Duplicate Advisory: OpenClaw: Exec environment denylist missed high-risk interpreter startup variables

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-vfp4-8x56-j7c5. This link is maintained to preserve external references. Original Description OpenClaw before 2026.4.10 contains an insufficient environment variable denylist vulnerability in its exec environmen...

CVE-2023-6154

A configuration setting issue in seccenter.exe as used in Bitdefender Total Security, Bitdefender Internet Security, Bitdefender Antivirus Plus, Bitdefender Antivirus Free allows an attacker to change the product's expected behavior and potentially load a third-party library upon execution. This...

CentOS 9 : libarchive-3.5.3-4.el9

The remote CentOS Linux 9 host has packages installed that are affected by a vulnerability as referenced in the libarchive-3.5.3-4.el9 build changelog. - In libarchive before 3.6.2, the software does not check for an error after calling calloc function that can return with a NULL pointer if the...

EulerOS 2.0 SP5 : libarchive (EulerOS-SA-2023-2154)

According to the versions of the libarchive package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In libarchive before 3.6.2, the software does not check for an error after calling calloc function that can return with a NULL pointer if the...

Apache Linkis subject to Remote Code Execution via deserialization

In Apache Linkis =1.2.0 when used with the MySQL Connector/J, a deserialization vulnerability with possible remote code execution impact exists when an attacker has write access to a database and configures a JDBC EC with a MySQL data source and malicious parameters. Therefore, the parameters in...

GLSA-201206-14 : Adobe Reader: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-201206-14 Adobe Reader: Multiple vulnerabilities Multiple vulnerabilities have been found in Adobe Reader, including an integer overflow in TrueType Font handling CVE-2012-0774 and multiple unspecified errors which could cause...

CVE-2010-0412

stap-server in SystemTap 1.1 does not properly restrict the value of the -B aka BUILD option, which allows attackers to have an unspecified impact via vectors associated with executing the make program, a different vulnerability than CVE-2009-4273...

antivir.txt

NOTE: Already posted to vuln-dev. Because I'm not receiving comments, I believe that this one is real. Dear list, please inspect the following, your input is welcome. Vendors Microsoft and unspecified AV company are contacted two months ago, I'm not satisfied with their response and here is the...

CVE-2003-0831

ProFTPD 1.2.7 through 1.2.9rc2 does not properly translate newline characters when transferring files in ASCII mode, which allows remote attackers to execute arbitrary code via a buffer overflow using certain files...