142 matches found
Unity Linux 20.1070e Security Update: yasm (UTSA-2025-680613)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-680613 advisory. An issue was discovered in yasm version 1.3.0. There is a heap-buffer-overflow in incfopen in modules/preprocs/nasm/nasm-pp.c. Tenable has extracted the preceding...
EUVD-2023-59899
Malicious code in bioql PyPI...
Medium: redis6
Issue Overview: TOCTOU in linenoiseHistorySave in linenoise allows local attackers to overwrite arbitrary files and change permissions via a symlink race between fopen"w" on the history path and subsequent chmod on the same path. CVE-2025-9810 Affected Packages: redis6 Issue Correction: Run dnf...
Linux Distros Unpatched Vulnerability : CVE-2023-53290
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - samples/bpf: Fix fout leak in hbm's runbpfprog Fix fout being fopen'ed but then not subsequently fclose'd. In the affected branch, fout is otherwise going out o...
SUSE CVE-2023-53290
In the Linux kernel, the following vulnerability has been resolved: samples/bpf: Fix fout leak in hbm's runbpfprog Fix fout being fopen'ed but then not subsequently fclose'd. In the affected branch, fout is otherwise going out of scope...
DEBIAN-CVE-2023-53290
In the Linux kernel, the following vulnerability has been resolved: samples/bpf: Fix fout leak in hbm's runbpfprog Fix fout being fopen'ed but then not subsequently fclose'd. In the affected branch, fout is otherwise going out of scope...
UBUNTU-CVE-2023-53290
In the Linux kernel, the following vulnerability has been resolved: samples/bpf: Fix fout leak in hbm's runbpfprog Fix fout being fopen'ed but then not subsequently fclose'd. In the affected branch, fout is otherwise going out of scope...
CVE-2023-53290 samples/bpf: Fix fout leak in hbm's run_bpf_prog
In the Linux kernel, the following vulnerability has been resolved: samples/bpf: Fix fout leak in hbm's runbpfprog Fix fout being fopen'ed but then not subsequently fclose'd. In the affected branch, fout is otherwise going out of scope...
CVE-2023-53290 samples/bpf: Fix fout leak in hbm's run_bpf_prog
In the Linux kernel, the following vulnerability has been resolved: samples/bpf: Fix fout leak in hbm's runbpfprog Fix fout being fopen'ed but then not subsequently fclose'd. In the affected branch, fout is otherwise going out of scope...
CVE-2023-53290 samples/bpf: Fix fout leak in hbm's run_bpf_prog
In the Linux kernel, the following vulnerability has been resolved: samples/bpf: Fix fout leak in hbm's runbpfprog Fix fout being fopen'ed but then not subsequently fclose'd. In the affected branch, fout is otherwise going out of scope...
CVE-2023-53290
In the Linux kernel, the following vulnerability has been resolved: samples/bpf: Fix fout leak in hbm's runbpfprog Fix fout being fopen'ed but then not subsequently fclose'd. In the affected branch, fout is otherwise going out of scope...
PT-2025-37895
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The Linux kernel contains an issue in the samples/bpf subsystem related to a file descriptor leak within the run bpf prog function of the hbm program. Specifically, a file descriptor...
Linux Distros Unpatched Vulnerability : CVE-2020-1918
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In-memory file operations ie: using fopen on a data URI did not properly restrict negative seeking, allowing for the reading of memory prior to the in-memory...
CLSA-2025-1757014652 Fix CVE(s): CVE-2025-1217, CVE-2025-1734, CVE-2025-1736, CVE-2025-1861
SECURITY UPDATE: misinterpretation of HTTP response headers - debian/patches/CVE-2025-1217.patch: adds HTTP header folding support for HTTP wrapper response headers in ext/standard/httpfopenwrapper.c - CVE-2025-1217 SECURITY UPDATE: insufficient HTTP header validation -...
CVE-2025-9810 TOCTOU race in Linenoise enables arbitrary file overwrite and permission changes
TOCTOU in linenoiseHistorySave in linenoise allows local attackers to overwrite arbitrary files and change permissions via a symlink race between fopen"w" on the history path and subsequent chmod on the same path...
CVE-2025-9810
TOCTOU in linenoiseHistorySave in linenoise allows local attackers to overwrite arbitrary files and change permissions via a symlink race between fopen"w" on the history path and subsequent chmod on the same path...
GTKWave LXT2 num_time_table_entries out-of-bounds write vulnerability
Talos Vulnerability Report TALOS-2023-1819 GTKWave LXT2 numtimetableentries out-of-bounds write vulnerability January 8, 2024 CVE Number CVE-2023-34436 SUMMARY An out-of-bounds write vulnerability exists in the LXT2 numtimetableentries functionality of GTKWave 3.3.115. A specially crafted .lxt2...
CVE-2023-47636 Full Path Disclosure via re-export document in pimcore/admin-ui-classic-bundle
The Pimcore Admin Classic Bundle provides a Backend UI for Pimcore. Full Path Disclosure FPD vulnerabilities enable the attacker to see the path to the webroot/file. e.g.: /home/omg/htdocs/file/. Certain vulnerabilities, such as using the loadfile within a SQL Injection query to view the page...
pimcore/admin-ui-classic-bundle Full Path Disclosure via re-export document
Impact Full Path Disclosure FPD vulnerabilities enable the attacker to see the path to the webroot/file. e.g.: /home/omg/htdocs/file/. Certain vulnerabilities, such as using the loadfile within a SQL Injection query to view the page source, require the attacker to have the full path to the file...
PT-2023-30526 · Pimcore · Pimcore Admin Classic Bundle
Name of the Vulnerable Software and Affected Versions: Pimcore Admin Classic Bundle versions prior to 1.2.1 Description: The issue allows an attacker to see the path to the webroot/file, which can be used in conjunction with other vulnerabilities, such as SQL Injection using the load file query, ...