HSEC-2026-0006 Cabal deletes project source files during configure

Cabal deletes project source files during configure The checkDuplicateHeaders function in Distribution.Simple.Configure removes header files from the source directory when a header with the same name exists in both the build directory and the source directory. This behavior was introduced in comm...

CVE-2024-39718

An improper input validation vulnerability that allows a low-privileged user to remotely remove files on the system with permissions equivalent to those of the service account...

CVE-2024-39718

An improper input validation vulnerability that allows a low-privileged user to remotely remove files on the system with permissions equivalent to those of the service account...

WordPress plugin Market Exporter security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exist...

Design/Logic Flaw

It has been discovered that lftp up to and including version 4.8.3 does not properly sanitize remote file names, leading to a loss of integrity on the local system when reverse mirroring is used. A remote attacker may trick a user to use reverse mirroring on an attacker controlled FTP server,...

bind security update

30:9.3.6-25.P1.3 - Fix CVE-2015-5477 30:9.3.6-25.P1.2 - Remove files backup after patching Related: 1171971 30:9.3.6-25.P1.1 - Fix CVE-2014-8500 1171971...

sssd: TOCTOU race conditions by copying and removing directory trees

System Security Services Daemon SSSD before 1.9.4, when 1 creating, 2 copying, or 3 removing a user home directory tree, allows local users to create, modify, or delete arbitrary files via a symlink attack on another user's files...

Kaspersky Antivirus ActiveX Unsafe Methods Vulnerability

This vulnerability allows remote attackers to download and remove any file on vulnerable installations of Kaspersky Anti-Virus. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaws exist within the ActiveX controls...

Xedus XSS

The remote host runs Xedus Peer to Peer webserver. This version is vulnerable to cross-site scripting attacks. With a specially crafted URL, an attacker can cause arbitrary code execution resulting in a loss of integrity. OpenVAS Vulnerability Test $Id: xedusxss.nasl 9087 2018-03-12 17:24:24Z...