EUVD-2012-5296

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2022-41946

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - pgjdbc is an open source postgresql JDBC Driver. In affected versions a prepared statement using either PreparedStatement.setTextint, InputStream or...

CVE-2022-41946 TemporaryFolder on unix-like systems does not limit access to created files in pgjdbc

pgjdbc is an open source postgresql JDBC Driver. In affected versions a prepared statement using either PreparedStatement.setTextint, InputStream or PreparedStatemet.setByteaint, InputStream will create a temporary file if the InputStream is larger than 2k. This will create a temporary file which...

Insufficiently Protected Credentials via Insecure Temporary File in org.apache.nifi:nifi-single-user-utils

Impact org.apache.nifi.authentication.single.user.writer.StandardLoginCredentialsWriter contains a local information disclosure vulnerability due to writing credentials username and password to a file that is readable by all other users on unix-like systems. On unix-like systems, the system's...

Information disclosure

In JUnit4 from version 4.7 and before 4.13.1, the test rule TemporaryFolder contains a local information disclosure vulnerability. On Unix like systems, the system's temporary directory is shared between all users on that system. Because of this, when files and directories are written into this...

CVE-2012-5381

Untrusted search path vulnerability in the installation functionality in PHP 5.3.17, when installed in the top-level C:\ directory, might allow local users to gain privileges via a Trojan horse DLL in the C:\PHP directory, which may be added to the PATH system environment variable by an...

CVE-2012-5377

Untrusted search path vulnerability in the installation functionality in ActivePerl 5.16.1.1601, when installed in the top-level C:\ directory, allows local users to gain privileges via a Trojan horse DLL in the C:\Perl\Site\bin directory, which is added to the PATH system environment variable, a...

CVE-2012-5383

Untrusted search path vulnerability in the installation functionality in Oracle MySQL 5.5.28, when installed in the top-level C:\ directory, might allow local users to gain privileges via a Trojan horse DLL in the "C:\MySQL\MySQL Server 5.5\bin" directory, which may be added to the PATH system...

CVE-2012-5383

Untrusted search path vulnerability in the installation functionality in Oracle MySQL 5.5.28, when installed in the top-level C:\ directory, might allow local users to gain privileges via a Trojan horse DLL in the "C:\MySQL\MySQL Server 5.5\bin" directory, which may be added to the PATH system...

Design/Logic Flaw

Untrusted search path vulnerability in the installation functionality in ActivePerl 5.16.1.1601, when installed in the top-level C:\ directory, allows local users to gain privileges via a Trojan horse DLL in the C:\Perl\Site\bin directory, which is added to the PATH system environment variable, a...

CVE-2012-5380

Untrusted search path vulnerability in the installation functionality in Ruby 1.9.3-p194, when installed in the top-level C:\ directory, might allow local users to gain privileges via a Trojan horse DLL in the C:\Ruby193\bin directory, which may be added to the PATH system environment variable by...

Design/Logic Flaw

DISPUTED Untrusted search path vulnerability in the installation functionality in Zend Server 5.6.0 SP4, when installed in the top-level C:\ directory, might allow local users to gain privileges via a Trojan horse DLL in the C:\Zend\ZendServer\share\ZendFramework\bin directory, which may be added...

CVE-2012-5380

CVE-2012-5380 is an Untrusted search path vulnerability affecting Ruby 1.9.3-p194 installed in the top-level C:. The installation can lead to privilege escalation via a Trojan horse DLL (wlbsctrl.dll) placed in C:\Ruby193\bin that could be added to PATH and loaded by the IKE and AuthIP IPsec Keyi...

CVE-2012-5383

Untrusted search path vulnerability in the installation functionality in Oracle MySQL 5.5.28, when installed in the top-level C:\ directory, might allow local users to gain privileges via a Trojan horse DLL in the "C:\MySQL\MySQL Server 5.5\bin" directory, which may be added to the PATH system...

CVE-2012-5383

CVE-2012-5383 describes an untrusted search path vulnerability in Oracle MySQL 5.5.28 when installed in the top-level C:\ directory. A Trojan horse DLL (wlbsctrl.dll) in C:\MySQL\MySQL Server 5.5\bin could be added to the PATH by an administrator and loaded by the IKE and AuthIP IPsec Keying Modu...

CVE-2012-5380

Untrusted search path vulnerability in the installation functionality in Ruby 1.9.3-p194, when installed in the top-level C:\ directory, might allow local users to gain privileges via a Trojan horse DLL in the C:\Ruby193\bin directory, which may be added to the PATH system environment variable by...

CVE-2012-5378

Untrusted search path vulnerability in the installation functionality in ActiveTcl 8.5.12, when installed in the top-level C:\ directory, allows local users to gain privileges via a Trojan horse DLL in the C:\TD\bin directory, which is added to the PATH system environment variable, as demonstrate...

CVE-2012-5379

CVE-2012-5379 affects ActivePython 3.2.2.3 installed in the top-level C:\ directory, where an untrusted search path can allow a Trojan horse DLL (wlbsctrl.dll) in C:\Python27 or C:\Python27\Scripts to be found via the PATH, enabling local privilege escalation through the IKE and AuthIP IPsec Keyi...