34 matches found
EUVD-2021-14589
Malware in sbrugna...
EUVD-2025-29155
Malicious code in bioql PyPI...
CVE-2025-59378
In guix-daemon in GNU Guix before 1618ca7, a content-addressed-mirrors file can be written to create a setuid program that allows a regular user to gain the privileges of the build user that runs it even after the build has ended...
Linux Distros Unpatched Vulnerability : CVE-2025-59378
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In guix-daemon in GNU Guix before 1618ca7, a content-addressed-mirrors file can be written to create a setuid program that allows a regular user to gain the...
SUSE CVE-2025-59378
In guix-daemon in GNU Guix before 1618ca7, a content-addressed-mirrors file can be written to create a setuid program that allows a regular user to gain the privileges of the build user that runs it even after the build has ended...
CVE-2025-59378
In guix-daemon in GNU Guix before 1618ca7, a content-addressed-mirrors file can be written to create a setuid program that allows a regular user to gain the privileges of the build user that runs it even after the build has ended...
CVE-2025-59378
In guix-daemon in GNU Guix before 1618ca7, a content-addressed-mirrors file can be written to create a setuid program that allows a regular user to gain the privileges of the build user that runs it even after the build has ended...
DEBIAN-CVE-2025-59378
In guix-daemon in GNU Guix before 1618ca7, a content-addressed-mirrors file can be written to create a setuid program that allows a regular user to gain the privileges of the build user that runs it even after the build has ended...
UBUNTU-CVE-2025-59378
In guix-daemon in GNU Guix before 1618ca7, a content-addressed-mirrors file can be written to create a setuid program that allows a regular user to gain the privileges of the build user that runs it even after the build has ended...
CVE-2025-59378
In guix-daemon in GNU Guix before 1618ca7, a content-addressed-mirrors file can be written to create a setuid program that allows a regular user to gain the privileges of the build user that runs it even after the build has ended...
CVE-2025-59378
The CVE-2025-59378 entry concerns guix-daemon in GNU Guix prior to commit 1618ca7. A content-addressed-mirrors file can be written to create a setuid program, allowing a regular user to gain the privileges of the build user that runs it (even after the build ends). Impact is local privilege escal...
CVE-2025-59378
In guix-daemon in GNU Guix before 1618ca7, a content-addressed-mirrors file can be written to create a setuid program that allows a regular user to gain the privileges of the build user that runs it even after the build has ended...
Linux Distros Unpatched Vulnerability : CVE-2021-27851
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A security vulnerability that can lead to local privilege escalation has been found in 'guix-daemon'. It affects multi-user setups in which 'guix-daemon' runs...
Linux Distros Unpatched Vulnerability : CVE-2024-52867
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - guix-daemon in GNU Guix before 5ab3c4c allows privilege escalation because build outputs are accessible by local users before file metadata concerns e.g., for...
PT-2025-37452
Name of the Vulnerable Software and Affected Versions: GNU Guix versions prior to 1618ca7 Description: A content-addressed-mirrors file can be written to create a setuid program. This allows a regular user to gain the privileges of the build user, even after the build process has completed...
SUSE CVE-2024-52867
guix-daemon in GNU Guix before 5ab3c4c allows privilege escalation because build outputs are accessible by local users before file metadata concerns e.g., for setuid and setgid programs are properly addressed. The vulnerability can be remediated within the product via certain pull, reconfigure, a...
CVE-2024-52867
guix-daemon in GNU Guix before 5ab3c4c allows privilege escalation because build outputs are accessible by local users before file metadata concerns e.g., for setuid and setgid programs are properly addressed. The vulnerability can be remediated within the product via certain pull, reconfigure, a...
CVE-2024-52867
guix-daemon in GNU Guix before 5ab3c4c allows privilege escalation because build outputs are accessible by local users before file metadata concerns e.g., for setuid and setgid programs are properly addressed. The vulnerability can be remediated within the product via certain pull, reconfigure, a...
CVE-2024-52867
guix-daemon in GNU Guix before 5ab3c4c allows privilege escalation because build outputs are accessible by local users before file metadata concerns e.g., for setuid and setgid programs are properly addressed. The vulnerability can be remediated within the product via certain pull, reconfigure, a...
DEBIAN-CVE-2024-52867
guix-daemon in GNU Guix before 5ab3c4c allows privilege escalation because build outputs are accessible by local users before file metadata concerns e.g., for setuid and setgid programs are properly addressed. The vulnerability can be remediated within the product via certain pull, reconfigure, a...