8 matches found
EUVD-2024-0149
Malicious code in bioql PyPI...
CVE-2016-20021
In Gentoo Portage before 3.0.47, there is missing PGP validation of executed code: the standalone emerge-webrsync downloads a .gpgsig file but does not perform signature verification. Unless emerge-webrsync is used, Portage is not vulnerable...
GHSA-PW5X-X5JW-CCMH Gentoo Portage missing PGP validation of executed code
In Gentoo Portage before 3.0.47, there is missing PGP validation of executed code: the standalone emerge-webrsync downloads a .gpgsig file but does not perform signature verification...
CVE-2016-20021
In Gentoo Portage before 3.0.47, there is missing PGP validation of executed code: the standalone emerge-webrsync downloads a .gpgsig file but does not perform signature verification. Unless emerge-webrsync is used, Portage is not vulnerable...
Code injection
In Gentoo Portage before 3.0.47, there is missing PGP validation of executed code: the standalone emerge-webrsync downloads a .gpgsig file but does not perform signature verification. Unless emerge-webrsync is used, Portage is not vulnerable...
PYSEC-2024-10
In Gentoo Portage before 3.0.47, there is missing PGP validation of executed code: the standalone emerge-webrsync downloads a .gpgsig file but does not perform signature verification. Unless emerge-webrsync is used, Portage is not vulnerable...
CVE-2016-20021
In Gentoo Portage before 3.0.47, there is missing PGP validation of executed code: the standalone emerge-webrsync downloads a .gpgsig file but does not perform signature verification. Unless emerge-webrsync is used, Portage is not vulnerable...
FreeBSD mbuf本地权限提升漏洞
BUGTRAQ ID: 41577 CVE ID: CVE-2010-2693 FreeBSD就是一种运行在Intel平台上、可以自由使用的开放源码Unix类系统。 mbuf是FreeBSD内核进程间通讯和联网子系统中的基础内存管理单元。网络报文和套接字缓冲区依赖于mbuf进行存储。 在复制mbuf缓冲区引用时没有正确地拷贝只读标志,如果使用sendfile2系统调用在回环接口上传输数据,就可能导致修改所传送数据的后端内存页,造成数据破坏。本地攻击者可以通过精心控制系统文件的破坏情况来利用这种数据破坏提升权限。请注意攻击者可以破坏任意可读访问的文件。 FreeBSD FreeBSD 8....