EUVD-2019-6457

Malware in sbrugna...

EUVD-2025-18408

Malicious code in bioql PyPI...

UNIX Symbolic Link (Symlink) Following

Overview Impact Arbitrary File Creation, Arbitrary File Overwrite, Arbitrary Code Execution @npmcli/arborist, the library that calculates dependency trees and manages the nodemodules folder hierarchy for the npm command line interface, aims to guarantee that package dependency contracts will be...

MGASA-2020-0365 Updated postgresql packages fix security vulnerabilities

It was found that PostgreSQL versions before 12.4, before 11.9 and before 10.14 did not properly sanitize the searchpath during logical replication. An authenticated attacker could use this flaw in an attack similar to CVE-2018-1058, in order to execute arbitrary SQL command in the context of the...

SNAP Innovation's PrimeBase Database 4.2 poor default file permissions.

SNAP Innovation's PrimeBase Database 4.2 poor default file permissions and use of symlinks during install. September 1, 2003 I. BACKGROUND From the readme.txt file "The PrimeBase Database Server is a relational Database Management System DBMS for Mac, UNIX and Windows platforms. The PrimeBase...

majordomo.1.94.4.txt

Hi, I found something to discuss, this time involving majordomo. This was tested on a Slackware linux 8.0 kernel 2.4.8; majordomo version 1.94.4, I also tested the other versions and all default installs had the same problem, note that the versions 1.94.1 an 1.94.2 should NOT be used anymore, tho...