32 matches found
EUVD-2016-10789
Malware in sbrugna...
EUVD-2023-55069
Malicious code in bioql PyPI...
EUVD-2023-55070
Malicious code in bioql PyPI...
CVE-2016-15045
A local privilege escalation vulnerability exists in lastore-daemon, the system package manager daemon used in Deepin Linux developed by Wuhan Deepin Technology Co., Ltd.. In versions 0.9.53-1 Deepin 15.5 and 0.9.66-1 Deepin 15.7, the D-Bus configuration permits any user in the sudo group to invo...
CVE-2016-15045 Deepin lastore-daemon Privilege Escalation via Unsigned .deb Installation
A local privilege escalation vulnerability exists in lastore-daemon, the system package manager daemon used in Deepin Linux developed by Wuhan Deepin Technology Co., Ltd.. In versions 0.9.53-1 Deepin 15.5 and 0.9.66-1 Deepin 15.7, the D-Bus configuration permits any user in the sudo group to invo...
CVE-2016-15045 Deepin lastore-daemon Privilege Escalation via Unsigned .deb Installation
A local privilege escalation vulnerability exists in lastore-daemon, the system package manager daemon used in Deepin Linux developed by Wuhan Deepin Technology Co., Ltd.. In versions 0.9.53-1 Deepin 15.5 and 0.9.66-1 Deepin 15.7, the D-Bus configuration permits any user in the sudo group to invo...
CVE-2016-15045
Local privilege escalation in Deepin’s lastore-daemon (versions 0.9.53-1 to 0.9.66-1) arises from a D-Bus misconfiguration that allows users in the sudo group to invoke InstallPackage without password authentication. With shell access, an attacker can craft a .deb containing a malicious post-inst...
PT-2025-30582 · Deepin · Lastore-Daemon
Name of the Vulnerable Software and Affected Versions: lastore-daemon versions 0.9.53-1 through 0.9.66-1 Description: A local privilege escalation vulnerability exists in lastore-daemon, the system package manager daemon used in Deepin Linux. The D-Bus configuration permits any user in the sudo...
CVE-2023-50254
Deepin Linux's default document reader deepin-reader software suffers from a serious vulnerability in versions prior to 6.0.7 due to a design flaw that leads to remote command execution via crafted docx document. This is a file overwrite vulnerability. Remote code execution RCE can be achieved by...
CVE-2023-50255
Deepin-Compressor is the default archive manager of Deepin Linux OS. Prior to 5.12.21, there's a path traversal vulnerability in deepin-compressor that can be exploited to achieve Remote Command Execution on the target system upon opening crafted archives. Users are advised to update to version...
Path traversal
Deepin-Compressor is the default archive manager of Deepin Linux OS. Prior to 5.12.21, there's a path traversal vulnerability in deepin-compressor that can be exploited to achieve Remote Command Execution on the target system upon opening crafted archives. Users are advised to update to version...
CVE-2023-50255 Zip Path Traversal in Deepin-Compressor
Deepin-Compressor is the default archive manager of Deepin Linux OS. Prior to 5.12.21, there's a path traversal vulnerability in deepin-compressor that can be exploited to achieve Remote Command Execution on the target system upon opening crafted archives. Users are advised to update to version...
CVE-2023-50255
CVE-2023-50255 affects the Deepin-Compressor default archive manager in Deepin Linux. A path traversal flaw prior to 5.12.21 can be exploited to achieve Remote Command Execution when opening crafted archives. Remediation: upgrade to version 5.12.21 or later (as listed in OpenSUSE/OpenSUSE-SU advi...
CVE-2023-50255 Zip Path Traversal in Deepin-Compressor
Deepin-Compressor is the default archive manager of Deepin Linux OS. Prior to 5.12.21, there's a path traversal vulnerability in deepin-compressor that can be exploited to achieve Remote Command Execution on the target system upon opening crafted archives. Users are advised to update to version...
SUSE CVE-2023-50254
Deepin Linux's default document reader deepin-reader software suffers from a serious vulnerability in versions prior to 6.0.7 due to a design flaw that leads to remote command execution via crafted docx document. This is a file overwrite vulnerability. Remote code execution RCE can be achieved by...
CVE-2023-50254
Deepin Linux's default document reader deepin-reader software suffers from a serious vulnerability in versions prior to 6.0.7 due to a design flaw that leads to remote command execution via crafted docx document. This is a file overwrite vulnerability. Remote code execution RCE can be achieved by...
Design/Logic Flaw
Deepin Linux's default document reader deepin-reader software suffers from a serious vulnerability in versions prior to 6.0.7 due to a design flaw that leads to remote command execution via crafted docx document. This is a file overwrite vulnerability. Remote code execution RCE can be achieved by...
CVE-2023-50254 Deepin Reader RCE vulnerability due to a design flaw
Deepin Linux's default document reader deepin-reader software suffers from a serious vulnerability in versions prior to 6.0.7 due to a design flaw that leads to remote command execution via crafted docx document. This is a file overwrite vulnerability. Remote code execution RCE can be achieved by...
CVE-2023-50254 Deepin Reader RCE vulnerability due to a design flaw
Deepin Linux's default document reader deepin-reader software suffers from a serious vulnerability in versions prior to 6.0.7 due to a design flaw that leads to remote command execution via crafted docx document. This is a file overwrite vulnerability. Remote code execution RCE can be achieved by...
CVE-2023-50254
Summary : Deepin Linux’s default document reader, deepin-reader , is affected in versions prior to 6.0.7 due to a design flaw that allows remote command execution by processing crafted docx files. The vulnerability is a file overwrite issue; RCE can occur by overwriting files such as ~/.bashrc, ~...