EUVD-2025-15553

Malicious code in bioql PyPI...

EUVD-2024-17337

Malicious code in bioql PyPI...

EUVD-2023-48779

Malicious code in bioql PyPI...

EUVD-2023-48777

Malicious code in bioql PyPI...

EulerOS 2.0 SP13 : glibc (EulerOS-SA-2025-1988)

According to the versions of the glibc packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Untrusted LDLIBRARYPATH environment variable vulnerability in the GNU C Library version 2.27 to 2.38 allows attacker controlled loading of...

Linux Distros Unpatched Vulnerability : CVE-2022-25634

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Qt through 5.15.8 and 6.x through 6.2.3 can load system library files from an unintended working directory. CVE-2022-25634 Note that Nessus relies on the presen...

curl: Title: Remote Code Execution (RCE) via Arbitrary Library Loading in `--engine` option

Summary: The curl command-line tool is vulnerable to Arbitrary Code Execution on POSIX-like systems Linux, macOS, etc.. The --engine option allows loading an OpenSSL crypto engine from a shared library .so file. Crucially, this option accepts an absolute or relative path to the library file,...

EulerOS 2.0 SP12 : glibc (EulerOS-SA-2025-1819)

According to the versions of the glibc packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Untrusted LDLIBRARYPATH environment variable vulnerability in the GNU C Library version 2.27 to 2.38 allows attacker controlled loading of...

Huawei EulerOS: Security Advisory for glibc (EulerOS-SA-2025-1774)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP10 : glibc (EulerOS-SA-2025-1797)

According to the versions of the glibc packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Untrusted LDLIBRARYPATH environment variable vulnerability in the GNU C Library version 2.27 to 2.38 allows attacker controlled loading of...

USN-7623-1 ghostscript vulnerabilities

It was discovered that OpenJPEG, vendored in Ghostscript did not correctly handle large image files. If a user or system were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 16.04 LTS and Ubuntu...

CLSA-2025-1750692029 glibc: Fix of CVE-2025-4802

CVE-2025-4802: fix untrusted LDLIBRARYPATH vulnerability in dynamically shared library loading in setuid binaries to prevent attacker control...

CLSA-2025-1750697072 glibc: Fix of CVE-2025-4802

CVE-2025-4802: fix issue of untrusted LDLIBRARYPATH environment variable vulnerability by restricting loading of dynamically shared libraries in statically compiled setuid binaries...

Important: glibc

Issue Overview: Untrusted LDLIBRARYPATH environment variable vulnerability in the GNU C Library version 2.27 to 2.38 allows attacker controlled loading of dynamically shared library in statically compiled setuid binaries that call dlopen including internal dlopen calls after setlocale or calls to...

glibc: static setuid binary dlopen may incorrectly search LD_LIBRARY_PATH

A flaw was found in the glibc library. A statically linked setuid binary that calls dlopen, including internal dlopen calls after setlocale or calls to NSS functions such as getaddrinfo, may incorrectly search LDLIBRARYPATH to determine which library to load, allowing a local attacker to load...

Security update for glibc

This update for glibc fixes the following issues: CVE-2025-4802: possible execution of attacker controlled code when statically linked setuid binaries using dlopen search for libraries to load in LDLIBRARYPATH bsc1243317. Patch Instructions: To install this SUSE update use the SUSE recommended...

SUSE-SU-2025:01702-2 Security update for glibc

This update for glibc fixes the following issues: - CVE-2025-4802: possible execution of attacker controlled code when statically linked setuid binaries using dlopen search for libraries to load in LDLIBRARYPATH bsc1243317...

Blackmagic Design DaVinci Resolve 安全漏洞

Blackmagic Design DaVinci Resolve is a software tool that combines editing, color correction, visual effects, motion graphics, and audio post-production in one package. A security vulnerability exists in Blackmagic Design DaVinci Resolve, which stems from insufficient dynamic library loading...

CVE-2025-4412

On macOS systems, by utilizing a Launch Agent and loading the viscosityopenvpn process from the application bundle, it is possible to load a dynamic library with Viscosity's TCC Transparency, Consent, and Control identity. The acquired resource access is limited without entitlements such as acces...

Mageia: Security Advisory (MGASA-2025-0164)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...