Rsync 后置链接漏洞

Rsync is a fast and versatile file copying tool developed by RsyncProject. It is used for both remote and local files. Versions of Rsync 3.4.2 and earlier have a post-release vulnerability due to a symbolic link race condition in the path system call. Local attackers can redirect operations to...

Huawei EulerOS: Security Advisory for ruby (EulerOS-SA-2026-1215)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2017-18689

An issue was discovered on Samsung mobile devices with M6.0 and N7.0 Exynos5433, Exynos7420, or Exynos7870 chipsets software. An attacker can bypass a ko aka Kernel Module signature by modifying the count of kernel modules. The Samsung ID is SVE-2016-7466 January 2017...

CVE-2025-52881

CVE-2025-52881 affects runc (versions 1.2.7, 1.3.2, 1.4.0-rc.2). The issue lets an attacker redirect writes to /proc to other procfs files via a racing container with shared mounts (verified in Dockerfile-based parallel builds). This can enable container escape with high impact. Fixed in 1.2.8, 1...

EUVD-2021-13350

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2020-13677

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Under some circumstances, the Drupal core JSON:API module does not properly restrict access to certain content, which may result in unintended access bypass...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from mishandling of the anoninode security context could lead to LSM bypass...

Browser Use allows bypassing `allowed_domains` by putting a decoy domain in http auth username portion of a URL

Summary During a manual source code review, ARIMLABS.AI researchers identified that the browseruse module includes an embedded whitelist functionality to restrict URLs that can be visited. This restriction is enforced during agent initialization. However, it was discovered that these measures can...

Linux Distros Unpatched Vulnerability : CVE-2014-9645

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The addprobe function in modutils/modprobe.c in BusyBox before 1.23.0 allows local users to bypass intended restrictions on loading kernel modules via a / slash...

USN-6474-1 xrdp vulnerabilities

It was discovered that xrdp incorrectly handled validation of client-supplied data, which could lead to out-of-bounds reads. An attacker could possibly use this issue to crash the program or extract sensitive information. CVE-2022-23479, CVE-2022-23481, CVE-2022-23483, CVE-2023-42822 It was...

Important: nodejs

Issue Overview: The use of Module.load can bypass the policy mechanism and require modules outside of the policy.json definition for a given module. Please note that at the time this CVE was issued, the policy mechanism is an experimental feature of Node.js. Impacts: This vulnerability affects al...

CVE-2023-32002

The use of Module.load can bypass the policy mechanism and require modules outside of the policy.json definition for a given module. This vulnerability affects all users using the experimental policy mechanism in all active release lines: 16.x, 18.x and, 20.x. Please note that at the time this CV...

CVE-2023-32002

CVE-2023-32002 concerns Node.js where the policy mechanism (experimental) can be bypassed via Module._load() , allowing modules outside policy.json. The CVE affects all supported lines using the experimental policy (Node.js 16.x, 18.x, 20.x). Connected advisories confirm affected packages as Node...

[SECURITY] [DSA 2267-1] perl security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2267-1 [email protected] http://www.debian.org/security/ Moritz Muehlenhoff July 01, 2011 http://www.debian.org/security/faq -...