Lucene search
K

4 matches found

RedHat Linux
RedHat Linux
added 2026/03/26 1:47 p.m.5 views

cmd/go: cmd/go: Arbitrary file write via malicious pkg-config directive

A flaw was found in cmd/go. An attacker can exploit this by building a malicious Go source file that uses the 'cgo pkg-config:' directive. This allows the attacker to write to an arbitrary file with partial control over its content, by providing a '--log-file' argument to the pkg-config command...

8.6CVSS7.2AI score0.00532EPSS
Exploits0References8
OSV
OSV
added 2026/01/28 8:16 p.m.7 views

AZL-78935 CVE-2025-61731 affecting package golang 1.25.7-1

Building a malicious file with cmd/go can cause can cause a write to an attacker-controlled file with partial control of the file content. The "cgo pkg-config:" directive in a Go source file provides command-line arguments to provide to the Go pkg-config command. An attacker can provide a...

8.6CVSS5.7AI score0.00532EPSS
Exploits0References1
NVD
NVD
added 2007/12/04 1:46 a.m.20 views

CVE-2007-6211

Send ICMP Nasty Garbage sing on Debian GNU/Linux allows local users to append to arbitrary files and gain privileges via the -L output log file option. NOTE: this issue is only a vulnerability in limited environments, since sing is not installed setuid, and the administrator would need to overrid...

7.2CVSS6.5AI score0.00889EPSS
Exploits1References6
NVD
NVD
added 2004/12/31 5:0 a.m.19 views

CVE-2004-2070

The Altiris Client Service for Windows 5.6 SP1 Hotfix E 5.6.181 allows local users to execute arbitrary commands by opening the AClient tray icon and using the View Log File option, a different vulnerability than CVE-2005-1590...

7.2CVSS7.2AI score0.00454EPSS
Exploits0References1
Rows per page
Query Builder