Open Source Social Network Encryption Problem Vulnerability

Open Source Social Network OSSN is a source social network engine by the Swiss Ossn team. An encryption vulnerability exists in OSSN 5.3 and earlier versions. The vulnerability can be exploited to read arbitrary files by performing a brute force attack on a SiteKey to insert a specially crafted U...

The vulnerability of NVIDIA GeForce, Quadro, and Tesla graphics software lies in errors during the path validation of dynamically loaded libraries, allowing attackers to exploit this to increase their privileges.

The vulnerability of NVIDIA GeForce, Quadro, and Tesla graphics processors’ software is related to errors in checking the path where dynamically loaded libraries are loaded. Exploiting this vulnerability can allow attackers to increase their privileges...

Debian DLA-2092-1 : qtbase-opensource-src security update

In Qt5's plugin loader code as found in qtbase-opensource-src, it was possible to side-load plugins from 'the' local folder in addition to a system-widely defined library path. For Debian 8 'Jessie', this problem has been fixed in version 5.3.2+dfsg-4+deb8u4. We recommend that you upgrade your...

The vulnerability of the Cisco Webex Meetings Client and Cisco Webex Team software-related programs is related to deficiencies in access control, allowing attackers to execute arbitrary code.

The vulnerability of the Cisco Webex Meetings Client and Cisco Webex Team software-related programs is related to errors in the mechanism for checking paths to dynamically linked libraries. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

CVE-2019-19726

OpenBSD through 6.6 allows local users to escalate to root because a check for LDLIBRARYPATH in setuid programs can be defeated by setting a very small RLIMITDATA resource limit. When executing chpass or passwd which are setuid root, dlsetupenv in ld.so tries to strip LDLIBRARYPATH from the...

PT-2019-15929 · Openbsd · Openbsd

Name of the Vulnerable Software and Affected Versions: OpenBSD versions through 6.6 Description: The issue allows local users to escalate to root because a check for LD LIBRARY PATH in setuid programs can be defeated by setting a very small RLIMIT DATA resource limit. When executing chpass or...

DEBIAN-CVE-2010-3359

If LDLIBRARYPATH is undefined in gargoyle-free before 2009-08-25, the variable will point to the current directory. This can allow a local user to trick another user into running gargoyle in a directory with a cracked libgarglk.so and gain access to the user's account...

CVE-2019-12917

A reflected XSS vulnerability exists in Quest KACE Systems Management Appliance Server Center 9.1.317 affecting the userui/softwarelibrary.php component via the PATHINFO...

The vulnerability of the ServiceInstance.dll library in the Bitdefender Antivirus Free 2020 antivirus software allows a malicious actor to escalate their privileges.

The vulnerability of the ServiceInstance.dll library in the Bitdefender Antivirus Free 2020 antivirus tool is related to errors in checking the paths of dynamically loaded libraries. Exploiting this vulnerability can allow attackers to increase their privileges...

Private Internet Access (PIA) VPN Client Arbitrary Code Execution Vulnerability (CNVD-2019-24217)

Private Internet Access PIA is a commercial VPN service operated by London Trust Media. An arbitrary code execution vulnerability exists in the London Trust Media Private Internet Access PIA VPN client for Linux, version 82. An attacker can exploit this vulnerability by creating a malicious libra...

CVE-2019-13046

linker/linker.c in ToaruOS through 1.10.9 has insecure LDLIBRARYPATH handling in setuid applications...

PT-2019-13093 · Toaruos · Toaruos

Name of the Vulnerable Software and Affected Versions: ToaruOS versions prior to 1.10.10 Description: The issue is related to insecure LD LIBRARY PATH handling in setuid applications. This affects setuid applications, which have elevated privileges. Recommendations: For ToaruOS versions prior to...

The vulnerability of the McAfee Total Protection antivirus protection, related to errors in checking the loading path of dynamic libraries, allows a hacker to execute arbitrary code.

The vulnerability of the McAfee Total Protection antivirus protection lies in errors during the checking of the path where dynamic libraries are loaded. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

idreamsoft iCMS Physical Path Disclosure Vulnerability

iCMS is an efficient and simple content management system built with PHP and MySQL. A physical path leak vulnerability exists in idreamsoft iCMS version 7.0.7 and lower. An attacker can obtain the physical path by displaying an invalid nickname field in the core/library/weixin.class.php pathname...

Damon Database Override Access Vulnerability

DM7 is a new-generation database product designed by Damon on the basis of summarizing the R&D and application experience of DM series products, absorbing the advantages of mainstream database products, and adopting JAVA-like virtual machine technology. Damon database has override access...

DEBIAN-CVE-2017-1000409

A buffer overflow in glibc 2.5 released on September 29, 2006 and can be triggered through the LDLIBRARYPATH environment variable. Please note that many versions of glibc are not vulnerable to this issue if patched for CVE-2017-1000366...

glibc buffer overflow vulnerability (CNVD-2018-04663)

glibc a.k.a. GNU C Library, libc6 is an open-source, free C language compiler released under the LGPL license. A buffer overflow vulnerability exists in glibc version 2.5 because the program fails to properly resolve the LDLIBRARYPATH environment variable. A local attacker can use the LDLIBRARYPA...

UBUNTU-CVE-2017-1000409

A buffer overflow in glibc 2.5 released on September 29, 2006 and can be triggered through the LDLIBRARYPATH environment variable. Please note that many versions of glibc are not vulnerable to this issue if patched for CVE-2017-1000366...

PT-2017-4207

Name of the Vulnerable Software and Affected Versions glibc version 2.5 Description The issue is related to a buffer overflow that can be triggered through the LD LIBRARY PATH environment variable. This allows an attacker to access confidential data, compromise its integrity, and cause a denial o...

Installer of Shin Sekiyu Yunyu Chousa Houkoku Data Nyuryoku Program may insecurely load Dynamic Link Libraries

Overview Installer of Shin Sekiyu Yunyu Chousa Houkoku Data Nyuryoku Program provided by Agency for Natural Resources and Energy of METI contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427. Eili Masami of Tachibana Lab. reported this...