CLSA-2026-1774952276 opencryptoki: Fix of CVE-2026-23893

CVE-2026-23893: fix symlink-following vulnerabilities in privileged contexts...

MiracleLinux 9 : python3.9-3.9.21-2.el9_6.1 (AXSA:2025-10620:02)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-10620:02 advisory. cpython: Tarfile extracts filtered members when errorlevel=0 CVE-2025-4435 cpython: Bypass extraction filter to modify file metadata outside...

EUVD-2005-0611

Malware in sbrugna...

EUVD-1999-0371

Malware in sbrugna...

Moderate: Red Hat Security Advisory: rpm security update

An update for rpm is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Important: thunderbird security update

Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 115.6.0. Security Fixes: Mozilla: Heap-buffer-overflow affecting WebGL DrawElementsInstanced method with Mesa VM driver CVE-2023-6856 Mozilla: Memory safety bugs fixed in Firefox 121, Firefo...

Huawei EulerOS: Security Advisory for emacs (EulerOS-SA-2022-2494)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE-SU-2022:1925-1 Security update for patch

This update for patch fixes the following issues: Security issues fixed: - CVE-2019-13636: Fixed follow symlinks unless --follow-symlinks is given. This increases the security against malicious patches bsc1142041. - CVE-2018-6952: Fixed swapping fakelines in pchswap. This bug was causing a double...

OPENSUSE-SU-2021:3940-1 Security update for nodejs12

This update for nodejs12 fixes the following issues: - CVE-2021-22959: Fixed HTTP Request Smuggling due to spaced in headers bsc1191601. - CVE-2021-22960: Fixed HTTP Request Smuggling when parsing the body bsc1191602. - CVE-2021-37701: Fixed arbitrary file creation and overwrite in nodejs-tar...

Security update for libu2f-host, pam_u2f (moderate)

openSUSE Security Update: Security update for libu2f-host, pamu2f Announcement ID: openSUSE-SU-2019:1725-1 Rating: moderate References: 1128140 1135727 1135729 Cross-References: CVE-2019-12209 CVE-2019-12210 CVE-2019-9578 Affected Products: openSUSE Leap 15.0 An update that fixes three...

Fedora 25 : proftpd (2017-c6f424c3ff)

Current upstream maintenance release for the 1.3.5 series. Includes fix for CVE-2017-7418, where not all path elements were checked for symlinks when using a chroot, so attackers with local access could bypass the AllowChrootSymlinks control by replacing a path component other than the last one...

SuSE 11.1 Security Update : puppet (SAT Patch Number 5421)

The following security issues have been fixed : - Puppet's certificate authority issued Puppet agent certificates capable of impersonating the Puppet master. Compromised or rogue puppet agents could therefore use their certificates for MITM attacks. CVE-2011-3872 Note: If you've set the...

GLSA-201009-09 : fence: Multiple symlink vulnerabilities

The remote host is affected by the vulnerability described in GLSA-201009-09 fence: Multiple symlink vulnerabilities The fenceapc, fenceapcsnmp CVE-2008-4579 and fencemanual CVE-2008-4580 programs contain symlink vulnerabilities. Impact : These vulnerabilities may allow arbitrary files to be...

fence: Multiple symlink vulnerabilities

Background fence is an I/O group fencing system. Description The fenceapc, fenceapcsnmp CVE-2008-4579 and fencemanual CVE-2008-4580 programs contain symlink vulnerabilities. Impact These vulnerabilities may allow arbitrary files to be overwritten with root privileges. Workaround There is no known...

cman security, bug fix, and enhancement update

2.0.115-1 - RSA II fencing agent has been fixed. - Resolves: rhbz493802 2.0.114-1 - local variable 'verbosefilename' referenced before assignment has been fixed - RSA II fencing agent has been fixed. - Resolves: rhbz493802 rhbz514758 2.0.113-1 - Limitations with 2-node fencescsi are now properly...

FreeBSD Ports: portupgrade

The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

CVE-2005-2851

smb4k 0.4 and other versions before 0.6.3 allows local users to read sensitive files via a symlink attack on the 1 smb4k.tmp or 2 sudoers temporary files...

CVE-2005-0610

Multiple symlink vulnerabilities in portupgrade before 200412262 in FreeBSD allow local users to 1 overwrite arbitrary files and possibly replace packages to execute arbitrary code via pkgfetch, 2 overwrite arbitrary files via temporary files when portupgrade upgrades a port or package, or 3 crea...

[SECURITY] [DSA 539-1] New kdelibs packages fix denial of service

-------------------------------------------------------------------------- Debian Security Advisory DSA 539-1 [email protected] http://www.debian.org/security/ Martin Schulze August 17th, 2004 http://www.debian.org/security/faq -...

Symlink vulnerabilities in mailmgr

--------------------------------------------------------- Title : Symlink vulnerabilities in mailmgr Bug finder : Marco van Berkum [email protected] Website : http://ws.obit.nl URL to mailmgr : http://web.onda.com.br/orso/mailmgr.html Tested version : Mailmgr-1.2.3 Date : 12 Feb 2004...