Lucene search
K

14 matches found

Slackware Linux
Slackware Linux
added 2026/05/21 5:16 a.m.15 views

[slackware-security] rsync

New rsync packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: patches/packages/rsync-3.4.3-i586-1slack15.0.txz: Upgraded. This update fixes security issues: TOCTOU symlink race condition allowing local privilege...

8.1CVSS5.9AI score0.0078EPSS
Exploits0
NVD
NVD
added 2026/04/22 5:16 p.m.7 views

CVE-2026-35362

The safetraversal module in uutils coreutils, which provides protection against Time-of-Check to Time-of-Use TOCTOU symlink races using file-descriptor-relative syscalls, is incorrectly limited to Linux targets. On other Unix-like systems such as macOS and FreeBSD, the utility fails to utilize...

3.6CVSS0.0018EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/04/22 4:8 p.m.35 views

CVE-2026-35362 uutils coreutils Missing TOCTOU Protection on Non-Linux Unix Platforms in Safe Traversal Module

The safetraversal module in uutils coreutils, which provides protection against Time-of-Check to Time-of-Use TOCTOU symlink races using file-descriptor-relative syscalls, is incorrectly limited to Linux targets. On other Unix-like systems such as macOS and FreeBSD, the utility fails to utilize...

3.6CVSS0.0018EPSS
Exploits0References2
CVE
CVE
added 2026/04/22 4:8 p.m.18 views

CVE-2026-35362

The CVE-2026-35362 entry concerns the safe_traversal module in uutils coreutils, which is described as failing to provide TOCTOU protections on non-Linux Unix-like systems (e.g., macOS, FreeBSD). The vulnerability, as stated, affects directory traversal operations due to the lack of these protect...

3.6CVSS5.8AI score0.0018EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/04/22 12:0 a.m.8 views

PT-2026-34498

Name of the Vulnerable Software and Affected Versions uutils coreutils affected versions not specified Description The safe traversal module, designed to protect against Time-of-Check to Time-of-Use TOCTOU symlink races—a condition where a file is modified between the time it is checked and the...

3.6CVSS6AI score0.0018EPSS
Exploits0References15
Debian
Debian
added 2026/04/19 5:28 p.m.6 views

[SECURITY] [DLA 4539-1] imagemagick security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-4539-1 [email protected] https://www.debian.org/lts/security/ Bastien Roucariès April 19, 2026 https://wiki.debian.org/LTS -...

9.8CVSS6AI score0.00501EPSS
Exploits0
Debian
Debian
added 2026/04/14 8:29 p.m.5 views

[SECURITY] [DSA 6210-1] imagemagick security update

------------------------------------------------------------------------- Debian Security Advisory DSA-6210-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff April 14, 2026 https://www.debian.org/security/faq -...

9.1CVSS6AI score0.00501EPSS
Exploits0
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2019-3176

Malware in sbrugna...

7.5CVSS7.4AI score0.02418EPSS
Exploits1References7
NVD
NVD
added 2025/08/13 3:15 p.m.6 views

CVE-2025-8941

A flaw was found in linux-pam. The pamnamespace module may improperly handle user-controlled paths, allowing local users to exploit symlink attacks and race conditions to elevate their privileges to root. This CVE provides a "complete" fix for CVE-2025-6020...

7.8CVSS0.00254EPSS
Exploits0References19
Vulnrichment
Vulnrichment
added 2025/08/13 2:42 p.m.6 views

CVE-2025-8941 Linux-pam: incomplete fix for cve-2025-6020

A flaw was found in linux-pam. The pamnamespace module may improperly handle user-controlled paths, allowing local users to exploit symlink attacks and race conditions to elevate their privileges to root. This CVE provides a "complete" fix for CVE-2025-6020...

7.8CVSS6.8AI score0.00254EPSS
Exploits0References19
SUSE CVE
SUSE CVE
added 2023/02/15 4:12 a.m.5 views

SUSE CVE-2019-11503

snap-confine as included in snapd before 2.39 did not guard against symlink races when performing the chdir to the current working directory of the calling user, aka a "cwd restore permission bypass."...

7.5CVSS7.4AI score0.02418EPSS
Exploits1References4
OSV
OSV
added 2019/04/24 9:29 p.m.3 views

UBUNTU-CVE-2019-11503

snap-confine as included in snapd before 2.39 did not guard against symlink races when performing the chdir to the current working directory of the calling user, aka a "cwd restore permission bypass."...

7.5CVSS7.1AI score0.02418EPSS
Exploits1References4
NVD
NVD
added 2019/04/24 9:29 p.m.24 views

CVE-2019-11503

snap-confine as included in snapd before 2.39 did not guard against symlink races when performing the chdir to the current working directory of the calling user, aka a "cwd restore permission bypass."...

7.5CVSS7.4AI score0.02418EPSS
Exploits1References5
Cvelist
Cvelist
added 2019/04/24 8:2 p.m.26 views

CVE-2019-11503

snap-confine as included in snapd before 2.39 did not guard against symlink races when performing the chdir to the current working directory of the calling user, aka a "cwd restore permission bypass."...

7.4AI score0.02418EPSS
Exploits1References5
Rows per page
Query Builder