15 matches found
Linux Distros Unpatched Vulnerability : CVE-2025-21887
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: ovl: fix UAF in ovldentryupdatereval by moving dput in ovllinkup The issue was caused by...
kernel: ovl: fix UAF in ovl_dentry_update_reval by moving dput() in ovl_link_up
A use after free vulnerability exists in the linux kernel such that dputupper is being called before ovldentryupdatereval, while upper-dflags was still accessed in ovldentryremote...
kernel: ovl: fix UAF in ovl_dentry_update_reval by moving dput() in ovl_link_up
A use after free vulnerability exists in the linux kernel such that dputupper is being called before ovldentryupdatereval, while upper-dflags was still accessed in ovldentryremote...
kernel: ovl: fix UAF in ovl_dentry_update_reval by moving dput() in ovl_link_up
A use after free vulnerability exists in the linux kernel such that dputupper is being called before ovldentryupdatereval, while upper-dflags was still accessed in ovldentryremote...
ovl: fix UAF in ovl_dentry_update_reval by moving dput() in ovl_link_up
...
DEBIAN-CVE-2025-21887
In the Linux kernel, the following vulnerability has been resolved: ovl: fix UAF in ovldentryupdatereval by moving dput in ovllinkup The issue was caused by dputupper being called before ovldentryupdatereval, while upper-dflags was still accessed in ovldentryremote. Move dputupper after its last...
CVE-2021-20579
IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server 9.7, 10.1, 10.5, 11.1, and 11.5 could allow a user who can create a view or inline SQL function to obtain sensitive information when AUTOREVAL is set to DEFFEREDFORCE. IBM X-Force ID: 199283...
Ubuntu: Security Advisory (USN-1129-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
DEBIAN-CVE-2010-1168
The Safe aka Safe.pm module before 2.25 for Perl allows context-dependent attackers to bypass intended 1 Safe::reval and 2 Safe::rdo access restrictions, and inject and execute arbitrary code, via vectors involving implicitly called methods and implicitly blessed objects, as demonstrated by the a...
Perl Safe Module 'reval()' and 'rdo()' Restriction-Bypass Vulnerabilities
The Perl Safe module is prone to multiple restriction-bypass vulnerabilities. Successful exploits could allow an attacker to execute arbitrary Perl code outside of the restricted root. Versions prior to Safe 2.27 are vulnerable. OpenVAS Vulnerability Test $Id: gbperlsafe40305.nasl 5323 2017-02-17...
Perl Safe Module 'reval()' and 'rdo()' Restriction-Bypass Vulnerabilities
The Perl Safe module is prone to multiple restriction-bypass vulnerabilities. Successful exploits could allow an attacker to execute arbitrary Perl code outside of the restricted root. Versions prior to Safe 2.25 are vulnerable. OpenVAS Vulnerability Test $Id: gbperlsafe40302.nasl 5323 2017-02-17...
perl: Safe restriction bypass when reference to subroutine in compartment is called from outside
The Safe aka Safe.pm module 2.26, and certain earlier versions, for Perl, as used in PostgreSQL 7.4 before 7.4.29, 8.0 before 8.0.25, 8.1 before 8.1.21, 8.2 before 8.2.17, 8.3 before 8.3.11, 8.4 before 8.4.4, and 9.0 Beta before 9.0 Beta 2, allows context-dependent attackers to bypass intended 1...
perl: Safe restriction bypass when reference to subroutine in compartment is called from outside
The Safe aka Safe.pm module 2.26, and certain earlier versions, for Perl, as used in PostgreSQL 7.4 before 7.4.29, 8.0 before 8.0.25, 8.1 before 8.1.21, 8.2 before 8.2.17, 8.3 before 8.3.11, 8.4 before 8.4.4, and 9.0 Beta before 9.0 Beta 2, allows context-dependent attackers to bypass intended 1...
DEBIAN-CVE-2010-1447
The Safe aka Safe.pm module 2.26, and certain earlier versions, for Perl, as used in PostgreSQL 7.4 before 7.4.29, 8.0 before 8.0.25, 8.1 before 8.1.21, 8.2 before 8.2.17, 8.3 before 8.3.11, 8.4 before 8.4.4, and 9.0 Beta before 9.0 Beta 2, allows context-dependent attackers to bypass intended 1...
DEBIAN-CVE-2002-1323
Safe.pm 2.0.7 and earlier, when used in Perl 5.8.0 and earlier, may allow attackers to break out of safe compartments in 1 Safe::reval or 2 Safe::rdo using a redefined @ variable, which is not reset between successive calls...