67 matches found
UBUNTU-CVE-2025-40271
In the Linux kernel, the following vulnerability has been resolved: fs/proc: fix uaf in procreaddirde Pde is erased from subdir rbtree through rberase, but not set the node to EMPTY, which may result in uaf access. We should use RBCLEARNODE set the erased node to EMPTY, then pdesubdirnext will...
EUVD-2006-3990
Malware in sbrugna...
Malicious code in simple-app-subdir (npm)
--- -= Per source details. Do not edit below this line.=-...
MAL-2024-9846 Malicious code in simple-app-subdir (npm)
--- -= Per source details. Do not edit below this line.=-...
OESA-2024-2053 flatpak security update
flatpak is a system for building, distributing and running sandboxed desktop applications on Linux. See https://wiki.gnome.org/Projects/SandboxedApps for more information. Security Fixes: Flatpak is a Linux application sandboxing and distribution framework. Prior to versions 1.14.0 and 1.15.10, a...
ALPINE-CVE-2024-42472
Flatpak is a Linux application sandboxing and distribution framework. Prior to versions 1.14.0 and 1.15.10, a malicious or compromised Flatpak app using persistent directories could access and write files outside of what it would otherwise have access to, which is an attack on integrity and...
DEBIAN-CVE-2024-42472
Flatpak is a Linux application sandboxing and distribution framework. Prior to versions 1.14.0 and 1.15.10, a malicious or compromised Flatpak app using persistent directories could access and write files outside of what it would otherwise have access to, which is an attack on integrity and...
UBUNTU-CVE-2024-42472
Flatpak is a Linux application sandboxing and distribution framework. Prior to versions 1.14.0 and 1.15.10, a malicious or compromised Flatpak app using persistent directories could access and write files outside of what it would otherwise have access to, which is an attack on integrity and...
SUSE CVE-2024-42472
Flatpak is a Linux application sandboxing and distribution framework. Prior to versions 1.14.0 and 1.15.10, a malicious or compromised Flatpak app using persistent directories could access and write files outside of what it would otherwise have access to, which is an attack on integrity and...
PT-2024-5878
Name of the Vulnerable Software and Affected Versions Flatpak versions prior to 1.14.0 and 1.15.10 Description The issue is related to how Flatpak handles persistent directories, allowing a malicious or compromised Flatpak app to access and write files outside of its intended sandbox. This is...
Malicious code in capistrano_rails-subdir (RubyGems)
--- -= Per source details. Do not edit below this line.=-...
MAL-2024-6813 Malicious code in capistrano_rails-subdir (RubyGems)
--- -= Per source details. Do not edit below this line.=-...
GHSA-8R3F-844C-MC37 vulnerabilities
Vulnerabilities for packages: cortex, newrelic-infra-operator, aws-efs-csi-driver, gitsign, kubernetes-dns-node-cache, nerdctl, terraform, terraform-provider-google, conftest, crossplane-provider-aws-dynamodb, crossplane-provider-family-aws, grafana-operator, falcosidekick, src, golangci-lint,...
The vulnerability of the pde_subdir_find() function in the fs/proc/generic.c module of the Linux kernel allows a hacker to cause a service failure.
The vulnerability of the pdesubdirfind function in the fs/proc/generic.c module of the Linux kernel relates to the repeated use of previously freed memory, due to the lack of checks on the results of the functions being called. Exploiting this vulnerability could allow an attacker to cause a...
SUSE CVE-2010-3077
Cross-site scripting XSS vulnerability in util/iconbrowser.php in the Horde Application Framework before 3.3.9 allows remote attackers to inject arbitrary web script or HTML via the subdir parameter...
SUSE CVE-2020-5283
ViewVC before versions 1.1.28 and 1.2.1 has a XSS vulnerability in CVS showsubdirlastmod support. The impact of this vulnerability is mitigated by the need for an attacker to have commit privileges to a CVS repository exposed by an otherwise trusted ViewVC instance that also has the...
openSUSE Security Update : viewvc (openSUSE-2021-123)
This update for viewvc fixes the following issues : - update to 1.1.28 boo1167974, CVE-2020-5283 : - security fix: escape subdir lastmod file name 211 - fix standalone.py first request failure 195 - suppress stack traces with option to show 140 - distinguish text/binary/image files by icons 166,...
openSUSE Security Update : viewvc (openSUSE-2021-84)
This update for viewvc fixes the following issues : - update to 1.1.28 boo1167974, CVE-2020-5283 : - security fix: escape subdir lastmod file name 211 - fix standalone.py first request failure 195 - suppress stack traces with option to show 140 - distinguish text/binary/image files by icons 166,...
Security update for viewvc (moderate)
openSUSE Security Update: Security update for viewvc Announcement ID: openSUSE-SU-2021:0119-1 Rating: moderate References: 1167974 Cross-References: CVE-2020-5283 Affected Products: openSUSE Backports SLE-15-SP1 An update that fixes one vulnerability is now available. Description: This update for...
Security update for viewvc (moderate)
openSUSE Security Update: Security update for viewvc Announcement ID: openSUSE-SU-2021:0084-1 Rating: moderate References: 1167974 Cross-References: CVE-2020-5283 Affected Products: openSUSE Leap 15.1 An update that fixes one vulnerability is now available. Description: This update for viewvc fix...