93 matches found
[SECURITY] Fedora 36 Update: golang-github-mvo5-uboot-0.4-11.fc36
Small Go package/app to read/write uboot env files that contain crc32 + 1 byte padding. Unlike fwset,printenv it does not needs a /etc/fwenv.config conf ig file...
[SECURITY] Fedora 35 Update: golang-github-mvo5-uboot-0.4-10.fc35
Small Go package/app to read/write uboot env files that contain crc32 + 1 byte padding. Unlike fwset,printenv it does not needs a /etc/fwenv.config conf ig file...
CVE-2021-43337
SchedMD Slurm 21.08. before 21.08.4 has Incorrect Access Control. On sites using the new AccountingStoreFlags=jobscript and/or jobenv options, the access control rules in SlurmDBD may permit users to request job scripts and environment files to which they should not have access...
CVE-2021-43337
SchedMD Slurm 21.08. before 21.08.4 has Incorrect Access Control. On sites using the new AccountingStoreFlags=jobscript and/or jobenv options, the access control rules in SlurmDBD may permit users to request job scripts and environment files to which they should not have access...
UBUNTU-CVE-2021-43337
SchedMD Slurm 21.08. before 21.08.4 has Incorrect Access Control. On sites using the new AccountingStoreFlags=jobscript and/or jobenv options, the access control rules in SlurmDBD may permit users to request job scripts and environment files to which they should not have access...
CVE-2021-43337
SchedMD Slurm 21.08. before 21.08.4 has Incorrect Access Control. On sites using the new AccountingStoreFlags=jobscript and/or jobenv options, the access control rules in SlurmDBD may permit users to request job scripts and environment files to which they should not have access...
CVE-2021-43337
SchedMD Slurm 21.08. before 21.08.4 has Incorrect Access Control. On sites using the new AccountingStoreFlags=jobscript and/or jobenv options, the access control rules in SlurmDBD may permit users to request job scripts and environment files to which they should not have access...
CVE-2020-16127
An Ubuntu-specific modification to AccountsService in versions before 0.6.55-0ubuntu13.2, among other earlier versions, would perform unbounded read operations on user-controlled /.pamenvironment files, allowing an infinite loop if /dev/zero is symlinked to this location...
CVE-2017-1000037
RVM automatically loads environment variables from files in $PWD resulting in command execution RVM vulnerable to command injection when automatically loading environment variables from files in $PWD RVM automatically executes hooks located in $PWD resulting in code execution RVM automatically...
BSA-2016-015
Security Advisory ID : BSA-2016-015 Component : OpenSSH Revision : 3.0: Final The dosetupenv function in session.c in sshd in OpenSSH through 7.2p2, when the UseLogin feature is enabled and PAM is configured to read .pamenvironment files in user home directories, allows local users to gain...
USN-2966-1 openssh vulnerabilities
Shayan Sadigh discovered that OpenSSH incorrectly handled environment files when the UseLogin feature is enabled. A local attacker could use this issue to gain privileges. CVE-2015-8325 Ben Hawkes discovered that OpenSSH incorrectly handled certain network traffic. A remote attacker could possibl...
CVE-2015-8325
The dosetupenv function in session.c in sshd in OpenSSH through 7.2p2, when the UseLogin feature is enabled and PAM is configured to read .pamenvironment files in user home directories, allows local users to gain privileges by triggering a crafted environment for the /bin/login program, as...
UBUNTU-CVE-2015-8325
The dosetupenv function in session.c in sshd in OpenSSH through 7.2p2, when the UseLogin feature is enabled and PAM is configured to read .pamenvironment files in user home directories, allows local users to gain privileges by triggering a crafted environment for the /bin/login program, as...