7 matches found
openSUSE 16 Security Update : libcap (openSUSE-SU-2026:20613-1)
The remote openSUSE 16 host has packages installed that are affected by a vulnerability as referenced in the openSUSE- SU-2026:20613-1 advisory. - CVE-2026-4878: local privilege escalation through file capability injection due to TOCTOU race condition in capsetfile bsc1261809. Tenable has extract...
SUSE-SU-2026:21274-1 Security update for libcap
This update for libcap fixes the following issues: - CVE-2026-4878: local privilege escalation through file capability injection due to TOCTOU race condition in capsetfile bsc1261809...
OESA-2024-1737 kernel security update
The Linux Kernel, the operating system core itself. Security Fixes: In the Linux kernel, the following vulnerability has been resolved: afs: Fix corruption in reads at fpos 2G-4G from an OpenAFS server AFS-3 has two data fetch RPC variants, FS.FetchData and FS.FetchData64, and Linux's afs client...
CVE-2023-0340
The Custom Content Shortcode WordPress plugin through 4.0.2 does not validate one of its shortcode attribute, which could allow users with a contributor role and above to include arbitrary files via a traversal attack. This could also allow them to read non PHP files and retrieve their content. R...
CVE-2023-0340 Custom Content Shortcode <= 4.0.2 - Contributor+ LFI
The Custom Content Shortcode WordPress plugin through 4.0.2 does not validate one of its shortcode attribute, which could allow users with a contributor role and above to include arbitrary files via a traversal attack. This could also allow them to read non PHP files and retrieve their content. R...
CVE-2023-0080
The Customer Reviews for WooCommerce WordPress plugin before 5.16.0 does not validate one of its shortcode attribute, which could allow users with a contributor role and above to include arbitrary files via a traversal attack. This could also allow them to read non PHP files and retrieve their...
UBUNTU-CVE-2012-2123
The capbprmsetcreds function in security/commoncap.c in the Linux kernel before 3.3.3 does not properly handle the use of file system capabilities aka fcaps for implementing a privileged executable file, which allows local users to bypass intended personality restrictions via a crafted applicatio...