575 matches found
Vim 安全漏洞
Vim is an open-source, cross-platform text editor developed by Vim developers. Versions of Vim prior to 9.2.0202 contained security vulnerabilities. These vulnerabilities were caused by command injection through the glob function on Unix-like systems, which could lead to the execution of arbitrar...
SUSE CVE-2026-33412
Vim is an open source, command line text editor. Prior to version 9.2.0202, a command injection vulnerability exists in Vim's glob function on Unix-like systems. By including a newline character \n in a pattern passed to glob, an attacker may be able to execute arbitrary shell commands. This...
📄 SmarterMail 100.0.9413 GUID File Remote Code Execution
This PHP code implements a fully automated remote exploitation framework targeting SmarterMail version 100.0.9413. It is designed to identify the service, determine the underlying operating system, abuse a file upload mechanism with path traversal, and achieve arbitrary file write leading to remo...
Directory Traversal
Overview @pnpm/package-bins is a that returns bins of a package. Affected versions of this package are vulnerable to Directory Traversal via the getBinsFromPackageManifest function. An attacker can modify file permissions outside the intended directory by supplying a crafted value in the...
CVE-2023-54098
In the Linux kernel, the following vulnerability has been resolved: drm/i915/gvt: fix gvt debugfs destroy When gvt debug fs is destroyed, need to have a sane check if drm minor's debugfs root is still available or not, otherwise in case like device remove through unbinding, drm minor's debugfs...
CVE-2025-68336
In the Linux kernel, the following vulnerability has been resolved: locking/spinlock/debug: Fix data-race in dorawwritelock KCSAN reports: BUG: KCSAN: data-race in dorawwritelock / dorawwritelock write marked to 0xffff800009cf504c of 4 bytes by task 1102 on cpu 1: dorawwritelock+0x120/0x204...
CVE-2025-58436
OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. Prior to version 2.4.15, a client that connects to cupsd but sends slow messages, e.g. only one byte per second, delays cupsd as a whole, such that it becomes unusable by other clients. This issue...
ROS-20251124-02
Vulnerability of the software tool for implementing network routing on Unix-like systems FRRouting is related to insufficient validation of OSPF LSA packets in the ospfteparsete function in ospfd/ospfte.c. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial...
[SECURITY] Fedora 43 Update: dovecot-2.4.1-8.fc43
Dovecot is an IMAP server for Linux/UNIX-like systems, written with security primarily in mind. It also contains a small POP3 server. It supports mail in either of maildir or mbox formats. The SQL drivers and authentication plug-ins are in their subpackages...
[SECURITY] Fedora 42 Update: qt5-qtx11extras-5.15.18-1.fc42
The X11 Extras module provides features specific to platforms using X11, e.g. Linux and UNIX-like systems including embedded Linux systems that use the X Window System...
UBUNTU-CVE-2025-10680
OpenVPN 2.7alpha1 through 2.7beta1 on POSIX based platforms allows a remote authenticated server to inject shell commands via DNS variables when --dns-updown is in use...
SUSE CVE-2025-10680
OpenVPN 2.7alpha1 through 2.7beta1 on POSIX based platforms allows a remote authenticated server to inject shell commands via DNS variables when --dns-updown is in use...
CVE-2025-10680
OpenVPN 2.7alpha1 through 2.7beta1 on POSIX based platforms allows a remote authenticated server to inject shell commands via DNS variables when --dns-updown is in use...
EUVD-2025-35830
OpenVPN 2.7alpha1 through 2.7beta1 on POSIX based platforms allows a remote authenticated server to inject shell commands via DNS variables when --dns-updown is in use...
CVE-2023-53726
In the Linux kernel, the following vulnerability has been resolved: arm64: csum: Fix OoB access in IP checksum code for negative lengths Although commit c2c24edb1d9c "arm64: csum: Fix pathological zero-length calls" added an early return for zero-length input, syzkaller has popped up with an...
Medium: cups
Issue Overview: A flaw was found in CUPS, a widely used printing service on Linux and UNIX-like systems. The issue arises when authentication is configured to use a method other than Basic, but the attacker sends an HTTP request with a Basic authentication header. Due to improper validation in th...
EUVD-2021-0688
Malware in sbrugna...
EUVD-2021-0669
Malware in sbrugna...
EUVD-2021-16059
Malware in sbrugna...
EUVD-2021-1914
Malware in sbrugna...