EUVD-2006-6196

Malware in sbrugna...

EUVD-2007-0969

Malware in sbrugna...

CVE-2025-36244

IBM AIX 7.2, 7.3, IBM VIOS 3.1, and 4.1, when configured to use Kerberos network authentication, could allow a local user to write to files on the system with root privileges due to improper initialization of critical variables...

CVE-2025-36244

CVE-2025-36244 : IBM AIX/VIOS Kerberos vulnerability allowing a local user to write to arbitrary files with root privileges due to improper initialization of critical variables. Affected: AIX 7.2, 7.3; VIOS 3.1, 4.1; vulnerable fileset: krb5.client.rte (1.16.1.0–1.16.1.7). CVSS base score 7.4 (HI...

Add a tme lock to VoterProxy.sol setter function

Lines of code%20external%20%7B,%7D,-function%20deposit Vulnerability details Impact More trust for user functions that are set key/critical variables should be behind a timelock. Proof of Concept%20external%20%7B,%7D,-function%20deposit Tools Used Manuel review Recommended Mitigation Steps Add a...

Add a timelock to DiamondCutFacet

Lines of code Vulnerability details Impact To give more trust to users: functions that set key/critical variables should be put behind a timelock. Proof of Concept Tools Used Remix Recommended Mitigation Steps Add a timelock to setter functions of key/critical variables. --- The text was updated...

Phoenix Contact ILC PLC Authentication Vulnerabilities

OVERVIEW Matthias Niedermaier and Michael Kapfer of HSASec Hochschule Augsburg have identified authentication vulnerabilities in Phoenix Contact’s ILC inline controller PLCs. Phoenix Contact GmbH & Co. KG has produced a mitigation plan that includes an update and recommended security practices to...

CVE-2008-3655

Ruby 1.8.5 and earlier, 1.8.6 through 1.8.6-p286, 1.8.7 through 1.8.7-p71, and 1.9 through r18423 does not properly restrict access to critical variables and methods at various safe levels, which allows context-dependent attackers to bypass intended access restrictions via 1 untracevar, 2...

Design/Logic Flaw

The hack-local-variables function in Emacs before 22.2, when enable-local-variables is set to :safe, does not properly search lists of unsafe or risky variables, which might allow user-assisted attackers to bypass intended restrictions and modify critical program variables via a file containing a...

CVE-2007-2431

Dynamic variable evaluation vulnerability in shared/config/tceconfig.php in TCExam 4.0.011 and earlier allows remote attackers to conduct cross-site scripting XSS and possibly other attacks by modifying critical variables such as $SERVER, as demonstrated by injecting web script via the...

CVE-2005-1932

Lpanel 1.59 and earlier, and other versions before 1.597, allows remote authenticated users to modify certain critical variables and 1 modify DNS settings for arbitrary domains via the domain parameter to diagnose.php, 2 close, open, or respond to arbitrary support tickets via the close, open, or...