CVE-2026-2946

CVE-2026-2946 affects rymcu forest up to version 0.0.5. The vulnerability is in the function XssUtils.replaceHtmlCode (src/main/java/com/rymcu/forest/util/XssUtils.java) of the Article Content/Comments/Portfolio component, enabling cross-site scripting. The issue enables remote exploitation and t...

EUVD-2018-3776

Malware in sbrugna...

CVE-2024-36050

Nix through 2.22.1 mishandles certain usage of hash caches, which makes it easier for attackers to replace current source code with attacker-controlled source code by luring a maintainer into accepting a malicious pull request...

PT-2024-26864 · Nix +1 · Nix +1

Name of the Vulnerable Software and Affected Versions: Nix versions prior to 2.22.1 Description: The issue makes it easier for attackers to replace current source code with attacker-controlled source code by luring a maintainer into accepting a malicious pull request. This is due to the mishandli...

Privilege Escalation

jenkins is vulnerable to privilege escalation. The vulnerability exists due to a lack of limiting the agent read/write access to the libs/ directory inside build directories when using the FilePath APIs, allowing attackers in control of agent processes to replace the code of a trusted library wit...

CVE-2021-21696

Jenkins 2.318 and earlier, LTS 2.303.2 and earlier does not limit agent read/write access to the libs/ directory inside build directories when using the FilePath APIs, allowing attackers in control of agent processes to replace the code of a trusted library with a modified variant. This results i...

Apache OpenWhisk Remote Code Execution Vulnerability

Apache OpenWhisk is an open source FaaS cloud platform from the Apache Software Foundation in the U.S. PHP Runtime for Apache OpenWhisk is its PHP-based version. A security vulnerability exists in PHP Runtime for Apache OpenWhisk. The vulnerability can be exploited to replace the source code of a...

DedeCms v5. 6-5. 7 explosion serious security vulnerability free account and password directly into the background-bug warning-the black bar safety net

As is well known, due to the use of simple, customer base, and more, weaving dreams CMS has been broke many vulnerabilities. Today xiaobian in the group to get the woven dream official forum, a moderator and reliable message:“DEDECMS explosion serious security vulnerability, the recent official...

CVE-2003-0359

nethack 3.4.0 and earlier installs certain setgid binaries with insecure permissions, which allows local users to gain privileges by replacing the original binaries with malicious code...

tcpwrapper-backdoor.txt

Date: Thu, 21 Jan 1999 11:38:17 -0500 From: Wietse Venema To: [email protected] Subject: backdoored tcp wrapper source code TCP Wrappers is a widely-used security tool to protect UNIX systems against intrusion. In has an estimated installed base of millions. Today someone replaced the tcp...