Tookie-OSINT 路径遍历漏洞

Tookie-OSINT is a cross-platform username discovery tool developed by Alfredredbird. Versions prior to Tookie-OSINT 4.1fix contained a path traversal vulnerability. This vulnerability stemmed from the use of user-input directly as file names in the auxiliary functions writetxt, writecsv, writejso...

CVE-2021-20197

There is an open race window when writing output in the following utilities in GNU binutils1: ar, objcopy, strip, and ranlib. When these utilities are run as a privileged user presumably as part of a script updating binaries across different users, an unprivileged user can trick these utilities...