CVE-2026-35344 uutils coreutils dd Silent Data Corruption via Unconditional Truncation Error Suppression

The dd utility in uutils coreutils suppresses errors during file truncation operations by unconditionally calling Result::ok on truncation attempts. While intended to mimic GNU behavior for special files like /dev/null, the uutils implementation also hides failures on regular files and directorie...

Linux Distros Unpatched Vulnerability : CVE-2026-35344

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The dd utility in uutils coreutils suppresses errors during file truncation operations by unconditionally calling Result::ok on truncation attempts. While...

PT-2026-25571

A vulnerability has been found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. This impacts the function cgi...

Siemens SIMATIC RTLS Locating Manager 输入验证错误漏洞

Siemens SIMATIC RTLS Locating Manager is an RTLS locating manager from Siemens, Germany. An input validation error vulnerability exists in Siemens SIMATIC RTLS Locating Manager versions prior to V3.2, which stems from improper validation of inputs to backup scripts, and could lead to the executio...

CVE-2024-56321

GoCD is a continuous deliver server. GoCD versions 18.9.0 through 24.4.0 inclusive can allow GoCD admins to abuse the backup configuration "post-backup script" feature to potentially execute arbitrary scripts on the hosting server or container as GoCD's user, rather than pre-configured scripts. I...

PT-2025-1151 · Gocd · Gocd

Name of the Vulnerable Software and Affected Versions: GoCD versions 18.9.0 through 24.4.0 Description: The issue exists due to incorrect restriction of the path name to a directory with limited access. This can allow a remote attacker to execute arbitrary code. Specifically, GoCD admins can abus...

PCI DSS Compliance - Information Leakage

The remote host is vulnerable to one or more conditions that are considered to be 'information leakage' and so are not automatic failures according to the PCI DSS Approved Scanning Vendors Program Guide version 3.1. These information leakage issues include one or more of the following : - Detaile...

Directory traversal

The 1 backup and restore scripts, 2 main initialization script, and 3 ldap-agent script in 389 Directory Server 1.2.x aka Red Hat Directory Server 8.2.x place a zero-length directory name in the LDLIBRARYPATH, which allows local users to gain privileges via a Trojan horse shared library in the...

Server: use of insecure LD_LIBRARY_PATH settings

The 1 backup and restore scripts, 2 main initialization script, and 3 ldap-agent script in 389 Directory Server 1.2.x aka Red Hat Directory Server 8.2.x place a zero-length directory name in the LDLIBRARYPATH, which allows local users to gain privileges via a Trojan horse shared library in the...

Blackboard Transact database credentials disclosure

Overview The Blackboard Transact application contains two vulnerabilities that allow an unauthorized user to access the database credentials. Description The Blackboard Transact application previously know as Blackboard Commerce Suite comes with a utility called BbtsConnectionEdit.exe that is use...