EUVD-2020-22457

Malware in sbrugna...

EUVD-2010-3016

Malware in sbrugna...

EUVD-2022-41862

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2019-19378

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image can lead to slab-out-of-bounds write access in indexrbiopages in fs/btrfs/raid56.c...

CVE-2022-21524

Vulnerability in the Oracle Solaris product of Oracle Systems component: Filesystem. The supported version that is affected is 11. Easily exploitable vulnerability allows low privileged attacker with network access via SMB to compromise Oracle Solaris. Successful attacks of this vulnerability can...

CVE-2025-0373

This CVE affects FreeBSD 64-bit systems via VOP_VPTOFH() in the cd9660, tarfs, and ext2fs filesystems when exporting via NFS. The destination FID buffer overflows by 4 bytes, causing a stack buffer overflow that can crash the NFS server (panics). Potential exploitation (e.g., bypassing file permi...

QEMU elevation of privilege vulnerability (CNVD-2023-61011)

QEMU is a suite of analog processor software from the French individual developer Fabrice Bellard. The software is fast and cross-platform. QEMU suffers from an elevation of privilege vulnerability, which stems from the 9p passthrough filesystem failing to discard the SUID/SGID bit when writing t...

SUSE CVE-2018-12931

ntfsattrfind in the ntfs.ko filesystem driver in the Linux kernel 4.15.0 allows attackers to trigger a stack-based out-of-bounds write and cause a denial of service kernel oops or panic or possibly have unspecified other impact via a crafted ntfs filesystem...

CVE-2022-29180 Charm vulnerable to server-side request forgery (SSRF)

A vulnerability in which attackers could forge HTTP requests to manipulate the charm data directory to access or delete anything on the server. This has been patched and is available in release v0.12.1. We recommend that all users running self-hosted charm instances update immediately. This...

CVE-2015-1334

attach.c in LXC 1.1.2 and earlier uses the proc filesystem in a container, which allows local container users to escape AppArmor or SELinux confinement by mounting a proc filesystem with a crafted 1 AppArmor profile or 2 SELinux label...

Linux VServer Project 1.2x - Chroot Breakout

Linux VServer Project 1.2x - Chroot Breakout / source: https://www.securityfocus.com/bid/9596/info VServer is reported prone to a breakout vulnerability that allows a malicious user to escape from the context of the chrooted root directory of the virtual server. This issue is due to the VServer...

OpenVms 5.36.27.x - UCX POP Server Arbitrary File Modification

OpenVms 5.36.27.x - UCX POP Server Arbitrary File Modification source: https://www.securityfocus.com/bid/5790/info An issue with the UCX POP Post Office Protocol server used by OpenVMS has been reported. It is possible for a malicous local user to overwrite arbitrary files on the filesystem by...

SGI IRIX 6.5.2 - 'nsd' Information Gathering

/ source: https://www.securityfocus.com/bid/412/info A vulnerability has been discovered in the nsd service, as included by SGI in Irix 6.5.x. The vulnerability allows remote users to access potentially sensitive pieces of information, including, but not limited to, NIS map information, shadow...

HP JetAdmin 1.0.9 Rev. D - symlink

HP JetAdmin 1.0.9 Rev. D - symlink source: https://www.securityfocus.com/bid/157/info A vulnerability exists in HP's JetAdmin Rev. D.01.09 software. Due to its failure to check if it is following a symbolic link, it is possible for an attacker to create a link from /tmp/jetadmin.log to anywhere o...