EUVD-2018-0758

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2018-5764

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The parsearguments function in options.c in rsyncd in rsync before 3.1.3 does not prevent multiple --protect-args uses, which allows remote attackers to bypass ...

golang: improper validation of cgo flags can lead to code execution at build time

An input validation vulnerability was found in Go. If cgo is specified in a Go file, it is possible to bypass the validation of arguments to the gcc compiler. This flaw allows an attacker to create a malicious repository that can execute arbitrary code when downloaded and run via go get or go bui...

DEBIAN-CVE-2017-18367

libseccomp-golang 0.9.0 and earlier incorrectly generates BPFs that OR multiple arguments rather than ANDing them. A process running under a restrictive seccomp filter that specified multiple syscall arguments could bypass intended access restrictions by specifying a single matching argument...

CVE-2017-1000365

The Linux Kernel imposes a size restriction on the arguments and environmental strings passed through RLIMITSTACK/RLIMINFINITY 1/4 of the size, but does not take the argument and environment pointers into account, which allows attackers to bypass this limitation. This affects Linux Kernel version...

openSUSE 10 Security Update : samba (samba-3349)

Specially crafted MS-RPC packets could overwrite heap memory and therfore could potentially be exploited to execute code CVE-2007-2446. Authenticated users could leverage specially crafted MS-RPC packets to pass arguments unfiltered to /bin/sh CVE-2007-2447. %NASLMINLEVEL 70300 C Tenable Network...