitrary code in the context of the current user...

[slackware-security] mozilla-thunderbird

New mozilla-thunderbird packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/mozilla-thunderbird-102.8.0-i686-1slack15.0.txz: Upgraded. This release contains security fixes and improvements. For mor...

SUSE CVE-2006-1296

Untrusted search path vulnerability in Beagle 0.2.2.1 might allow local users to gain privileges via a malicious beagle-info program in the current working directory, or possibly directories specified in the PATH...

SUSE CVE-2006-1542

Stack-based buffer overflow in Python 2.4.2 and earlier, running on Linux 2.6.12.5 under gcc 4.0.3 with libc 2.3.5, allows local users to cause a "stack overflow," and possibly gain privileges, by running a script from a current working directory that has a long name, related to the realpath...

SUSE CVE-2006-7234

Untrusted search path vulnerability in Lynx before 2.8.6rel.4 allows local users to execute arbitrary code via malicious 1 .mailcap and 2 mime.types files in the current working directory...

SUSE CVE-2007-6167

Untrusted search path vulnerability in yast2-core in SUSE Linux might allow local users to execute arbitrary code by creating a malicious yast2 module in the current working directory...

SUSE CVE-2008-4863

Untrusted search path vulnerability in BPYinterface in Blender 2.46 allows local users to execute arbitrary code via a Trojan horse Python file in the current working directory, related to an erroneous setting of sys.path by the PySysSetArgv function...

SUSE CVE-2008-4865

Untrusted search path vulnerability in valgrind before 3.4.0 allows local users to execute arbitrary programs via a Trojan horse .valgrindrc file in the current working directory, as demonstrated using a malicious --db-command options. NOTE: the severity of this issue has been disputed, but CVE i...

SUSE CVE-2008-5843

Multiple untrusted search path vulnerabilities in pdfjam allow local users to gain privileges via a Trojan horse program in 1 the current working directory or 2 /var/tmp, related to the a pdf90, b pdfjoin, and c pdfnup scripts...

SUSE CVE-2008-5983

Untrusted search path vulnerability in the PySysSetArgv API function in Python 2.6 and earlier, and possibly later versions, prepends an empty string to sys.path when the argv0 argument does not contain a path separator, which might allow local users to execute arbitrary code via a Trojan horse...

SUSE CVE-2009-0314

Untrusted search path vulnerability in the Python module in gedit allows local users to execute arbitrary code via a Trojan horse Python file in the current working directory, related to a vulnerability in the PySysSetArgv function CVE-2008-5983...

SUSE CVE-2009-0315

Untrusted search path vulnerability in the Python module in xchat allows local users to execute arbitrary code via a Trojan horse Python file in the current working directory, related to a vulnerability in the PySysSetArgv function CVE-2008-5983...

SUSE CVE-2009-0317

Untrusted search path vulnerability in the Python language bindings for Nautilus nautilus-python allows local users to execute arbitrary code via a Trojan horse Python file in the current working directory, related to a vulnerability in the PySysSetArgv function CVE-2008-5983...

SUSE CVE-2009-0316

Untrusted search path vulnerability in src/ifpython.c in the Python interface in Vim before 7.2.045 allows local users to execute arbitrary code via a Trojan horse Python file in the current working directory, related to a vulnerability in the PySysSetArgv function CVE-2008-5983, as demonstrated ...

SUSE CVE-2009-0698

Integer overflow in the 4xm demuxer demuxers/demux4xm.c in xine-lib 1.1.16.1 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a 4X movie file with a large currenttrack value, a similar issue to CVE-2009-0385...

SUSE CVE-2009-3736

ltdl.c in libltdl in GNU Libtool 1.5.x, and 2.2.6 before 2.2.6b, as used in Ham Radio Control Libraries, Q, and possibly other products, attempts to open a .la file in the current working directory, which allows local users to gain privileges via a Trojan horse file...

SUSE CVE-2009-3894

Multiple untrusted search path vulnerabilities in dstat before 0.7.0 allow local users to gain privileges via a Trojan horse Python module in 1 the current working directory or 2 a certain subdirectory of the current working directory...

SUSE CVE-2010-0298

The x86 emulator in KVM 83 does not use the Current Privilege Level CPL and I/O Privilege Level IOPL in determining the memory access available to CPL3 code, which allows guest OS users to cause a denial of service guest OS crash or gain privileges on the guest OS by leveraging access to a 1 IO...