Advisory ROSA-SA-2025-3091

Software: python3-setuptools 39.2.0 OS: rosa-server79 unaffected versions = python3-setuptools-39.2.0-10.0.5.res7 affected versions python3-setuptools-39.2.0-10.0.5.res7 CVE-ID: CVE-2025-47273 BDU-ID: 2025-08604 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the setuptools project packaging...

CVE-2011-10018

myBB version 1.6.4 was distributed with an unauthorized backdoor embedded in the source code. The backdoor allowed remote attackers to execute arbitrary PHP code by injecting payloads into a specially crafted collapsed cookie. This vulnerability was introduced during packaging and was not part of...

CVE-2011-10018

myBB version 1.6.4 was distributed with an unauthorized backdoor embedded in the source code. The backdoor allowed remote attackers to execute arbitrary PHP code by injecting payloads into a specially crafted collapsed cookie. This vulnerability was introduced during packaging and was not part of...

CVE-2011-10018

CVE-2011-10018 affects myBB 1.6.4, where an unauthorized backdoor was embedded in the source during packaging, enabling remote PHP code execution via a crafted collapsed cookie with no authentication. Exploitation leads to full compromise of the web server under the web app’s context. No fix vers...

CVE-2011-10018 myBB 1.6.4 Backdoor Arbitrary Command Execution

myBB version 1.6.4 was distributed with an unauthorized backdoor embedded in the source code. The backdoor allowed remote attackers to execute arbitrary PHP code by injecting payloads into a specially crafted collapsed cookie. This vulnerability was introduced during packaging and was not part of...

PT-2025-33087 · Mybb · Mybb

Name of the Vulnerable Software and Affected Versions: myBB version 1.6.4 Description: myBB version 1.6.4 was distributed with an unauthorized backdoor embedded in the source code. This backdoor allowed remote attackers to execute arbitrary PHP code by injecting payloads into a specially crafted...

PT-2024-36409 · Dolby · Dolby Vision Provisioning

Name of the Vulnerable Software and Affected Versions: Dolby Vision Provisioning software versions prior to 2.0.0.2 Description: A potential information disclosure issue was reported in Lenovo's packaging of Dolby Vision Provisioning software that could allow a local attacker to read files on the...

SUSE CVE-2017-3291

Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Packaging. Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure...

SUSE CVE-2017-3312

Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Packaging. Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure...

PT-2020-19928 · Isi +1 · Inn +1

Name of the Vulnerable Software and Affected Versions: inn versions 2.6.2-lp152.1.26 and prior versions inn versions 2.6.2-4.2 and prior versions inn versions 2.5.4-lp151.3.3.1 and prior versions Description: A vulnerability in the packaging of inn in openSUSE allows local attackers with control ...

Design/Logic Flaw

The packaging of inn on SUSE Linux Enterprise Server 11; openSUSE Factory, Leap 15.1 allows local attackers to escalate from user inn to root via symlink attacks. This issue affects: SUSE Linux Enterprise Server 11 inn version 2.4.2-170.21.3.1 and prior versions. openSUSE Factory inn version...

ALPINE-CVE-2017-3291

Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Packaging. Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure...

Mandriva Linux Security Advisory : courier-authlib (MDVSA-2013:068)

When using the authpgsql module and if the Postgres server goes down, authpgsql will start leaking memory. A packaging flaw was discovered that caused the courier-authlib-devel package to be installed when installing for example maildrop. This update fixes both of these issues. %NASLMINLEVEL 7030...