Unity Linux 20.1070e Security Update: python3 (UTSA-2025-987414)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987414 advisory. A vulnerability has been found in the CPython venv module and CLI where path names provided when creating a virtual environment were not quoted properly, allowing th...

EUVD-2023-34241

Malicious code in bioql PyPI...

AZL-50757 CVE-2024-9287 affecting package python3 for versions less than 3.9.19-11

A vulnerability has been found in the CPython venv module and CLI where path names provided when creating a virtual environment were not quoted properly, allowing the creator to inject commands into virtual environment "activation" scripts ie "source venv/bin/activate". This means that...

ALPINE-CVE-2024-9287

A vulnerability has been found in the CPython venv module and CLI where path names provided when creating a virtual environment were not quoted properly, allowing the creator to inject commands into virtual environment "activation" scripts ie "source venv/bin/activate". This means that...

Avira Password Manager Browser Extensions 安全漏洞

Avira Password Manager Browser Extensions is a password management software by Little Red Umbrella, which is designed for chrome and can also be used on edge browsers to ensure that users can manage their passwords on the web. A security vulnerability exists in Avira Password Manager Browser...

CVE-2021-32773

Racket is a general-purpose programming language and an ecosystem for language-oriented programming. In versions prior to 8.2, code evaluated using the Racket sandbox could cause system modules to incorrectly use attacker-created modules instead of their intended dependencies. This could allow...

[ASA-202107-39] racket: sandbox escape

Arch Linux Security Advisory ASA-202107-39 ========================================== Severity: Medium Date : 2021-07-20 CVE-ID : CVE-2021-32773 Package : racket Type : sandbox escape Remote : Yes Link : https://security.archlinux.org/AVG-2175 Summary ======= The package racket before version 8.2...

CVE-2021-32773 Confused deputy attack in sandbox module resolution

Racket is a general-purpose programming language and an ecosystem for language-oriented programming. In versions prior to 8.2, code evaluated using the Racket sandbox could cause system modules to incorrectly use attacker-created modules instead of their intended dependencies. This could allow...

Vulnerability Spotlight: Multiple vulnerabilities in SoftMaker Office TextMaker

A Cisco Talos team member discovered these vulnerabilities. Blog by Jon Munshaw. Cisco Talos recently discovered multiple vulnerabilities in SoftMaker's TextMaker software. A user could trigger these vulnerabilities by opening an attacker-created, malicious document. An adversary could use these...

The vulnerability of the Windows operating system’s kernel allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Windows operating system’s kernel is related to errors in memory object handling. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information through a specially created application...

CVE-2019-6530

Panasonic FPWIN Pro version 7.3.0.0 and prior allows attacker-created project files to be loaded by an authenticated user causing heap-based buffer overflows, which may lead to remote code execution...

CVE-2019-6532

Panasonic FPWIN Pro version 7.3.0.0 and prior allows attacker-created project files to be loaded by an authenticated user triggering incompatible type errors because the resource does not have expected properties. This may lead to remote code execution...

The vulnerability of the Windows operating system allows a hacker to execute arbitrary code in the context of the current user.

The vulnerability of the Windows operating system exists due to improper handling of the event log file. The vulnerability can be exploited by opening the event log file created by the attacker. As a result of exploiting this vulnerability, an attacker who operates remotely can execute arbitrary...