16 matches found
EUVD-2001-1477
Malware in sbrugna...
EUVD-2024-0182
Malicious code in bioql PyPI...
CVE-2024-32645
Vyper is a pythonic Smart Contract Language for the Ethereum virtual machine. In versions 0.3.10 and prior, incorrect values can be logged when rawlog builtin is called with memory or storage arguments to be used as topics. A contract search was performed and no vulnerable contracts were found in...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from a condition that is not properly checked, which could lead to incorrect logging...
CVE-2024-32645 vyper performs incorrect topic logging in raw_log
Vyper is a pythonic Smart Contract Language for the Ethereum virtual machine. In versions 0.3.10 and prior, incorrect values can be logged when rawlog builtin is called with memory or storage arguments to be used as topics. A contract search was performed and no vulnerable contracts were found in...
Huawei EulerOS: Security Advisory for sudo (EulerOS-SA-2020-1279)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP2 : sudo (EulerOS-SA-2019-2414)
According to the version of the sudo package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - In Sudo before 1.8.28, an attacker with access to a Runas ALL sudoer account can bypass certain policy blacklists and session PAM modules, and can cau...
Exploit for Improper Handling of Exceptional Conditions in Sudo_Project Sudo
Sudo-Security-Bypass-CVE-2019-14287 ==========================...
CVE-2019-14287
In Sudo before 1.8.28, an attacker with access to a Runas ALL sudoer account can bypass certain policy blacklists and session PAM modules, and can cause incorrect logging, by invoking sudo with a crafted user ID. For example, this allows bypass of !root configuration, and USER= logging, for a "su...
CVE-2019-14287
In Sudo before 1.8.28, an attacker with access to a Runas ALL sudoer account can bypass certain policy blacklists and session PAM modules, and can cause incorrect logging, by invoking sudo with a crafted user ID. For example, this allows bypass of !root configuration, and USER= logging, for a "su...
CVE-2019-14287
In Sudo before 1.8.28, an attacker with access to a Runas ALL sudoer account can bypass certain policy blacklists and session PAM modules, and can cause incorrect logging, by invoking sudo with a crafted user ID. For example, this allows bypass of !root configuration, and USER= logging, for a “su...
CVE-2019-14287
In Sudo before 1.8.28, an attacker with access to a Runas ALL sudoer account can bypass certain policy blacklists and session PAM modules, and can cause incorrect logging, by invoking sudo with a crafted user ID. For example, this allows bypass of !root configuration, and USER= logging, for a "su...
CVE-2008-6519
Format string vulnerability in Xitami Web Server 2.2a through 2.5c2, and possibly other versions, allows remote attackers to cause a denial of service daemon crash and possibly execute arbitrary code via format string specifiers in a Long Running Web Process LRWP request, which triggers incorrect...
Format string
Multiple format string vulnerabilities in the SSI filter in Xitami Web Server 2.5c2, and possibly other versions, allow remote attackers to cause a denial of service daemon crash and possibly execute arbitrary code via format string specifiers in a URI that ends in 1 .ssi, 2 .shtm, or 3 .shtml,...
Format string
Format string vulnerability in Xitami Web Server 2.2a through 2.5c2, and possibly other versions, allows remote attackers to cause a denial of service daemon crash and possibly execute arbitrary code via format string specifiers in a Long Running Web Process LRWP request, which triggers incorrect...
CVE-2001-1500
ProFTPD 1.2.2rc2 (and possibly other versions) is affected by a DNS validation issue where reverse-resolved hostnames are not properly verified via forward resolution. This can allow remote attackers to bypass access control lists or log an incorrect client hostname. The available connected docum...