CVE-2025-61786

Deno is a JavaScript, TypeScript, and WebAssembly runtime. In versions prior to 2.5.3 and 2.2.15, Deno.FsFile.prototype.stat and Deno.FsFile.prototype.statSync are not limited by the permission model check --deny-read=./. It's possible to retrieve stats from files that the user do not have explic...

kernel: RDMA/nldev: Prevent underflow in nldev_stat_set_counter_dynamic_doit()

In the Linux kernel, the following vulnerability has been resolved: RDMA/nldev: Prevent underflow in nldevstatsetcounterdynamicdoit This code checks "index" for an upper bound but it does not check for negatives. Change the type to unsigned to prevent underflows...

GHSA-XFXF-QW26-HR33 Arbitrary command execution in roar-pidusage

This affects all current versions of package roar-pidusage. If attacker-controlled user input is given to the stat function of this package on certain operating systems, it is possible for an attacker to execute arbitrary commands. This is due to use of the childprocess exec function without inpu...

Design/Logic Flaw

This affects all versions of package roar-pidusage. If attacker-controlled user input is given to the stat function of this package on certain operating systems, it is possible for an attacker to execute arbitrary commands. This is due to use of the childprocess exec function without input...

Arbitrary Command Injection

Overview roar-pidusage is a Cross-platform process cpu % and memory usage of a PID — Edit Affected versions of this package are vulnerable to Arbitrary Command Injection. If attacker-controlled user input is given to the stat function of this package on certain operating systems, it is possible f...

Coppermine Gallery 1.5.44 Directory Traversal

Coppermine Gallery = 1.5.44 directory traversal vulnerability ============================================================== Coppermine is a multi-purpose fully-featured and integrated web picture gallery script written in PHP using GD or ImageMagick as image library with a MySQL backend. A...