Mozilla Thunderbird < 137.0.2

The version of Thunderbird installed on the remote macOS or Mac OS X host is prior to 137.0.2. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2025-26 advisory. - When an email contains multiple attachments with external links via the...

Linux Distros Unpatched Vulnerability : CVE-2017-7500

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - It was found that rpm did not properly handle RPM installations when a destination path was a symbolic link to a directory, possibly changing ownership and...

Important: rsync

Issue Overview: A flaw was found in the rsync daemon which could be triggered when rsync compares file checksums. This flaw allows an attacker to manipulate the checksum length s2length to cause a comparison between a checksum and uninitialized memory and leak one byte of uninitialized stack data...

Important: rsync

Issue Overview: A flaw was found in the rsync daemon which could be triggered when rsync compares file checksums. This flaw allows an attacker to manipulate the checksum length s2length to cause a comparison between a checksum and uninitialized memory and leak one byte of uninitialized stack data...

[slackware-security] rsync

New rsync packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/rsync-3.4.0-i586-1slack15.0.txz: Upgraded. This is a security release, fixing several important security vulnerabilities: Heap Buffer...

Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS : rsync vulnerabilities (USN-7206-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7206-1 advisory. Simon Scannell, Pedro Gallegos, and Jasiel Spelman discovered that rsync did not properly...

rsync -- Multiple security fixes

rsync reports: This update includes multiple security fixes: CVE-2024-12084: Heap Buffer Overflow in Checksum Parsing CVE-2024-12085: Info Leak via uninitialized Stack contents defeats ASLR CVE-2024-12086: Server leaks arbitrary client files CVE-2024-12087: Server can make client write files...

USN-6940-2: snapd vulnerabilities

USN-6940-1 fixed vulnerabilities in snapd. This update provides the corresponding updates for Ubuntu 18.04 LTS and Ubuntu 16.04 LTS. Original advisory details: Neil McPhail discovered that snapd did not properly restrict writes to the /home/jslarraz/bin path in the AppArmor profile for snaps usin...

ROS-20241029-15

The vulnerability in the Podman OCI container management and launching software tool is related to issues with the symbolic link issues when running a malicious image using the automatically assigned user namespace --userns=auto. Exploitation of the vulnerability could allow an attacker to create...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from a long warning message in the PCI component when dealing with link issues...

Troubleshooting Network or Link Issues on NetScaler SD-WAN

Troubleshooting NetScaler SD-WAN network or link issues...

MGASA-2017-0394 Updated rpm package fixes security vulnerabilities

It was found that rpm did not properly handle RPM installations when a destination path was a symbolic link to a directory, possibly changing ownership and permissions of an arbitrary directory, and RPM files being placed in an arbitrary destination. An attacker, with write access to a directory ...

GitLab: GFM renderer leaks external issue tracker URL of private project

Vulnerability details The GFM renderer has the ability to cross-link issues between projects. When this project is private and the user doesn't have access, the link isn't made. This is good. However, when the private project has an external issue tracker set up, an attacker can extract the...

Workflow permission to limit ability to link issues

We need to be able to limit the ability to link issues by the issue status. If we have two issues, and they are both closed, I do not want to be able to link them. If one or both are opened or in progress, I'd like to be able to create the link from the open issue. We are trying to use Jira for...

Sudo symboli links problem

Unsafe temporary fiels access in sudo -u...

SuSE symbolic link problems

Symbolic link problems in /sbin/conf.d/SuSEconfig.susewm, /sbin/conf.d/SuSEconfig.javarunt...

Дырки в Ghostscript

Уязвимость символьных линков при создании временных файлов, кроме того при поиске динамических библиотек используется локальная папка...