7 matches found
Directory Traversal
Overview Affected versions of this package are vulnerable to Directory Traversal via the wheel installation process. An attacker can overwrite arbitrary files within the installing user's permissions by convincing a user to install a specially crafted Python wheel containing malicious entry-point...
MAL-2026-2271 Malicious code in metamask-api (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: kam193 d741c998a924aa720c19f13cbb622ebb5862abde8765dac7f8bb2cf1b219c3dc Clones of legitimate libraries with malicious modifications intended to download malicious remote code. The remote script allows executing arbitrary files...
UBUNTU-CVE-2021-21372
Nimble is a package manager for the Nim programming language. In Nim release version before versions 1.2.10 and 1.4.4, Nimble doCmd is used in different places and can be leveraged to execute arbitrary commands. An attacker can craft a malicious entry in the packages.json package list to trigger...
Linux kernel KVM virtualization subsystem elevation of privilege vulnerability
Linux kernel is the kernel used by Linux, the operating system released by the Linux Foundation in the U.S. The KVM virtualization subsystem is one of the KVM Kernel-based Virtual Machine virtualization subsystems. A security vulnerability exists in the KVM virtualization subsystem of the Linux...
Solaris Recommended Patch Cluster 619 (x86) - Local Privilege Escalation
Solaris Recommended Patch Cluster 619 x86 - Local Privilege Escalation Solaris Recommended Patch Cluster 6/19 local root on x86 Larry W. Cashdollar 7/3/2013 @larry0 If the system administrator is updating the system using update manager or smpatch multi user mode a local user could execute...
Oracle Outside In Paradox Database Stream Filter Denial of Service (CVE-2013-0393)
A denial of service vulnerability has been reported in Oracle Outside In, a set of libraries used to decode many file formats. The vulnerability is due to an error while processing Paradox databases that contain a malicious entry in a field description array. A remote attacker could trigger this...
GNU findutils 4.04.1 - Locate Arbitrary Command Execution
GNU findutils 4.04.1 - Locate Arbitrary Command Execution // source: https://www.securityfocus.com/bid/3127/info GNU locate is an application that searches file databases for file names that match user-supplied patterns. A boundary condition error can occur when the program reads database files...