139 matches found
EUVD-2015-0871
Malware in sbrugna...
EUVD-2021-14828
Malware in sbrugna...
EUVD-2023-31371
Malicious code in bioql PyPI...
EUVD-2025-19670
Malicious code in bioql PyPI...
AZL-64641 CVE-2025-6297 affecting package dpkg 1.20.10-1
It was discovered that dpkg-deb does not properly sanitize directory permissions when extracting a control member into a temporary directory, which is documented as being a safe operation even on untrusted data. This may result in leaving temporary files behind on cleanup. Given automated and...
DEBIAN-CVE-2025-6297
It was discovered that dpkg-deb does not properly sanitize directory permissions when extracting a control member into a temporary directory, which is documented as being a safe operation even on untrusted data. This may result in leaving temporary files behind on cleanup. Given automated and...
UBUNTU-CVE-2025-6297
It was discovered that dpkg-deb does not properly sanitize directory permissions when extracting a control member into a temporary directory, which is documented as being a safe operation even on untrusted data. This may result in leaving temporary files behind on cleanup. Given automated and...
CVE-2025-6297 dpkg-deb: Fix cleanup for control member with restricted directories
It was discovered that dpkg-deb does not properly sanitize directory permissions when extracting a control member into a temporary directory, which is documented as being a safe operation even on untrusted data. This may result in leaving temporary files behind on cleanup. Given automated and...
CVE-2025-6297 dpkg-deb: Fix cleanup for control member with restricted directories
It was discovered that dpkg-deb does not properly sanitize directory permissions when extracting a control member into a temporary directory, which is documented as being a safe operation even on untrusted data. This may result in leaving temporary files behind on cleanup. Given automated and...
CVE-2025-6297
It was discovered that dpkg-deb does not properly sanitize directory permissions when extracting a control member into a temporary directory, which is documented as being a safe operation even on untrusted data. This may result in leaving temporary files behind on cleanup. Given automated and...
CVE-2025-6297 dpkg-deb: Fix cleanup for control member with restricted directories
It was discovered that dpkg-deb does not properly sanitize directory permissions when extracting a control member into a temporary directory, which is documented as being a safe operation even on untrusted data. This may result in leaving temporary files behind on cleanup. Given automated and...
CVE-2025-6297
It was discovered that dpkg-deb does not properly sanitize directory permissions when extracting a control member into a temporary directory, which is documented as being a safe operation even on untrusted data. This may result in leaving temporary files behind on cleanup. Given automated and...
SUSE-SU-2024:4006-1 Security update for SUSE Manager Server 4.3
This update fixes the following issues: cobbler: - Security issues fixed: CVE-2024-47533: Prevent privilege escalation from none to admin bsc1231332 - Other bugs fixed: Increase start timeout for cobblerd unit bsc1219450 Provide syncsinglesystem for DHCP modules to improve performance bsc1219450...
Veeam Backup for Salesforce Built-In Updater Not Finding Updates
Challenge In Veeam Backup for Salesforce v1, the Updater displays no updates available despite the fact that newer versions are available. Cause The updater fails to identify new updates as being available because of an expired or incorrect GPG key used to verify package integrity. Without the...
Virtuozzo Hybrid Server 7.5 Update 7 (7.5.7-129)
Virtuozzo Hybrid Server 7.5 Update 7 introduces a way to convert system containers to virtual machines, support for Ubuntu 24.04 LTS, and bug fixes. Additionally, it provides a new kernel 3.10.0-1160.119.1.vz7.224.4. Vulnerability id: PSBM-159393 Memory corruption leading to a crash in nodes in...
nfpm has incorrect default permissions
Summary When building packages directly from source control, file permissions on the checked-in files are not maintained. Details When building packages directly from source control, file permissions on the checked-in files are not maintained. When nfpm packaged the files without extra config for...
ENTAB ERP 1.0 - Username PII leak Vulnerability
Exploit Title: ENTAB ERP 1.0 - Username PII leak Exploit Author: Deb Prasad Banerjee Vendor Homepage: https://www.entab.in Version: Entab ERP 1.0 Tested on: Windows IIS CVE: CVE-2022-30076 Vulnerability Name: Broken Access control via Rate Limits Description: In the entab software in...
The vulnerability of the eval() function in the debmany utility package of the Debian-goodies suite allows a hacker to execute arbitrary commands.
The vulnerability of the eval function in the debmany utility package of the Debian-goodies suite is related to the lack of measures taken to neutralize special elements used in operating system commands when processing .deb files. Exploiting this vulnerability allows an attacker to execute...
CVE-2023-27635
debmany in debian-goodies 0.88.1 allows attackers to execute arbitrary shell commands because of an eval call via a crafted .deb file. The path is shown to the user before execution...
DEBIAN-CVE-2023-27635
debmany in debian-goodies 0.88.1 allows attackers to execute arbitrary shell commands because of an eval call via a crafted .deb file. The path is shown to the user before execution...