Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: tracing: Fix null pointer dereference in tracingerrlogopen Fix an issue in function 'tracingerrlogopen'. The function doesn't call 'seqopen' if the file is opened only with write permissions, which results in 'file-privatedata'...

GHSA-Q433-J342-RP9H Pimcore ENV Variables and Cookie Informations are exposed in http_error_log

Summary The httperrorlog file stores the $COOKIE and $SERVER variables, which means sensitive information such as database passwords, cookie session data, and other details can be accessed or recovered through the Pimcore backend. Details It’s better to remove both lines, as this information make...

RHEL 6 / 7 : rh-mariadb101-mariadb and rh-mariadb101-galera (RHSA-2018:0574)

The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:0574 advisory. MariaDB is a multi-user, multi-threaded SQL database server. For all practical purposes, MariaDB is binary-compatible with MySQL. The...

CVE-2020-17449

PHP-Fusion 9.03 allows XSS via the errorlog file...

cPanel Authorization Issues Vulnerability (CNVD-2019-36124)

cPanel is a set of Web-based automated colocation platform from the US-based cPanel. The platform is primarily used to automate the management of websites and servers. An authorization issue vulnerability exists in cPanel. An attacker can exploit this vulnerability to create the cpdavderrorlog fi...

Improper Access Control

Oracle MySQL is vulnerable to improper access control. MySQL init script mishandles initialization of the database data directory and permission setting on the error log file allowing local attackers to escalate their privileges to root or cause a system crash...

mysql: unsafe chmod/chown use in init script (CPU Jan 2017)

Multiple flaws were found in the way the MySQL init script handled initialization of the database data directory and permission setting on the error log file. The mysql operating system user could use these flaws to escalate their privileges to root...

Updated mariadb packages fix security vulnerability

Root Privilege Escalation CVE-2016-6664. Unspecified vulnerability affecting the Optimizer component CVE-2017-3238. Unspecified vulnerability affecting the Charsets component CVE-2017-3243. Unspecified vulnerability affecing the DML component CVE-2017-3244. Unspecified vulnerability affecting...

CVE-2016-6664

A flaw was found in the way the mysqldsafe script handled creation of error log file. The mysql operating system user could use this flaw to escalate their privileges to root...

PowerCHM 5.7 (hhp File) Stack Overflow poC

Exploit for unknown platform in category dos / poc ========================================== PowerCHM 5.7 hhp File Stack Overflow poC ========================================== exploit.py PowerCHM 5.7 hhp file Stack overflow PoC By:Encrypt3d.M!nd Orginally Discovered by: Biks Security...