EUVD-2014-3232

Malware in sbrugna...

EUVD-2012-3446

Malware in sbrugna...

EUVD-2024-19623

Malicious code in bioql PyPI...

Important: golang

Issue Overview: html/template: improper handling of empty HTML attributes. The go command may generate unexpected code at build time when using cgo. This may result in unexpected behavior when running a go program which uses cgo. This may occur when running an untrusted module which contains...

CVE-2006-3378

passwd command in shadow in Ubuntu 5.04 through 6.06 LTS, when called with the -f, -g, or -s flag, does not check the return code of a setuid call, which might allow local users to gain root privileges if setuid fails in cases such as PAM failures or resource limits...

rsynxOSX.txt

Product: RsyncX is a frontend for rsync running on OS X, with additional features such as crontab editing. http://www.macosxlabs.org/rsyncx/rsyncx.html Problems: 1 RsyncX is installed setuid root and setgid wheel. Upon execution, the program drops root privileges only via seteuidgetuid . However ...

CVE-2004-0172

Heap-based buffer overflow in the searchforcommand function of ltrace 0.3.10, if it is installed setuid, could allow local users to execute arbitrary code via a long filename. NOTE: It is unclear whether there are any packages that install ltrace as a setuid program, so this candidate might be...