7 matches found
EUVD-2023-58208
Malicious code in bioql PyPI...
CVE-2024-38531 Nix sandbox escape
Nix is a package manager for Linux and other Unix systems that makes package management reliable and reproducible. A build process has access to and can change the permissions of the build directory. After creating a setuid binary in a globally accessible location, a malicious local user can assu...
CVE-2023-5936
On Unix systems Linux, MacOS, Arc uses a temporary file with unsafe privileges. By tampering with such file, a malicious local user in the system may be able to trigger arbitrary code execution with root privileges...
CVE-2019-3763
The RSA Identity Governance and Lifecycle software and RSA Via Lifecycle and Governance products prior to 7.1.0 P08 contain an information exposure vulnerability. The Office 365 user password may get logged in a plain text format in the Office 365 connector debug log file. An authenticated...
DSA-3161-1 dbus - security update
Bulletin has no description...
dbus: denial of service
Systemd sends back an ActivationFailure D-Bus signal if the activation fails. However, when it receives these signals, dbus-daemon does not verify that the signal actually came from systemd. A malicious local user could send repeated ActivationFailure signals in the hope that it would "win the...
mozilla -- insecure temporary directory vulnerability
A Mozilla Foundation Security Advisory reports: A predictable name is used for the plugin temporary directory. A malicious local user could symlink this to the victim's home directory and wait for the victim to run Firefox. When Firefox shuts down the victim's directory would be erased...