Lucene search
K

67 matches found

OSV
OSV
added 2025/12/06 10:15 p.m.4 views

UBUNTU-CVE-2025-40271

In the Linux kernel, the following vulnerability has been resolved: fs/proc: fix uaf in procreaddirde Pde is erased from subdir rbtree through rberase, but not set the node to EMPTY, which may result in uaf access. We should use RBCLEARNODE set the erased node to EMPTY, then pdesubdirnext will...

6.2AI score0.00517EPSS
Exploits3References36
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2006-3990

Malware in sbrugna...

7.5CVSS6.4AI score0.03352EPSS
Exploits1References8
OSSF Malicious Packages
OSSF Malicious Packages
added 2024/10/16 1:19 p.m.2 views

Malicious code in simple-app-subdir (npm)

--- -= Per source details. Do not edit below this line.=-...

7AI score
Exploits0
OSV
OSV
added 2024/10/16 1:19 p.m.6 views

MAL-2024-9846 Malicious code in simple-app-subdir (npm)

--- -= Per source details. Do not edit below this line.=-...

7.1AI score
Exploits0
OSV
OSV
added 2024/08/23 11:8 a.m.4 views

OESA-2024-2053 flatpak security update

flatpak is a system for building, distributing and running sandboxed desktop applications on Linux. See https://wiki.gnome.org/Projects/SandboxedApps for more information. Security Fixes: Flatpak is a Linux application sandboxing and distribution framework. Prior to versions 1.14.0 and 1.15.10, a...

10CVSS6.8AI score0.01283EPSS
Exploits1References2
OSV
OSV
added 2024/08/15 7:15 p.m.3 views

ALPINE-CVE-2024-42472

Flatpak is a Linux application sandboxing and distribution framework. Prior to versions 1.14.0 and 1.15.10, a malicious or compromised Flatpak app using persistent directories could access and write files outside of what it would otherwise have access to, which is an attack on integrity and...

10CVSS6.7AI score0.01283EPSS
Exploits1References1
OSV
OSV
added 2024/08/15 7:15 p.m.1 views

DEBIAN-CVE-2024-42472

Flatpak is a Linux application sandboxing and distribution framework. Prior to versions 1.14.0 and 1.15.10, a malicious or compromised Flatpak app using persistent directories could access and write files outside of what it would otherwise have access to, which is an attack on integrity and...

10CVSS8AI score0.01283EPSS
Exploits1References1
OSV
OSV
added 2024/08/15 7:15 p.m.8 views

UBUNTU-CVE-2024-42472

Flatpak is a Linux application sandboxing and distribution framework. Prior to versions 1.14.0 and 1.15.10, a malicious or compromised Flatpak app using persistent directories could access and write files outside of what it would otherwise have access to, which is an attack on integrity and...

10CVSS7AI score0.01283EPSS
Exploits1References5
SUSE CVE
SUSE CVE
added 2024/08/15 1:55 a.m.2 views

SUSE CVE-2024-42472

Flatpak is a Linux application sandboxing and distribution framework. Prior to versions 1.14.0 and 1.15.10, a malicious or compromised Flatpak app using persistent directories could access and write files outside of what it would otherwise have access to, which is an attack on integrity and...

8.4CVSS6.7AI score0.01283EPSS
Exploits1References9
Positive Technologies
Positive Technologies
added 2024/08/14 12:0 a.m.5 views

PT-2024-5878

Name of the Vulnerable Software and Affected Versions Flatpak versions prior to 1.14.0 and 1.15.10 Description The issue is related to how Flatpak handles persistent directories, allowing a malicious or compromised Flatpak app to access and write files outside of its intended sandbox. This is...

10CVSS8.6AI score0.01283EPSS
Exploits2References113
OSSF Malicious Packages
OSSF Malicious Packages
added 2024/06/25 1:50 p.m.4 views

Malicious code in capistrano_rails-subdir (RubyGems)

--- -= Per source details. Do not edit below this line.=-...

