4 matches found
EUVD-2022-31211
Malicious code in bioql PyPI...
CLSA-2025-1758031199 httpd: Fix of 2 CVEs
CVE-2024-47252: escape user-supplied data in modssl to prevent untrusted SSL/TLS clients from inserting escape characters into log files - CVE-2025-49812: remove support for TLS upgrade to prevent HTTP desynchronisation attack...
Azure Linux 3.0 Security Update: sriov-network-device-plugin / vitess (CVE-2024-45339)
The version of sriov-network-device-plugin / vitess installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-45339 advisory. - When logs are written to a widely-writable directory the default, an...
GO-2025-3372 Vulnerability when creating log files in github.com/golang/glog
When logs are written to a widely-writable directory the default, an unprivileged attacker may predict a privileged process's log file path and pre-create a symbolic link to a sensitive file in its place. When that privileged process runs, it will follow the planted symlink and overwrite that...