EUVD-2024-43160

Malicious code in bioql PyPI...

EUVD-2022-52519

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2022-30688

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - needrestart 0.8 through 3.5 before 3.6 is prone to local privilege escalation. Regexes to detect the Perl, Python, and Ruby interpreters are not anchored,...

Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 24.10 : needrestart regression (USN-7117-3)

The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 24.10 host has a package installed that is affected by a vulnerability as referenced in the USN-7117-3 advisory. USN-7117-1 fixed vulnerabilities in needrestart. The update introduced a regression in needrestart. This...

SUSE CVE-2024-11003

Qualys discovered that needrestart, before version 3.8, passes unsanitized data to a library Modules::ScanDeps which expects safe input. This could allow a local attacker to execute arbitrary shell commands. Please see the related CVE-2024-10224 in Modules::ScanDeps...

The vulnerability of the needrestart utility, related to the uncontrolled element in the search process, allows a hacker to execute arbitrary code in the context of the root user.

The vulnerability of the needrestart utility is related to an uncontrolled element in the search process. Exploiting this vulnerability allows a malicious actor to execute arbitrary code in the context of the root user, when processing the RUBYLIB variable...

The vulnerability of the needrestart utility, related to the uncontrolled element in the search process, allows a hacker to execute arbitrary code in the context of the root user.

The vulnerability of the needrestart utility is related to an uncontrolled element in the search process. Exploiting this vulnerability allows a malicious actor to execute arbitrary code in the context of the root user by manipulating the PYTHONPATH variable during Python initialization...

The vulnerability of the needrestart utility, which stems from the failure to take measures to neutralize special elements used in the operating system’s command line, allows a malicious user to execute arbitrary shell commands with root privileges.

The vulnerability of the needrestart utility is related to the failure to take measures to neutralize special elements used in the operating system’s command syntax. Exploiting this vulnerability allows an attacker to execute arbitrary shell commands with root privileges...

DEBIAN-CVE-2024-11003

Qualys discovered that needrestart, before version 3.8, passes unsanitized data to a library Modules::ScanDeps which expects safe input. This could allow a local attacker to execute arbitrary shell commands. Please see the related CVE-2024-10224 in Modules::ScanDeps...

needrestart 权限许可和访问控制问题漏洞

needrestart is a tool by liske personal developer for checking which daemons need to be restarted after an upgrade. A security vulnerability exists in versions prior to needrestart 3.8, which stems from a vulnerability that allows a local attacker to execute arbitrary code as root by winning a ra...

needrestart 权限许可和访问控制问题漏洞

needrestart is a tool by liske personal developer for checking which daemons need to be restarted after an upgrade. A security vulnerability exists in versions prior to needrestart 3.8, which stems from a vulnerability that allows a local attacker to run the Python interpreter by tricking...

PT-2024-8544

Name of the Vulnerable Software and Affected Versions needrestart versions prior to 3.8 Module::ScanDeps versions prior to 3.8 Description The needrestart utility, versions prior to 3.8, contains a flaw due to improper handling of the PYTHONPATH environment variable. This allows local attackers t...

Privilege Escalation

needrestart is vulnerable to privilege escalation. The vulnerability exists when the library tries to detect if interpreters are using old source files...

CVE-2022-30688

needrestart 0.8 through 3.5 before 3.6 is prone to local privilege escalation. Regexes to detect the Perl, Python, and Ruby interpreters are not anchored, allowing a local user to escalate privileges when needrestart tries to detect if interpreters are using old source files...