NewStart CGSL MAIN 6.06 : krb5 Multiple Vulnerabilities (NS-SA-2025-0215)

The remote NewStart CGSL host, running version MAIN 6.06, has krb5 packages installed that are affected by multiple vulnerabilities: - plugins/preauth/pkinit/pkinitcryptoopenssl.c in MIT Kerberos 5 aka krb5 through 1.15.2 mishandles Distinguished Name DN fields, which allows remote attackers to...

Security Bulletin: Buffer overflow, uncontrolled recursion, and other vulnerabilities might affect IBM Storage Defender - Resiliency Service

Summary IBM Storage Defender - Resiliency Service is vulnerable to buffer overflow, uncontrolled recursion, and other. The vulnerabilities have been addressed. Vulnerability Details CVEID:CVE-2025-7969 DESCRIPTION: Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site...

USN-7781-1: Inetutils vulnerabilities

Matthew Hickey discovered that Inetutils did not correctly handle certain escape characters. An attacker could possibly use this issue to cause a denial of service. CVE-2019-0053 It was discovered that Inetutils did not correctly handle certain memory operations. An attacker could possibly use th...

ROS-20250923-02

Vulnerability in the setuid module of the Node.js software platform is related to context switching bugs privileges. Exploitation of the vulnerability could allow an attacker to escalate privileges...

CVE-2025-59378

In guix-daemon in GNU Guix before 1618ca7, a content-addressed-mirrors file can be written to create a setuid program that allows a regular user to gain the privileges of the build user that runs it even after the build has ended...

Huawei EulerOS: Security Advisory for glibc (EulerOS-SA-2025-2160)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS Virtualization 2.13.1 : glibc (EulerOS-SA-2025-2160)

According to the versions of the glibc packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : Untrusted LDLIBRARYPATH environment variable vulnerability in the GNU C Library version 2.27 to 2.38 allows attacker controlled...

EulerOS Virtualization 2.13.0 : glibc (EulerOS-SA-2025-2161)

According to the versions of the glibc packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : Untrusted LDLIBRARYPATH environment variable vulnerability in the GNU C Library version 2.27 to 2.38 allows attacker controlled...

EulerOS 2.0 SP13 : systemd (EulerOS-SA-2025-2151)

According to the versions of the systemd packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A vulnerability was found in systemd-coredump. This flaw allows an attacker to force a SUID process to crash and replace it with a non-SUID binar...

SUSE CVE-2025-59378

In guix-daemon in GNU Guix before 1618ca7, a content-addressed-mirrors file can be written to create a setuid program that allows a regular user to gain the privileges of the build user that runs it even after the build has ended...

CVE-2025-59378

In guix-daemon in GNU Guix before 1618ca7, a content-addressed-mirrors file can be written to create a setuid program that allows a regular user to gain the privileges of the build user that runs it even after the build has ended...

CVE-2025-59378

In guix-daemon in GNU Guix before 1618ca7, a content-addressed-mirrors file can be written to create a setuid program that allows a regular user to gain the privileges of the build user that runs it even after the build has ended...

DEBIAN-CVE-2025-59378

In guix-daemon in GNU Guix before 1618ca7, a content-addressed-mirrors file can be written to create a setuid program that allows a regular user to gain the privileges of the build user that runs it even after the build has ended...

UBUNTU-CVE-2025-59378

In guix-daemon in GNU Guix before 1618ca7, a content-addressed-mirrors file can be written to create a setuid program that allows a regular user to gain the privileges of the build user that runs it even after the build has ended...

GNU Guix 安全漏洞

GNU Guix is an open source, cross-platform package manager from the GNU community in the United States. A security vulnerability exists in versions of GNU Guix prior to 1618ca7, which stems from the fact that the content-addressed-mirrors file can be written to create the setuid program,...

CVE-2025-59378

In guix-daemon in GNU Guix before 1618ca7, a content-addressed-mirrors file can be written to create a setuid program that allows a regular user to gain the privileges of the build user that runs it even after the build has ended...

CVE-2025-59378

The CVE-2025-59378 entry concerns guix-daemon in GNU Guix prior to commit 1618ca7. A content-addressed-mirrors file can be written to create a setuid program, allowing a regular user to gain the privileges of the build user that runs it (even after the build ends). Impact is local privilege escal...

CVE-2025-59378

In guix-daemon in GNU Guix before 1618ca7, a content-addressed-mirrors file can be written to create a setuid program that allows a regular user to gain the privileges of the build user that runs it even after the build has ended...

CVE-2025-59378

In guix-daemon in GNU Guix before 1618ca7, a content-addressed-mirrors file can be written to create a setuid program that allows a regular user to gain the privileges of the build user that runs it even after the build has ended...

Huawei EulerOS: Security Advisory for glibc (EulerOS-SA-2025-2123)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...