CVE-2026-32063

OpenClaw version 2026.2.19-2 prior to 2026.2.21 contains a command injection vulnerability in systemd unit file generation where attacker-controlled environment values are not validated for CR/LF characters, allowing newline injection to break out of Environment= lines and inject arbitrary system...

PT-2026-24673

Summary A command injection vulnerability exists in OpenClaw’s Linux systemd unit generation path. When rendering Environment= entries, attacker-controlled values are not rejected for CR/LF, and systemdEscapeArg uses an incorrect whitespace-matching regex. This allows newline injection to break o...

Vulnerabilities fixed in Nagios XI

Nagios has fixed vulnerabilities in Nagios XI Versions before 2024R1.4.2 and 2024R2. The vulnerabilities include a remote code execution vulnerability within the Business Process Intelligence component, insufficient permissions on systemd unit files, unauthorized access to API keys, a command...

CVE-2025-34135 Nagios XI < 2024R1.4.2 Overly Permissive Permissions on Systemd Unit Files

Nagios XI versions prior to 2024R1.4.2 configure some systemd unit files with permission sets that were too permissive. In particular, the nagios.service unit had executable permissions that were not required. Overly permissive permissions on service unit files can broaden local attack surface by...

CVE-2025-34135

Nagios XI prior to 2024R1.4.2 is affected by overly permissive permissions on systemd unit files, notably nagios.service having executable permissions not required. This could broaden local attack surface. Affected versions should be updated to 2024R1.4.2 or later; monitoring advisories also note...

Fedora 41 : caddy (2024-bd8fe42929)

The remote Fedora 41 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-bd8fe42929 advisory. Automatic update for caddy-2.8.4-1.fc41. Changelog Fri Jul 5 2024 Carl George - 2.8.4-1 - Update to version 2.8.4 rhbz2278549 - Resolves...

SUSE CVE-2017-6507

An issue was discovered in AppArmor before 2.12. Incorrect handling of unknown AppArmor profiles in AppArmor init scripts, upstart jobs, and/or systemd unit files allows an attacker to possibly have increased attack surfaces of processes that were intended to be confined by AppArmor. This is due ...

Nord Security: NordVPN Linux Client - Unsafe service file permissions leads to Local Privilege Escalation

The Linux package available in NordVPN's repository is affected by a permission issue in init script and systemd unit files that allows any user on the system to execute arbitrary command as root. Tested Version Tested version is the latest available on the repository, which is 3.10.0 and is...

Security update for open-iscsi (important)

openSUSE Security Update: Security update for open-iscsi Announcement ID: openSUSE-SU-2021:0089-1 Rating: important References: 1179440 1179908 Affected Products: openSUSE Leap 15.2 An update that contains security fixes can now be installed. Description: This update for open-iscsi fixes the...

SUSE-SU-2021:0127-1 Security update for open-iscsi

This update for open-iscsi fixes the following issues: - Updated to upstream version 2.1.3 as 2.1.3-suse, for bsc1179908, including: uip: check for TCP urgent pointer past end of frame uip: check for u8 overflow when processing TCP options uip: check for header length underflow during checksum...

UBUNTU-CVE-2017-6507

An issue was discovered in AppArmor before 2.12. Incorrect handling of unknown AppArmor profiles in AppArmor init scripts, upstart jobs, and/or systemd unit files allows an attacker to possibly have increased attack surfaces of processes that were intended to be confined by AppArmor. This is due ...

[ MDVSA-2015:211 ] glusterfs

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2015:211 http://www.mandriva.com/en/support/security/ Package : glusterfs Date : April 27, 2015 Affected: Business Server 2.0 Problem Description: Updated glusterfs packages fix security vulnerability: glusterfs...

Fedora 18 : zabbix-2.0.8-3.fc18 (2013-18348)

New upstream version 2.0.8 - Patch for CVE-2013-5743 SQL injection vulnerability, ZBX-7091 - Patch for ZBX-6922 Failing host XML import - SQL speed-up patch for graphs ZBX-6804 - Require php-ldap and ZBX-6992 Service SQL - Create and configure a spooling directory for fping files outside of /tmp...