7AI score
Exploits0References1
OSV
OSV
added 2024/06/25 1:50 p.m.8 views

MAL-2024-6813 Malicious code in capistrano_rails-subdir (RubyGems)

--- -= Per source details. Do not edit below this line.=-...

7.1AI score
Exploits0References1
Wolfi
Wolfi
added 2024/03/06 12:31 a.m.423 views

GHSA-8R3F-844C-MC37 vulnerabilities

Vulnerabilities for packages: cortex, newrelic-infra-operator, aws-efs-csi-driver, gitsign, kubernetes-dns-node-cache, nerdctl, terraform, terraform-provider-google, conftest, crossplane-provider-aws-dynamodb, crossplane-provider-family-aws, grafana-operator, falcosidekick, src, golangci-lint,...

5.9AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2023/05/15 12:0 a.m.6 views

The vulnerability of the pde_subdir_find() function in the fs/proc/generic.c module of the Linux kernel allows a hacker to cause a service failure.

The vulnerability of the pdesubdirfind function in the fs/proc/generic.c module of the Linux kernel relates to the repeated use of previously freed memory, due to the lack of checks on the results of the functions being called. Exploiting this vulnerability could allow an attacker to cause a...

6.8CVSS6.4AI score0.02588EPSS
Exploits1References23Affected Software1
SUSE CVE
SUSE CVE
added 2023/02/15 5:57 a.m.4 views

SUSE CVE-2010-3077

Cross-site scripting XSS vulnerability in util/iconbrowser.php in the Horde Application Framework before 3.3.9 allows remote attackers to inject arbitrary web script or HTML via the subdir parameter...

4.3CVSS5.8AI score0.03893EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2023/02/15 4:3 a.m.4 views

SUSE CVE-2020-5283

ViewVC before versions 1.1.28 and 1.2.1 has a XSS vulnerability in CVS showsubdirlastmod support. The impact of this vulnerability is mitigated by the need for an attacker to have commit privileges to a CVS repository exposed by an otherwise trusted ViewVC instance that also has the...

3.5CVSS4.4AI score0.01216EPSS
Exploits1References7
Tenable Nessus
Tenable Nessus
added 2021/01/25 12:0 a.m.24 views

openSUSE Security Update : viewvc (openSUSE-2021-123)

This update for viewvc fixes the following issues : - update to 1.1.28 boo1167974, CVE-2020-5283 : - security fix: escape subdir lastmod file name 211 - fix standalone.py first request failure 195 - suppress stack traces with option to show 140 - distinguish text/binary/image files by icons 166,...

3.5CVSS5.2AI score0.01216EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2021/01/25 12:0 a.m.25 views

openSUSE Security Update : viewvc (openSUSE-2021-84)

This update for viewvc fixes the following issues : - update to 1.1.28 boo1167974, CVE-2020-5283 : - security fix: escape subdir lastmod file name 211 - fix standalone.py first request failure 195 - suppress stack traces with option to show 140 - distinguish text/binary/image files by icons 166,...

3.5CVSS5.2AI score0.01216EPSS
Exploits1References2
OPENSUSE Linux
OPENSUSE Linux
added 2021/01/19 12:0 a.m.23 views

Security update for viewvc (moderate)

openSUSE Security Update: Security update for viewvc Announcement ID: openSUSE-SU-2021:0119-1 Rating: moderate References: 1167974 Cross-References: CVE-2020-5283 Affected Products: openSUSE Backports SLE-15-SP1 An update that fixes one vulnerability is now available. Description: This update for...

3.5CVSS4.2AI score0.01216EPSS
Exploits1References1
OPENSUSE Linux
OPENSUSE Linux
added 2021/01/16 12:0 a.m.27 views

Security update for viewvc (moderate)

openSUSE Security Update: Security update for viewvc Announcement ID: openSUSE-SU-2021:0084-1 Rating: moderate References: 1167974 Cross-References: CVE-2020-5283 Affected Products: openSUSE Leap 15.1 An update that fixes one vulnerability is now available. Description: This update for viewvc fix...

3.5CVSS4.2AI score0.01216EPSS
Exploits1References1
Rows per page
Query Builder