CVE-2025-61081

Rejected reason: DO NOT USE THIS CVE RECORD. ConsultIDs: none. Reason: This record was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none...

CVE-2025-61081

CVE-2025-61081 entry is rejected and not used.

CVE-2025-61081

DO NOT USE THIS CVE RECORD. ConsultIDs: none. Reason: This record was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none...

CVE-2025-61081

...

CVE-2025-61081

In BYD Atto3, an attacker can obtain an authentication key through Brute Force attack, which is permanently available. The authentication key enables flash to the Electronic Parking Break EPB and Supplemental Restoration System SRS related ECUs...

EUVD-2025-209899

In BYD Atto3, an attacker can obtain an authentication key through Brute Force attack, which is permanently available. The authentication key enables flash to the Electronic Parking Break EPB and Supplemental Restoration System SRS related ECUs...

JLSEC-2026-65

sshd in OpenSSH 6.2 through 8.x before 8.8, when certain non-default configurations are used, allows privilege escalation because supplemental groups are not initialized as expected. Helper programs for AuthorizedKeysCommand and AuthorizedPrincipalsCommand may run with privileges associated with...

EulerOS 2.0 SP11 : proftpd (EulerOS-SA-2026-1587)

According to the versions of the proftpd package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : In ProFTPD through 1.3.8b before cec01cc, supplemental group inheritance grants unintended access to GID 0 because of the lack of supplemental...

The Conduent breach; from 10 million to 25 million (and counting)

The Conduent breach has quietly grown into one of the biggest third‑party data incidents in US history, and the real story now is how many different programs and employers are swept up in it, even for people who have never heard of Conduent. When we first covered this incident, public filings...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000539)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000539 advisory. The Linux kernel through 3.17.4 does not properly restrict dropping of supplemental group memberships in certain namespace scenarios, which allows local users to...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002304)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002304 advisory. The Linux kernel through 3.17.4 does not properly restrict dropping of supplemental group memberships in certain namespace scenarios, which allows local users to...

EulerOS 2.0 SP12 : proftpd (EulerOS-SA-2026-1077)

According to the versions of the proftpd package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : In ProFTPD through 1.3.8b before cec01cc, supplemental group inheritance grants unintended access to GID 0 because of the lack of supplemental...

EulerOS 2.0 SP13 : proftpd (EulerOS-SA-2025-2528)

According to the versions of the proftpd package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : In ProFTPD through 1.3.8b before cec01cc, supplemental group inheritance grants unintended access to GID 0 because of the lack of supplemental...

EulerOS 2.0 SP13 : proftpd (EulerOS-SA-2025-2507)

According to the versions of the proftpd package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : In ProFTPD through 1.3.8b before cec01cc, supplemental group inheritance grants unintended access to GID 0 because of the lack of supplemental...

EUVD-2011-3899

Malware in sbrugna...

EUVD-2017-9569

Malware in sbrugna...

EUVD-2018-4336

Malware in sbrugna...

EUVD-2024-43211

Malicious code in bioql PyPI...

CVE-2017-18453

cPanel before 64.0.21 does not preserve supplemental groups across account renames SEC-260...

Security update for proftpd

This update for proftpd fixes the following issues: CVE-2024-57392: Fixed null pointer dereference vulnerability by sending a maliciously crafted message bsc1238143. CVE-2024-48651: Fixed supplemental group inheritance granting unintended access to GID 0 bsc1238141. Patch Instructions: To install...