EUVD-2026-32648

pamusb provides hardware authentication for Linux using ordinary removable media. Prior to 0.9.1, src/log.c contains a process-wide static pointer that is written on every PAM invocation with the address of a stack-local variable. This violates the PAM re-entrancy requirement and creates a data...

CVE-2026-48066

pamusb provides hardware authentication for Linux using ordinary removable media. Prior to 0.9.1, src/log.c contains a process-wide static pointer that is written on every PAM invocation with the address of a stack-local variable. This violates the PAM re-entrancy requirement and creates a data...

EUVD-2018-8178

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2019-18932

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - log.c in Squid Analysis Report Generator sarg through 2.3.11 allows local privilege escalation. By default, it uses a fixed temporary directory /tmp/sarg. As th...

CVE-2021-47145

In the Linux kernel, the following vulnerability has been resolved: btrfs: do not BUGON in linktofixupdir While doing error injection testing I got the following panic kernel BUG at fs/btrfs/tree-log.c:1862! invalid opcode: 0000 1 SMP NOPTI CPU: 1 PID: 7836 Comm: mount Not tainted 5.13.0-rc1+ 305...

CVE-2021-47145

CVE-2021-47145 affects the Linux kernel (btrfs) where a BUG_ON in link_to_fixup_dir can trigger a kernel panic during error paths in log recovery. The description shows a replay/recover flow (replay_one_buffer, btrfs_recover_log_trees, open_ctree) panicking with an invalid opcode in fs/btrfs/tree...

CVE-2021-47145

In the Linux kernel, the following vulnerability has been resolved: btrfs: do not BUGON in linktofixupdir While doing error injection testing I got the following panic kernel BUG at fs/btrfs/tree-log.c:1862! invalid opcode: 0000 1 SMP NOPTI CPU: 1 PID: 7836 Comm: mount Not tainted 5.13.0-rc1+ 305...

DEBIAN-CVE-2019-18932

log.c in Squid Analysis Report Generator sarg through 2.3.11 allows local privilege escalation. By default, it uses a fixed temporary directory /tmp/sarg. As the root user, sarg creates this directory or reuses an existing one in an insecure manner. An attacker can pre-create the directory, and...

UBUNTU-CVE-2019-18932

log.c in Squid Analysis Report Generator sarg through 2.3.11 allows local privilege escalation. By default, it uses a fixed temporary directory /tmp/sarg. As the root user, sarg creates this directory or reuses an existing one in an insecure manner. An attacker can pre-create the directory, and...

CVE-2019-18932

log.c in Squid Analysis Report Generator sarg through 2.3.11 allows local privilege escalation. By default, it uses a fixed temporary directory /tmp/sarg. As the root user, sarg creates this directory or reuses an existing one in an insecure manner. An attacker can pre-create the directory, and...

CVE-2018-16328

In ImageMagick before 7.0.8-8, a NULL pointer dereference exists in the CheckEventLogging function in MagickCore/log.c...

CVE-2018-16328

In ImageMagick before 7.0.8-8, a NULL pointer dereference exists in the CheckEventLogging function in MagickCore/log.c...

Null pointer dereference

In ImageMagick before 7.0.8-8, a NULL pointer dereference exists in the CheckEventLogging function in MagickCore/log.c...

CVE-2018-16328

In ImageMagick before 7.0.8-8, a NULL pointer dereference exists in the CheckEventLogging function in MagickCore/log.c...

Null pointer dereference

The formatline function in log.c in libavutil in FFmpeg before 1.2.1 uses inapplicable offset data during a certain category calculation, which allows remote attackers to cause a denial of service invalid pointer dereference and application crash via crafted data that triggers a log message...

CVE-2013-3671

CVE-2013-3671 is a FFmpeg vulnerability in which the format_line function in log.c (libavutil) uses inapplicable offset data during a category calculation, enabling a remote attacker to trigger a denial of service via crafted data that triggers a log message. The connected advisories (MGASA-2013-...

CVE-2011-0017

The openlog function in log.c in Exim 4.72 and earlier does not check the return value from 1 setuid or 2 setgid system calls, which allows local users to append log data to arbitrary files via a symlink attack...

CVE-2011-0017

The openlog function in log.c in Exim 4.72 and earlier does not check the return value from 1 setuid or 2 setgid system calls, which allows local users to append log data to arbitrary files via a symlink attack...

CVE-2011-0017

Exim has a local-privilege-attack vulnerability (CVE-2011-0017) in open_log() for Exim 4.72 and earlier, where return values from setuid/setgid are not checked, enabling a local user to append log data to arbitrary files via a symlink attack. Public advisories and patch notes indicate this was ad...

CVE-2011-0017

The openlog function in log.c in Exim 4.72 and earlier does not check the return value from 1 setuid or 2 setgid system calls, which allows local users to append log data to arbitrary files via a symlink attack...