EUVD-2022-3203

Malicious code in bioql PyPI...

LXD vulnerable to Race Condition

LXD before version 0.19-0ubuntu5 doUidshiftIntoContainer has an unsafe Chmod call that races against the stat in the Filepath.Walk function. A symbolic link created in that window could cause any file on the system to have any mode of the attacker's choice. Specific Go Packages Affected...

Design/Logic Flaw

LXD before version 0.19-0ubuntu5 doUidshiftIntoContainer has an unsafe Chmod call that races against the stat in the Filepath.Walk function. A symbolic link created in that window could cause any file on the system to have any mode of the attacker's choice...

CVE-2015-1340 chmod race in doUidshiftIntoContainer

LXD before version 0.19-0ubuntu5 doUidshiftIntoContainer has an unsafe Chmod call that races against the stat in the Filepath.Walk function. A symbolic link created in that window could cause any file on the system to have any mode of the attacker's choice...

FreeBSD : opera -- multiple vulnerabilities (44224e08-8306-11dc-9283-0016179b2dd5)

An advisory from Opera reports : If a user has configured Opera to use an external newsgroup client or e-mail application, specially crafted Web pages can cause Opera to run that application incorrectly. In some cases this can lead to execution of arbitrary code. When accessing frames from...

Scripts can overwrite functions on pages from other domains

When accesing frames from different Web sites, specially crafted scripts can bypass the same-origin policy, and overwrite functions from those frames. If scripts on the page then run those functions, this can cause the script of the attacker's choice to run in the context of the target Web site...