323 matches found
USN-8360-1: sslh vulnerability
It was discovered that sslh did not properly handle symbolic links when writing its PID file. A local attacker could possibly use this issue to overwrite arbitrary files...
Astra Linux - уязвимость в unbound
Unbound from NLnet Labs, including versions up to and including 1.12.0, and NSD from NLnet Labs, including versions up to and including 4.3.3, contain a local vulnerability that allows for a local symlink attack. When creating the PID file, Unbound and NSD either create the file if it does not...
CVE-2026-40977
A flaw was found in Spring Boot when an application is configured to use ApplicationPidFileWriter. A local attacker with write access to the PID file's location can exploit this vulnerability to corrupt one arbitrary file on the host each time the application is started. This can lead to data...
Linux Distros Unpatched Vulnerability : CVE-2026-40977
"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When an application is configured to use ApplicationPidFileWriter, a local attacker with write access to the PID file's location can corrupt one file on the ho...
CVE-2026-40977
When an application is configured to use ApplicationPidFileWriter, a local attacker with write access to the PID file's location can corrupt one file on the host each time the application is started. Affected: Spring Boot 4.0.0–4.0.5 fix 4.0.6, 3.5.0–3.5.13 fix 3.5.14, 3.4.0–3.4.15 fix 3.4.16,...
MiracleLinux 8 : unbound-1.7.3-15.el8 (AXSA:2021-2060:02)
The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-2060:02 advisory. unbound: integer overflow in the regional allocator via regionalalloc CVE-2019-25032 unbound: integer overflow in sldnsstr2wirednamebuforigin can le...
CVE-2022-50789
SOUND4 IMPACT/FIRST/PULSE/Eco =2.x contains a command injection vulnerability that allows local authenticated users to create malicious files in the /tmp directory with .dns.pid extension. Unauthenticated attackers can execute the malicious commands by making a single HTTP POST request to the...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: chrony (UTSA-2025-990681)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990681 advisory. A flaw was found in chrony versions before 3.5.1 when creating the PID file under the /var/run/chrony folder. The file is created during chronyd startup while still...
CVE-2025-61909
Icinga 2 is an open source monitoring system. From 2.10.0 to before 2.15.1, 2.14.7, and 2.13.13, the safe-reload script also used during systemctl reload icinga2 and logrotate configuration shipped with Icinga 2 read the PID of the main Icinga 2 process from a PID file writable by the daemon user...
Linux Distros Unpatched Vulnerability : CVE-2025-61909
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Icinga 2 is an open source monitoring system. From 2.10.0 to before 2.15.1, 2.14.7, and 2.13.13, the safe- reload script also used during systemctl reload icing...
CVE-2025-61909
Icinga 2 is an open source monitoring system. From 2.10.0 to before 2.15.1, 2.14.7, and 2.13.13, the safe-reload script also used during systemctl reload icinga2 and logrotate configuration shipped with Icinga 2 read the PID of the main Icinga 2 process from a PID file writable by the daemon user...
CVE-2025-61909
Icinga 2 is an open source monitoring system. From 2.10.0 to before 2.15.1, 2.14.7, and 2.13.13, the safe-reload script also used during systemctl reload icinga2 and logrotate configuration shipped with Icinga 2 read the PID of the main Icinga 2 process from a PID file writable by the daemon user...
UBUNTU-CVE-2025-61909
Icinga 2 is an open source monitoring system. From 2.10.0 to before 2.15.1, 2.14.7, and 2.13.13, the safe-reload script also used during systemctl reload icinga2 and logrotate configuration shipped with Icinga 2 read the PID of the main Icinga 2 process from a PID file writable by the daemon user...
CVE-2025-61909
CVE-2025-61909 affects Icinga 2: from 2.10.0 up to but not including 2.15.1, and also affected 2.14.7 and 2.13.13, the safe-reload script (used during icinga2 reload) and the logrotate config read the main Icinga 2 process PID from a PID file writable by the daemon user, but send signals as root....
EUVD-2025-34791
Icinga 2 is an open source monitoring system. From 2.10.0 to before 2.15.1, 2.14.7, and 2.13.13, the safe-reload script also used during systemctl reload icinga2 and logrotate configuration shipped with Icinga 2 read the PID of the main Icinga 2 process from a PID file writable by the daemon user...
CVE-2025-61909 Icinga 2 signals sent as root to processes based on PID file written by the Icinga 2 daemon user
Icinga 2 is an open source monitoring system. From 2.10.0 to before 2.15.1, 2.14.7, and 2.13.13, the safe-reload script also used during systemctl reload icinga2 and logrotate configuration shipped with Icinga 2 read the PID of the main Icinga 2 process from a PID file writable by the daemon user...
CVE-2025-61909 Icinga 2 signals sent as root to processes based on PID file written by the Icinga 2 daemon user
Icinga 2 is an open source monitoring system. From 2.10.0 to before 2.15.1, 2.14.7, and 2.13.13, the safe-reload script also used during systemctl reload icinga2 and logrotate configuration shipped with Icinga 2 read the PID of the main Icinga 2 process from a PID file writable by the daemon user...
EUVD-2017-11153
Malware in sbrugna...
EUVD-2017-9358
Malware in sbrugna...
EUVD-2012-5997
Malware in sbrugna...