glib2: Fix of 2 CVEs

CVE-2019-12450: fix insecure file permissions during copy operations - CVE-2019-13012: fix insecure directory and file permissions in keyfile settings backend...

CLSA-2026-1776346717 glib2: Fix of 2 CVEs

CVE-2019-12450: fix insecure file permissions during copy operations - CVE-2019-13012: fix insecure directory and file permissions in keyfile settings backend...

CLSA-2026-1776347560 glib2: Fix of 2 CVEs

CVE-2019-12450: fix insecure file permissions during copy operations - CVE-2019-13012: fix insecure directory and file permissions in keyfile settings backend...

JLSEC-2025-154 The keyfile settings backend in GNOME GLib (aka glib2.0) before 2.60.0 creates directories using g_f...

The keyfile settings backend in GNOME GLib aka glib2.0 before 2.60.0 creates directories using gfilemakedirectorywithparents kfsb-dir, NULL, NULL and files using gfilereplacecontents kfsb-file, contents, length, NULL, FALSE, GFILECREATEREPLACEDESTINATION, NULL, NULL, NULL. Consequently, it does n...

EUVD-2015-1552

Malware in sbrugna...

EUVD-2001-1060

Malware in sbrugna...

EUVD-2019-4703

Malware in sbrugna...

EUVD-2019-4585

Malware in sbrugna...

EUVD-2022-40324

Malicious code in bioql PyPI...

CVE-2025-34234

Summary: CVE-2025-34234 affects Vasion Print (formerly PrinterLogic) Virtual Appliance Host prior to 25.1.102 and Application prior to 25.1.1413. Two hardcoded private keys are shipped inside application containers (printerlogic/pi, printerlogic/printer-admin-api, printercloud/pi) and stored in p...

Linux Distros Unpatched Vulnerability : CVE-2019-13179

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Calamares versions 3.1 through 3.2.10 copies a LUKS encryption keyfile from /cryptokeyfile.bin mode 0600 owned by root to /boot within a globally readable...

Linux Distros Unpatched Vulnerability : CVE-2019-13178

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - modules/luksbootkeyfile/main.py in Calamares versions 3.1 through 3.2.10 has a race condition between the time when the LUKS encryption keyfile is created and...

CVE-2022-37710

Patterson Dental Eaglesoft 21 has AES-256 encryption but there are two ways to obtain a keyfile: 1 keybackup.data License Encryption Key or 2 Eaglesoft.Server.Configuration.data DbEncryptKeyPrimary Encryption Key. Applicable files are encrypted with keys and salt that are hardcoded into a DLL or...

Calamares Branding and Modules for NixOS 安全漏洞

Calamares Branding and Modules for NixOS is an open source module for NixOS. A security vulnerability exists in Calamares Branding and Modules for NixOS prior to version 0.3.17, which stems from a manual disk partition creation setting in the graphical installer, where the LUKS disk encryption ke...

CVE-2024-43378 calamares-nixos-extensions LUKS keyfile exposure regression on legacy BIOS systems

calamares-nixos-extensions provides Calamares branding and modules for NixOS, a distribution of GNU/Linux. Users who installed NixOS through the graphical installer who used manual disk partitioning to create a setup where the system was booted via legacy BIOS rather than UEFI; some disk partitio...

CVE-2024-43378 calamares-nixos-extensions LUKS keyfile exposure regression on legacy BIOS systems

calamares-nixos-extensions provides Calamares branding and modules for NixOS, a distribution of GNU/Linux. Users who installed NixOS through the graphical installer who used manual disk partitioning to create a setup where the system was booted via legacy BIOS rather than UEFI; some disk partitio...

PT-2024-30540 · Unknown · Calamares-Nixos-Extensions

Name of the Vulnerable Software and Affected Versions: calamares-nixos-extensions versions prior to 0.3.17 Description: The issue affects users who installed NixOS through the graphical installer using manual disk partitioning, where the system boots via legacy BIOS, some disk partitions are...

FreeBSD : FreeBSD -- GELI silently omits the keyfile if read from stdin (3fcab88b-47bc-11ee-8e38-002590c1f29c)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 3fcab88b-47bc-11ee-8e38-002590c1f29c advisory. - When GELI reads a key file from standard input, it does not reuse the key file to initialize multiple...

CVE-2023-36476 `calamares-nixos-extensions` LUKS keyfile exposure

calamares-nixos-extensions provides Calamares branding and modules for NixOS, a distribution of GNU/Linux. Users of calamares-nixos-extensions version 0.3.12 and prior who installed NixOS through the graphical calamares installer, with an unencrypted /boot, on either non-UEFI systems or with a LU...

CVE-2023-36476 `calamares-nixos-extensions` LUKS keyfile exposure

calamares-nixos-extensions provides Calamares branding and modules for NixOS, a distribution of GNU/Linux. Users of calamares-nixos-extensions version 0.3.12 and prior who installed NixOS through the graphical calamares installer, with an unencrypted /boot, on either non-UEFI systems or with a LU...