7 matches found
CVE-2025-48934
Deno is a JavaScript, TypeScript, and WebAssembly runtime. Prior to versions 2.1.13 and 2.2.13, the Deno.env.toObject method ignores any variables listed in the --deny-env option of the deno run command. When looking at the documentation of the --deny-env option this might lead to a false...
[SECURITY] [DLA 4181-1] glibc security update
Debian LTS Advisory DLA-4181-1 [email protected] https://www.debian.org/lts/security/ Sean Whitton May 27, 2025 https://wiki.debian.org/LTS Package : glibc Version : 2.31-13+deb11u13 CVE ID : CVE-2025-4802 A flaw was discovered in the dynamic linking support in the GNU C Library, the C...
CVE-2024-52060
Buffer Copy without Checking Size of Input 'Classic Buffer Overflow' vulnerability in RTI Connext Professional Routing Service, Recording Service, Queuing Service, Observability Collector Service, Cloud Discovery Service allows Buffer Overflow via Environment Variables.This issue affects Connext...
SUSE-SU-2022:4054-1 Security update for go1.19
This update for go1.19 fixes the following issues: Update to go 1.19.3 released 2022-11-01 bsc1200441: Security fixes: - CVE-2022-41716: Fixed unsanitized NUL in environment variables in syscalls, os/exec go56327 bsc1204941. Bugfixes: - runtime: lock count' fatal error when cgo is enabled go56308...
xpcd PhotoCD viewer buffer overflow
Buffer overflow in xpcd-svga on oversized HOME environment variable...
CVE-2001-0170
glibc 2.1.9x and earlier does not properly clear the RESOLVHOSTCONF, HOSTALIASES, or RESOPTIONS environmental variables when executing setuid/setgid programs, which could allow local users to read arbitrary files...
IRIX 5.25.36.x - TelnetD Environment Variable Format String
IRIX 5.25.36.x - TelnetD Environment Variable Format String // source: https://www.securityfocus.com/bid/1572/info A vulnerability exists in the telnet daemon shipped with Irix versions 6.2 through 6.5.8, and in patched versions of the telnet daemon in Irix 5.2 through 6.1, from Silicon Graphics...