5 matches found
EUVD-2021-19393
Malware in sbrugna...
Security update for 7zip (moderate)
openSUSE Security Update: Security update for 7zip Announcement ID: openSUSE-SU-2025:0339-1 Rating: moderate References: 1246706 1246707 1249130 Cross-References: CVE-2025-53816 CVE-2025-53817 CVSS scores: CVE-2025-53816 SUSE: 4.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N...
CVE-2024-45781
A flaw was found in grub2. When reading a symbolic link's name from a UFS filesystem, grub2 fails to validate the string length taken as an input. The lack of validation may lead to a heap out-of-bounds write, causing data integrity issues and eventually allowing an attacker to circumvent secure...
MGASA-2024-0388 Updated python-aiohttp packages fix security vulnerabilities
When using aiohttp as a web server and configuring static routes, it is necessary to specify the root path for static files. Additionally, the option 'followsymlinks' can be used to determine whether to follow symbolic links outside the static root directory. When 'followsymlinks' is set to True,...
UNIX Symbolic Link (Symlink) Following
Overview Impact Arbitrary File Creation, Arbitrary File Overwrite, Arbitrary Code Execution @npmcli/arborist, the library that calculates dependency trees and manages the nodemodules folder hierarchy for the npm command line interface, aims to guarantee that package dependency contracts will be...