171 matches found
RLSA-2026:22937 Important: image-builder security update
A local binary for building customized OS artifacts such as VM images and OSTree commits. Uses osbuild under the hood. Security Fixes: golang: net/url: Memory exhaustion in query parameter parsing in net/url CVE-2025-61726 crypto/tls: Unexpected session resumption in crypto/tls CVE-2025-68121...
golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root
A flaw was found in the internal/syscall/unix package in the Go standard library. If the target of the Root.Chmod function is replaced with a symbolic link during execution, specifically after Root.Chmod checks the target but before acting, the chmod operation will be performed on the file the...
Barracuda RMM 安全漏洞
Barracuda RMM is a remote monitoring and management platform developed by the American company Barracuda. Versions of Barracuda RMM prior to 2025.2.2 contained security vulnerabilities. These vulnerabilities stemmed from excessive permissions in the file system access control list, which could...
Important: nodejs20
Issue Overview: Bypass File System Permissions using crafted symlinks CVE-2025-55130 A flaw in Node.js's buffer allocation logic can expose uninitialized memory when allocations are interrupted, when using the vm module with the timeout option. Under specific timing conditions, buffers allocated...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001070)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001070 advisory. nfsd in the Linux kernel through 4.6.3 allows local users to bypass intended file-permission restrictions by setting a POSIX ACL, related to nfs2acl.c, nfs3acl.c, an...
Directory Traversal
Overview @react-router/node is a Node.js platform abstractions for React Router Affected versions of this package are vulnerable to Directory Traversal via the createFileSessionStorage function. An attacker can access or modify files outside the intended session file directory by crafting a...
CVE-2025-34323
Nagios Log Server versions prior to 2026R1.0.1 are vulnerable to local privilege escalation due to a combination of sudo misconfiguration and group-writable application directories. The 'www-data' user is a member of the 'nagios' group, which has write access to...
EUVD-2020-29579
Malware in sbrugna...
EUVD-2020-5787
Malware in sbrugna...
EUVD-2020-5789
Malware in sbrugna...
EUVD-2020-3289
Malware in sbrugna...
EUVD-2002-1496
Malware in sbrugna...
EUVD-2019-10157
Malware in sbrugna...
EUVD-2020-5784
Malware in sbrugna...
EUVD-2020-5801
Malware in sbrugna...
EUVD-2020-5788
Malware in sbrugna...
EUVD-2018-1260
Malware in sbrugna...
EUVD-2020-5783
Malware in sbrugna...
EUVD-2020-5796
Malware in sbrugna...
EUVD-2018-15835
Malware in sbrugna...