CVE-2023-37658

fast-poster v2.15.0 is vulnerable to Cross Site Scripting XSS. File upload check binary of img, but without strictly check file suffix at /server/fast.py - ApiUploadHandler.post causes stored XSS...

Acronis: Acronis True Image Local Privilege Escalation Due To Race Condition In Application Verification

Summary The Acronis True Image application has a SUID binary "Acronis True Image" that starts another binary "console" in the same directory. The SUID binary does some checks on "console" before it is run to make sure the correct binary is being run. By using a hardlink to the SUID binary we can...