6 matches found
CVE-2026-54328
Pi is a minimal terminal coding harness. From 0.74.0 until 0.78.1, Pi versions with temporary npm or git extension package installs used predictable paths under the operating system temporary directory. On Linux-based multi-user systems, a local attacker who can write to the shared temporary...
MiracleLinux 8 : grub2-2.02-156.el8.ML.1 (AXSA:2024-8448:04)
The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8448:04 advisory. grub2: grub2-set-bootflag can be abused by local pseudo-users CVE-2024-1048 grub2: Out-of-bounds write at fs/ntfs.c may lead to unsigned code...
CVE-2021-45335
Sandbox component in Avast Antivirus prior to 20.4 has an insecure permission which could be abused by local user to control the outcome of scans, and therefore evade detection or delete arbitrary system files...
DEBIAN-CVE-2021-35938
A symbolic link issue was found in rpm. It occurs when rpm sets the desired permissions and credentials after installing a file. A local unprivileged user could use this flaw to exchange the original file with a symbolic link to a security-critical file and escalate their privileges on the system...
CVE-2021-45335
CVE-2021-45335 affects Avast Antivirus: the sandbox component prior to version 20.4 has an insecure permission, enabling a local user to influence scan outcomes and potentially evade detection or delete arbitrary system files. Affected product is Avast Antivirus (sandbox module); root cause is an...
kernel: ptrace: Crash on PTRACE_{ATTACH,DETACH} race
Race condition in the ptrace and utrace support in the Linux kernel 2.6.9 through 2.6.25, as used in Red Hat Enterprise Linux RHEL 4, allows local users to cause a denial of service oops via a long series of PTRACEATTACH ptrace calls to another user's process that trigger a conflict between...