RUSTSEC-2020-0159 Potential segfault in `localtime_r` invocations

Impact Unix-like operating systems may segfault due to dereferencing a dangling pointer in specific circumstances. This requires an environment variable to be set in a different thread than the affected functions. This may occur without the user's knowledge, notably in a third-party library...

Potential segfault in `localtime_r` invocations

Impact Unix-like operating systems may segfault due to dereferencing a dangling pointer in specific circumstances. This requires an environment variable to be set in a different thread than the affected functions. This may occur without the user's knowledge, notably in a third-party library...

Design/Logic Flaw

In the git-tag-annotation-action open source GitHub Action before version 1.0.1, an attacker can execute arbitrary shell commands if they can control the value of the tag input or manage to alter the value of the GITHUBREF environment variable. The problem has been patched in version 1.0.1. If yo...

CVE-2020-15264

The Boxstarter installer before version 2.13.0 configures C:\ProgramData\Boxstarter to be in the system-wide PATH environment variable. However, this directory is writable by normal, unprivileged users. To exploit the vulnerability, place a DLL in this directory that a privileged service is looki...

CVE-2020-15264

The CVE-2020-15264 issue affects the Boxstarter installer prior to version 2.13.0, which places C:\ProgramData\Boxstarter on the system PATH. The directory is writable by non-privileged users, enabling DLL loading by a privileged service through a DLL such as WptsExtensions.dll. When Windows star...

CVE-2020-9934

An issue existed in the handling of environment variables. This issue was addressed with improved validation. This issue is fixed in iOS 13.6 and iPadOS 13.6, macOS Catalina 10.15.6. A local user may be able to view sensitive user information...

Acronis: DLL Hijacking when sending feedback and crash report leading to Privilege Escalation

Vulnerability description not provided...

Information disclosure

In JUnit4 from version 4.7 and before 4.13.1, the test rule TemporaryFolder contains a local information disclosure vulnerability. On Unix like systems, the system's temporary directory is shared between all users on that system. Because of this, when files and directories are written into this...

CVE-2020-15228 Environment Variable Injection in GitHub Actions

In the @actions/core npm module before version 1.2.6,addPath and exportVariable functions communicate with the Actions Runner over stdout by generating a string in a specific format. Workflows that log untrusted data to stdout may invoke these commands, resulting in the path or environment...

GHSA-MFWH-5M23-J46W Environment Variable Injection in GitHub Actions

Impact The @actions/core npm module addPath and exportVariable functions communicate with the Actions Runner over stdout by generating a string in a specific format. Workflows that log untrusted data to stdout may invoke these commands, resulting in the path or environment variables being modifie...

SUSE-SU-2020:2776-1 Security update for go1.15

go1.15 released 2020-08-11 Go 1.15 is a major release of Go. go1.15.x minor releases will be provided through August 2021. https://github.com/golang/go/wiki/Go-Release-Cycle Most changes are in the implementation of the toolchain, runtime, and libraries. As always, the release maintains the Go 1...

DEBIAN-CVE-2020-14370

An information disclosure vulnerability was found in containers/podman in versions before 2.0.5. When using the deprecated Varlink API or the Docker-compatible REST API, if multiple containers are created in a short duration, the environment variables from the first container will get leaked into...

OPENSUSE-SU-2020:1497-1 Security update for singularity

This update for singularity fixes the following issues: New version 3.6.3, addresses the following security issues: - CVE-2020-25039, boo1176705 When a Singularity action command run, shell, exec is run with the fakeroot or user namespace option, Singularity will extract a container image to a...

Command Injection

KildClient is vulnerable to command injection. Lack of validation of strings before launching the program specified by the BROWSER environment variable allows remote attackers to conduct argument-injection attacks via a malicious URL...

GNU Bash Environment Variable Handling Code Injection (Shellshock)

The remote web server is affected by a command injection vulnerability in GNU Bash known as Shellshock. The vulnerability is due to the processing of trailing strings after function definitions in the values of environment variables. This allows a remote attacker to execute arbitrary code via...

CVE-2020-15704 pppd arbitrary file read information disclosure vulnerability

The modprobe child process in the ./debian/patches/loadpppgenericifneeded patch file incorrectly handled module loading. A local non-root attacker could exploit the MODPROBEOPTIONS environment variable to read arbitrary root files. Fixed in 2.4.5-5ubuntu1.4, 2.4.5-5.1ubuntu2.3+esm2,...

CVE-2017-17522

...

ctf-pwns

This repository contains a collection of CTF Capture The Flag challenges for training and education. The challenges are categorized into several folders, each containing a specific challenge. The challenges are designed to test various skills, including exploitation, reverse engineering, and...

CVE-2020-11934

It was discovered that snapctl user-open allowed altering the $XDGDATADIRS environment variable when calling the system xdg-open. OpenURL in usersession/userd/launcher.go would alter $XDGDATADIRS to append a path to a directory controlled by the calling snap. A malicious snap could exploit this t...

CVE-2020-11934 Sandbox escape vulnerability via snapctl user-open (xdg-open)

It was discovered that snapctl user-open allowed altering the $XDGDATADIRS environment variable when calling the system xdg-open. OpenURL in usersession/userd/launcher.go would alter $XDGDATADIRS to append a path to a directory controlled by the calling snap. A malicious snap could exploit this t...