8 matches found
EUVD-2022-42354
Malicious code in bioql PyPI...
CVE-2025-3722
A path traversal vulnerability in System Information Reporter SIR 1.0.3 and prior allowed an authenticated high privileged user to issue malicious ePO post requests to System Information Reporter, leading to creation of files anywhere on the filesystem and possibly overwriting existing files and...
UBUNTU-CVE-2021-32841
SharpZipLib or ziplib is a Zip, GZip, Tar and BZip2 library. Starting version 1.3.0 and prior to version 1.3.3, a check was added if the destination file is under destination directory. However, it is not enforced that destDir ends with slash. If the destDir is not slash terminated like...
FreeBSD : gitolite -- path traversal vulnerability (f94befcd-1289-11e2-a25e-525400272390)
Sitaram Chamarty reports : I'm sorry to say there is a potential path traversal vulnerability in v3. Thanks to Stephane Chazelas for finding it and alerting me. Can it affect you? This can only affect you if you are using wild card repos, and at least one of your patterns allows the string '../' ...
GLSA-200407-01 : Esearch: Insecure temp file handling
The remote host is affected by the vulnerability described in GLSA-200407-01 Esearch: Insecure temp file handling The eupdatedb utility uses a temporary file /tmp/esearchdb.py.tmp to indicate that the eupdatedb process is running. When run, eupdatedb checks to see if this file exists, but it does...
[ GLSA 200407-01 ] Esearch: Insecure temp file handling
Gentoo Linux Security Advisory GLSA 200407-01 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity:...
Esearch: Insecure temp file handling
Background Esearch is a replacement for the Portage command "emerge search". It uses an index to speed up searching of the Portage tree. Description The eupdatedb utility uses a temporary file /tmp/esearchdb.py.tmp to indicate that the eupdatedb process is running. When run, eupdatedb checks to s...
lynx.2.8.2.extern.txt
-----BEGIN PGP SIGNED MESSAGE----- SuSE Security Announcement Package: lynx-2.8.2 and older Date: Thu Sep 16 21:29:15 CEST 1999 Affected: all Linux distributions using lynx-2.8.2 and older A security hole was discovered in the package mentioned above. Please update as soon as possible or disable...