CVE-2019-6692

A malicious DLL preload vulnerability in Fortinet FortiClient for Windows 6.2.0 and below allows a privileged attacker to perform arbitrary code execution via forging that DLL...

SUSE CVE-2022-49647

In the Linux kernel, the following vulnerability has been resolved: cgroup: Use separate src/dst nodes when preloading csssets for migration Each cset cssset is pinned by its tasks. When we're moving tasks around across csets for a migration, we need to hold the source and destination csets to...

UBUNTU-CVE-2022-49647

In the Linux kernel, the following vulnerability has been resolved: cgroup: Use separate src/dst nodes when preloading csssets for migration Each cset cssset is pinned by its tasks. When we're moving tasks around across csets for a migration, we need to hold the source and destination csets to...

DEBIAN-CVE-2023-1521

On Linux the sccache client can execute arbitrary code with the privileges of a local sccache server, by preloading the code in a shared library passed to LDPRELOAD. If the server is run as root which is the default when installing the snap package https://snapcraft.io/sccache , this means a user...

UBUNTU-CVE-2023-1521

On Linux the sccache client can execute arbitrary code with the privileges of a local sccache server, by preloading the code in a shared library passed to LDPRELOAD. If the server is run as root which is the default when installing the snap package https://snapcraft.io/sccache , this means a user...

The vulnerability of Git servers in Soft Serve mode arises from the lack of measures to neutralize special elements used in the operating system’s command line. This allows attackers to execute arbitrary code.

The vulnerability of the Git server in Soft Serve relates to the lack of measures taken to neutralize special elements used in the operating system’s command set. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by sending a specially created malware file through t...

PT-2024-29904 · Litestar · Litestar

Name of the Vulnerable Software and Affected Versions: Litestar versions 2.10.0 and prior Description: The issue is related to Environment Variable injection in Litestar's docs-preview.yml workflow, which may lead to secret exfiltration and repository manipulation. This grants a malicious actor...

CVE-2024-32857

Dell Peripheral Manager, versions prior to 1.7.6, contain an uncontrolled search path element vulnerability. An attacker could potentially exploit this vulnerability through preloading malicious DLL or symbolic link exploitation, leading to arbitrary code execution and escalation of privilege...

PT-2024-6167 · Unknown +2 · Soft Serve +2

Name of the Vulnerable Software and Affected Versions: Soft Serve versions prior to 0.7.5 Description: The issue is related to Soft Serve passing all environment variables given by the client to git subprocesses, including variables that control program execution, such as LD PRELOAD. This can be...

Huawei HarmonyOS 安全漏洞

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A security vulnerability exists in Huawei HarmonyOS, which stems from a forensic vulnerability in the preload interface...

The vulnerability of the OpenVPN Connect software lies in its inability to properly execute instructions in the dynamically executed code, allowing a violator to execute arbitrary code.

The vulnerability of the OpenVPN Connect software is related to the failure to implement measures to neutralize the instructions in the dynamically executed code. Exploiting this vulnerability can allow an attacker to execute arbitrary code using the DYILDINSERTLIBRARIES environment variable...

curl: Buffer overflow and affected url:-https://github.com/curl/curl/blob/master/docs/examples/hsts-preload.c

Vulnerability description not provided...

kernel: cgroup: Use separate src/dst nodes when preloading css_sets for migration

In the Linux kernel, the following vulnerability has been resolved: cgroup: Use separate src/dst nodes when preloading csssets for migration Each cset cssset is pinned by its tasks. When we're moving tasks around across csets for a migration, we need to hold the source and destination csets to...

CVE-2023-27199

PAX Technology A930 PayDroid7.1.1VirgoV04.5.0220220722 allows attackers to compile a malicious shared library and use LDPRELOAD to bypass authorization checks...

CVE-2023-27199

PAX Technology A930 PayDroid7.1.1VirgoV04.5.0220220722 allows attackers to compile a malicious shared library and use LDPRELOAD to bypass authorization checks...

PAX Technology A930 安全漏洞

PAX Technology A930 is an Android mobile payment terminal from PAX Global PAX Technology, China. A security vulnerability exists in the PAX A930 PayDroid7.1.1VirgoV04.5.0220220722 version, which originates from a vulnerability that allows an attacker to compile malicious shared libraries and bypa...

PT-2023-21000 · Pax Technology · Pax Technology A930 Paydroid

Name of the Vulnerable Software and Affected Versions: PAX Technology A930 PayDroid version 7.1.1 Virgo V04.5.02 20220722 Description: The issue allows attackers to compile a malicious shared library and use LD PRELOAD to bypass authorization checks. This can be achieved by utilizing the LD PRELO...

PT-2023-22169 · Malwarebytes · Malwarebytes Edr

Name of the Vulnerable Software and Affected Versions: Malwarebytes EDR version 1.0.11 for Linux Description: The Malwarebytes EDR for Linux driver doesn't properly ensure whitelisting of executable libraries loaded by executable files, allowing arbitrary code execution. An attacker can exploit...

Malicious Package

Overview application-delivery-tool-preload-expo is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only...

PT-2023-17049 · Sccache +2 · Sccache +2

Name of the Vulnerable Software and Affected Versions: sccache versions prior to 0.4.0 Description: The sccache client can execute arbitrary code with the privileges of a local sccache server by preloading the code in a shared library passed to LD PRELOAD. If the server is run as root, which is t...