EUVD-2007-4221

Malware in sbrugna...

EUVD-2022-45526

Malicious code in bioql PyPI...

TencentOS Server 3: GNOME (TSSA-2022:0108)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2022:0108 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

Unauthorized File Manipulation

ansiblecore is vulnerable to Unauthorized File Manipulation. The vulnerability is due to the user module allowing an unprivileged user with directory traversal permissions to create or replace files on any system path and gain ownership when a privileged user executes the module against the...

PT-2024-39334 · Unknown · Sourcecodester Online Eyewear Shop

Name of the Vulnerable Software and Affected Versions: SourceCodester Online Eyewear Shop version 1.0 Description: A critical vulnerability has been found in the Cart Content Handler component of the SourceCodester Online Eyewear Shop. This issue affects an unknown part of the file...

Potential Ownership Issues Due to External Calls in LSP0ERC725AccountCore's execute and executeBatch Functions

Lines of code Vulnerability details Impact In the LSP0ERC725AccountCore contract, the execute and executeBatch functions use the LSP20CallVerification standard. In some cases, you may need to use verifyCallAfter. However, because an external call is made between verifyCall and verifyCallAfter, th...

OPENSUSE-SU-2020:1868-1 Security update for salt

This update for salt fixes the following issues: - Avoid regression on 'salt-master': set passphrase for salt-ssh keys to empty string bsc1178485 - Properly validate eauth credentials and tokens on SSH calls made by Salt API bsc1178319, bsc1178362, bsc1178361, CVE-2020-25592, CVE-2020-17490,...

MGASA-2019-0214 Updated gvfs packages fix security vulnerabilities

Updated gvfs package fixes security vulnerabilities: daemon/gvfsbackendadmin.c mishandles file ownership because setfsuid is not used CVE-2019-12447. daemon/gvfsbackendadmin.c has race conditions because the admin backend doesn't implement queryinfoonread/write CVE-2019-12448...

OPENSUSE-SU-2019:1699-1 Security update for gvfs

This update for gvfs fixes the following issues: Security issues fixed: - CVE-2019-12795: Fixed a vulnerability which could have allowed attacks via local D-Bus method calls bsc1137930. - CVE-2019-12447: Fixed an improper handling of file ownership in daemon/gvfsbackendadmin.c due to no use of...

ecryptfs-utils: incorrect mtab group ownership

When mount.ecrpytfsprivate before version 87-0ubuntu1.2 calls setreuid it doesn't also set the effective group id. So when it creates the new version, mtab.tmp, it's created with the group id of the user running mount.ecryptfsprivate...

slocate security update

CentOS Errata and Security Advisory CESA-2005:345 An updated slocate package that fixes a denial of service and various bugs is now available. This update has been rated as having low security impact by the Red Hat Security Response Team. Slocate is a security-enhanced version of locate. Like...