570 matches found
Exploit for Out-of-bounds Write in Polkit_Project Polkit
pkexec-exploit Local Privilege Escalation in polkit's pkexec...
netty: Information disclosure via the local system temporary directory
In Netty there is a vulnerability on Unix-like systems involving an insecure temp file. When netty's multipart decoders are used, a local information disclosure can occur via the local system temporary directory if temporary storing uploads on the disk is enabled. On unix-like systems, the...
Vim 资源管理错误漏洞
Vim is a UNIX-based editor. Vim is vulnerable to resource management errors, and no detailed vulnerability details are currently available...
Onionservice - Manage Your Onion Services Via CLI Or TUI On Unix-like Operating System With A POSIX Compliant Shell
Feature-rich Onion Service manager for UNIX-like operating systems written in POSIX conformant shellscript A collection of Onion Services features implemented for Unix-like systems following the Portable Operating System Interface standard. WARNING:do not trust this repo yet, backup your hs keys ...
netty: Information disclosure via the local system temporary directory
In Netty there is a vulnerability on Unix-like systems involving an insecure temp file. When netty's multipart decoders are used, a local information disclosure can occur via the local system temporary directory if temporary storing uploads on the disk is enabled. On unix-like systems, the...
IBM DB2 加密问题漏洞
IBM DB2 is a set of relational database management system from IBM in the United States. The main execution environments for this system are UNIX, Linux, IBMi, z/OS, and Windows server versions. An information disclosure vulnerability exists in IBM DB2 for Linux, UNIX, and Windows, which stems fr...
ALBA-2021:4533 ibus bug fix update
The Intelligent Input Bus IBus is an input method framework for multilingual input in Unix-like operating systems. Bug fix: Previously, in GNOME Wayland desktop in AlmaLinux 8.5, the IBus emoji candidate pop-up was used with IBus UI and the selected candidate could not inserted into the target...
Remote Code Execution (RCE)
Gradle is vulnerable to remote code execution. start scripts generated by the application plugin and the gradlew script are both vulnerable to arbitrary code execution when an attacker is able to change environment variables for the user running the script. This may impact those who use gradlew o...
netty: Information disclosure via the local system temporary directory
In Netty there is a vulnerability on Unix-like systems involving an insecure temp file. When netty's multipart decoders are used, a local information disclosure can occur via the local system temporary directory if temporary storing uploads on the disk is enabled. On unix-like systems, the...
Security Bulletin: IBM Watson Discovery for IBM Cloud Pak for Data affected by vulnerability in Netty
Summary IBM Watson Discovery for IBM Cloud Pak for Data contains a vulnerable version of Netty. Vulnerability Details CVEID: CVE-2021-21290 DESCRIPTION: Netty could allow a local authenticated attacker to obtain sensitive information, caused by an insecure temp file in Unix-like systems. By sendi...
netty: Information disclosure via the local system temporary directory
In Netty there is a vulnerability on Unix-like systems involving an insecure temp file. When netty's multipart decoders are used, a local information disclosure can occur via the local system temporary directory if temporary storing uploads on the disk is enabled. On unix-like systems, the...
Segmentation fault in time
Impact Unix-like operating systems may segfault due to dereferencing a dangling pointer in specific circumstances. This requires an environment variable to be set in a different thread than the affected functions. This may occur without the user's knowledge, notably in a third-party library. The...
netty: Information disclosure via the local system temporary directory
In Netty there is a vulnerability on Unix-like systems involving an insecure temp file. When netty's multipart decoders are used, a local information disclosure can occur via the local system temporary directory if temporary storing uploads on the disk is enabled. On unix-like systems, the...
Oracle Solaris has an unspecified vulnerability (CNVD-2021-54716)
Oracle Solaris is a Unix-like operating system, and a security vulnerability exists in the Kernel component of Oracle Solaris version 11. An attacker could use the vulnerability to update, insert, or remove unauthorized access to certain data accessible to the product, and cause a partial denial ...
CVE-2021-32751
Gradle is a build tool with a focus on build automation. In versions prior to 7.2, start scripts generated by the application plugin and the gradlew script are both vulnerable to arbitrary code execution when an attacker is able to change environment variables for the user running the script. Thi...
CVE-2021-32751
Gradle is a build tool with a focus on build automation. In versions prior to 7.2, start scripts generated by the application plugin and the gradlew script are both vulnerable to arbitrary code execution when an attacker is able to change environment variables for the user running the script. Thi...
CVE-2021-32751
Gradle is a build tool with a focus on build automation. In versions prior to 7.2, start scripts generated by the application plugin and the gradlew script are both vulnerable to arbitrary code execution when an attacker is able to change environment variables for the user running the script. Thi...
Command injection
Gradle is a build tool with a focus on build automation. In versions prior to 7.2, start scripts generated by the application plugin and the gradlew script are both vulnerable to arbitrary code execution when an attacker is able to change environment variables for the user running the script. Thi...
CVE-2021-32751
CVE-2021-32751 affects Gradle up to version 7.1. Vulnerability: start scripts generated by the application plugin and the gradlew script may be abused to execute arbitrary code if an attacker can change environment variables seen by the vulnerable scripts (Unix-like systems). Root cause: use of e...
CVE-2021-32751 Arbitrary code execution via specially crafted environment variables
Gradle is a build tool with a focus on build automation. In versions prior to 7.2, start scripts generated by the application plugin and the gradlew script are both vulnerable to arbitrary code execution when an attacker is able to change environment variables for the user running the script. Thi...