CVE-2026-8364

Gladinet Triofox Cloud Server Agent Access Service GladServerAgentService.exe listens on TCP port 7878 and processes remote HTTP messages with URL paths starting with /resources, /status, /sysinfo, /woshome, /Settings, /schedule, or /DavCache...

LibreNMS is Vulnerable to Remote Code Execution by Arbitrary File Write

Summary A vulnerability has been identified that allows an authenticated administrator to execute arbitrary code on the host server. By modifying the binary path settings for built-in network tools and bypassing an input filter, an attacker with administrative privileges can download and execute...

CVE-2025-59542

Chamilo is a learning management system. Prior to version 1.11.34, there is a stored cross-site scripting XSS vulnerability. By injecting malicious JavaScript into the course learning path Settings field, an attacker with a low-privileged account e.g., trainer can execute arbitrary JavaScript cod...

CVE-2023-53979

MyBB 1.8.32 contains a chained vulnerability that allows authenticated administrators to bypass avatar upload restrictions and execute arbitrary code. Attackers can modify upload path settings, upload a malicious PHP-embedded image file, and execute commands through the language configuration...

CVE-2023-53979

Summary of the vulnerability (CVE-2023-53979) : MyBB 1.8.32 contains a chained vulnerability that authenticated administrators can exploit to bypass avatar upload restrictions and achieve remote code execution. The attack leverages the ability to modify upload path settings, upload a PHP-embedded...

DEBIAN-CVE-2020-12641

rcubeimage.php in Roundcube Webmail before 1.4.4 allows attackers to execute arbitrary code via shell metacharacters in a configuration setting for imconvertpath or imidentifypath...

openSUSE: Security Advisory for util-linux (openSUSE-SU-2019:2121-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2019-18996

Path settings in HMIStudio component of ABB PB610 Panel Builder 600 versions 2.8.0.424 and earlier accept DLLs outside of the program directory, potentially allowing an attacker with access to the local file system the execution of code in the application’s context...

openSUSE Security Update : util-linux and shadow (openSUSE-2019-2175)

This update for util-linux and shadow fixes the following issues : util-linux : - Fixed an issue where PATH settings in /etc/default/su being ignored bsc1121197 - Prevent outdated pam files bsc1082293. - Do not trim read-only volumes bsc1106214. - Integrate pamkeyinit pam module to login...

OPENSUSE-SU-2019:2175-1 Security update for util-linux and shadow

This update for util-linux and shadow fixes the following issues: util-linux: - Fixed an issue where PATH settings in /etc/default/su being ignored bsc1121197 - Prevent outdated pam files bsc1082293. - Do not trim read-only volumes bsc1106214. - Integrate pamkeyinit pam module to login bsc1081947...

Security update for util-linux and shadow (moderate)

openSUSE Security Update: Security update for util-linux and shadow Announcement ID: openSUSE-SU-2019:2175-1 Rating: moderate References: 1081947 1082293 1085196 1106214 1121197 1122417 1125886 1135534 1135708 353876 Affected Products: openSUSE Leap 15.0 An update that contains security fixes can...

SUSE SLED15 / SLES15 Security Update : util-linux / shadow (SUSE-SU-2019:2392-1)

This update for util-linux and shadow fixes the following issues : util-linux : Fixed an issue where PATH settings in /etc/default/su being ignored bsc1121197 Prevent outdated pam files bsc1082293. Do not trim read-only volumes bsc1106214. Integrate pamkeyinit pam module to login bsc1081947...

SUSE-SU-2019:2392-1 Security update for util-linux and shadow

This update for util-linux and shadow fixes the following issues: util-linux: - Fixed an issue where PATH settings in /etc/default/su being ignored bsc1121197 - Prevent outdated pam files bsc1082293. - Do not trim read-only volumes bsc1106214. - Integrate pamkeyinit pam module to login bsc1081947...

openSUSE Security Update : util-linux and shadow (openSUSE-2019-2121)

This update for util-linux and shadow fixes the following issues : util-linux : - Fixed an issue where PATH settings in /etc/default/su being ignored bsc1121197 - Prevent outdated pam files bsc1082293. - De-duplicate fstrim -A properly bsc1127701. - Do not trim read-only volumes bsc1106214. -...

OPENSUSE-SU-2019:2121-1 Security update for util-linux and shadow

This update for util-linux and shadow fixes the following issues: util-linux: - Fixed an issue where PATH settings in /etc/default/su being ignored bsc1121197 - Prevent outdated pam files bsc1082293. - De-duplicate fstrim -A properly bsc1127701. - Do not trim read-only volumes bsc1106214. -...

Security update for util-linux and shadow (moderate)

openSUSE Security Update: Security update for util-linux and shadow Announcement ID: openSUSE-SU-2019:2121-1 Rating: moderate References: 1081947 1082293 1085196 1106214 1121197 1122417 1125886 1127701 1135534 1135708 1141113 353876 Affected Products: openSUSE Leap 15.1 An update that contains...

SUSE SLED15 / SLES15 Security Update : util-linux / shadow (SUSE-SU-2019:2307-1)

This update for util-linux and shadow fixes the following issues : util-linux : Fixed an issue where PATH settings in /etc/default/su being ignored bsc1121197 Prevent outdated pam files bsc1082293. De-duplicate fstrim -A properly bsc1127701. Do not trim read-only volumes bsc1106214. Integrate...

Internet Bug Bounty: Windows builds with insecure path defaults (CVE-2019-1552)

Advisory: https://www.openssl.org/news/secadv/20190730.txt Severity: Low OpenSSL has internal defaults for a directory tree where it can find a configuration file as well as certificates used for verification in TLS. This directory is most commonly referred to as OPENSSLDIR, and is configurable...

Fedora 19 : qt3-3.3.8b-58.fc19 (2014-6896)

This update fixes a DoS in the Qt 3 GIF image handler CVE-2014-0190, QTBUG-38367, through a patch backported from Qt 4. It also fixes the path settings in qt.sh for ppc64le, and in qt.csh for both ppc64 and ppc64le. Note that Tenable Network Security has extracted the preceding description block...

PostgreSQL security-definer function privilege escalation

Untrusted search path vulnerability in PostgreSQL before 7.3.19, 7.4.x before 7.4.17, 8.0.x before 8.0.13, 8.1.x before 8.1.9, and 8.2.x before 8.2.4 allows remote authenticated users, when permitted to call a SECURITY DEFINER function, to gain the privileges of the function owner, related to...