CVE-2026-35339

The CVE-2026-35339 entry concerns the recursive mode (-R) of uutils coreutils chmod. Affected component: chmod in uutils coreutils. Issue: exit codes are determined by the last file processed, allowing an exit code of 0 despite prior errors (e.g., Operation not permitted). Impact: scripts relying...

uutils coreutils 安全漏洞

uutils coreutils is a cross-platform core command-line toolset developed by Uutils Open Source. There is a security vulnerability in uutils coreutils, which stems from defects in the ChownExecutor used for chown and chgrp operations. This causes the utility to return an incorrect exit code during...

PT-2026-34475

The recursive mode -R of the chmod utility in uutils coreutils incorrectly handles exit codes when processing multiple files. The final return value is determined solely by the success or failure of the last file processed. This allows the command to return an exit code of 0 success even if error...

Linux Distros Unpatched Vulnerability : CVE-2026-35339

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The recursive mode -R of the chmod utility in uutils coreutils incorrectly handles exit codes when processing multiple files. The final return value is determin...

PT-2026-34476

A flaw in the ChownExecutor used by uutils coreutils chown and chgrp causes the utilities to return an incorrect exit code during recursive operations. The final exit code is determined only by the last file processed. If the last operation succeeds, the command returns 0 even if earlier ownershi...

uutils coreutils 安全漏洞

uutils coreutils is a cross-platform core command-line toolset developed by Uutils. There is a security vulnerability in uutils coreutils. This vulnerability stems from the recursive processing mode of the chmod utility, which improperly handles exit codes when processing multiple files. As a...

Critical Node.js Vulnerability Can Cause Server Crashes via async_hooks Stack Overflow

Node.js has released updates to fix what it described as a critical security issue impacting "virtually every production Node.js app" that, if successfully exploited, could trigger a denial-of-service DoS condition. "Node.js/V8 makes a best-effort attempt to recover from stack space exhaustion wi...

EUVD-2006-0462

Malware in sbrugna...

CVE-2025-34186 Ilevia EVE X1/X5 Server 4.7.18.0.eden Authentication Bypass

Ilevia EVE X1/X5 Server version ≤ 4.7.18.0.eden contains a vulnerability in its authentication mechanism. Unsanitized input is passed to a system call for authentication, allowing attackers to inject special characters and manipulate command parsing. Because the binary interprets non-zero exit...

📄 Ilevia EVE X1/X5 Server 4.7.18.0.eden Authentication Bypass

Ilevia EVE X1/X5 Server versions 4.7.18.0.eden and below construct a shell command using unsanitized user input passed to the system function, calling an external binary for authentication. Due to improper input handling and reliance on the binary's return value for access control, an attacker ca...

`gh attestation verify` returns incorrect exit code during verification if no attestations are present

...

GO-2025-3467 `gh attestation verify` returns incorrect exit code during verification if no attestations are present in github.com/cli/cli

gh attestation verify returns incorrect exit code during verification if no attestations are present in github.com/cli/cli...

GHSA-FGW4-V983-MGP8 `gh attestation verify` returns incorrect exit code during verification if no attestations are present

Summary A bug in GitHub's Artifact Attestation CLI tool, gh attestation verify, may return an incorrect zero exit status when no matching attestations are found for the specified --predicate-type or the default https://slsa.dev/provenance/v1 if not specified. This issue only arises if an artifact...

AZL-56402 CVE-2024-45339 affecting package glog for versions less than 0.3.5-16

When logs are written to a widely-writable directory the default, an unprivileged attacker may predict a privileged process's log file path and pre-create a symbolic link to a sensitive file in its place. When that privileged process runs, it will follow the planted symlink and overwrite that...

Error: "Uninstalling StoreFront Failed With Exit code -1" While Uninstalling StoreFront

The following message appears whileuninstalling StoreFront: Uninstalling StoreFront failed with exit code -1...

Akaunting 3.1.3 Remote Command Execution

Exploit Title: Akaunting 3.1.3 - RCE Date: 08/02/2024 Exploit Author: [email protected] Vendor Homepage: https://akaunting.com Software Link: https://github.com/akaunting/akaunting Version: = 3.1.3 Tested on: Ubuntu 22.04 CVE : CVE-2024-22836 !/usr/bin/python3 import sys import re import requests...

SUSE CVE-2006-0455

gpgv in GnuPG before 1.4.2.1, when using unattended signature verification, returns a 0 exit code in certain cases even when the detached signature file does not carry a signature, which could cause programs that use gpgv to assume that the signature verification has succeeded. Note: this also...

RUSTSEC-2022-0103 Incorrect signature verification on gzip-compressed install images

The coreos-installer is a program to fetch a disk image and stream it to a target disk. During the installation process the installation image gpg signatures are verified. The signature verification can be bypassed for gzip-compressed images due to a flaw in gzip coreos-installer wrapper. When th...

unzip security update

6.0-43 - Update the man page with the new exit code introduced in 6.0-42 - Related: CVE-2019-13232 6.0-42 - Fix CVE-2019-13232 - Resolves: CVE-2019-13232...

Flaw in `realloc` allows reading unknown memory

When reallocing, if we allocate new space, we need to copy the old allocation's bytes into the new space. There are oldsize number of bytes in the old allocation, but we were accidentally copying newsize number of bytes, which could lead to copying bytes into the realloc'd space from past the chu...