EUVD-2022-46453

Malicious code in bioql PyPI...

SUSE-SU-2025:02333-1 Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP7 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: - CVE-2023-52888: media: mediatek: vcodec: Only free buffer VA that is not NULL bsc1228557. - CVE-2024-49568: net/smc: check v2extoffset/eidcnt/ismgidcnt when...

Empc: Effective Path Prioritization for Symbolic Execution with Path Cover

Symbolic execution is a powerful program analysis technique that can formally reason the correctness of program behaviors and detect software bugs. It can systematically explore the execution paths of the tested program. But it suffers from an inherent limitation: path explosion. Path explosion...

CVE-2024-53122 mptcp: cope racing subflow creation in mptcp_rcv_space_adjust

In the Linux kernel, the following vulnerability has been resolved: mptcp: cope racing subflow creation in mptcprcvspaceadjust Additional active subflows - i.e. created by the in kernel path manager - are included into the subflow list before starting the 3whs. A racing recvmsg spooling data...

QNAP QTS Multiple Vulnerabilities (QSA-24-14)

QNAP QTS is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/o:qnap:qts"; ifdescription...

QNAP QuTS hero Multiple Vulnerabilities (QSA-24-14)

QNAP QuTS hero is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/o:qnap:qutshero"; ifdescriptio...

F5 Networks BIG-IP : BIG-IP TMM vulnerability (K91026261)

The version of F5 Networks BIG-IP installed on the remote host is prior to 11.6.3.3 / 12.1.4 / 13.1.1.2 / 14.0.0.3 / 14.1.0. It is, therefore, affected by a vulnerability as referenced in the K91026261 advisory. - On BIG-IP 11.5.1-11.6.3.2, 12.1.3.4-12.1.3.7, 13.0.0 HF1-13.1.1.1, and...

ManageEngine NetFlow Analyzer Multiple Path Traversal and File Access

ManageEngine NetFlow Analyzer prior to version 10 build 10250 is affected by the following directory traversal vulnerabilities : - User input to the 'schFilePath' parameter to CVSServlet or CReportPDFServlet is not properly sanitized. A remote attacker, using a specially crafted request, can...

PHPay 2.2 - Multiple Path Disclosure Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/7309/info phPay has been reported prone to multiple path disclosure vulnerabilities. It has been reported that when specially crafted requests are made for many phPay pages and include files, an error condition may be...

QNAP Turbo NAS Multiple Path Injection

Vulnerability: Multiple Path Injection Product: QNAP Turbo NAS Vendor: QNAP Version affected: = 3.7.3 build 20120801 Status: Unpatched Website: http://web.qnap.com/prodetailfeature.asp?pid=202 Discovered by: Andrea Fabrizi Email: [email protected] Web: http://www.andreafabrizi.it This...

Adobe ColdFusion Multiple Path Disclosure Vulnerabilities

The host is running Adobe ColdFusion and is prone to multiple path disclosure vulnerabilities. OpenVAS Vulnerability Test $Id: secpodadobecoldfusionmultiplepathdiscvuln.nasl 7029 2017-08-31 11:51:40Z teissa $ Adobe ColdFusion Multiple Path Disclosure Vulnerabilities Authors: Sooraj KS Copyright:...

sudo: insufficient environment sanitization issue

The secure path feature in env.c in sudo 1.3.1 through 1.6.9p22 and 1.7.0 through 1.7.2p6 does not properly handle an environment that contains multiple PATH variables, which might allow local users to gain privileges via a crafted value of the last PATH variable...

CVE-2010-1646

The secure path feature in env.c in sudo 1.3.1 through 1.6.9p22 and 1.7.0 through 1.7.2p6 does not properly handle an environment that contains multiple PATH variables, which might allow local users to gain privileges via a crafted value of the last PATH variable...

myEvent version 1.6 Multiple Path Disclosure Vulnerabilities

netVigilance Security Advisory 24 myEvent version 1.6 Multiple Path Disclosure Vulnerabilities Description: myEvent is Dynamic Calendar based Events Management system with admin panel for adding events, edit and delete built using PHP & mySQL. Display today's event and future events links on the...