12 matches found
EUVD-2021-14123
Malware in sbrugna...
EUVD-2022-37403
Malicious code in bioql PyPI...
EUVD-2024-3082
Malicious code in bioql PyPI...
NewStart CGSL MAIN 7.02 : ansible-core Multiple Vulnerabilities (NS-SA-2025-0114)
The remote NewStart CGSL host, running version MAIN 7.02, has ansible-core packages installed that are affected by multiple vulnerabilities: - An information disclosure flaw was found in ansible-core due to a failure to respect the ANSIBLENOLOG configuration in some scenarios. Information is stil...
CVE-2024-11584
cloud-init through 25.1.2 includes the systemd socket unit cloud-init-hotplugd.socket with default SocketMode that grants 0666 permissions, making it world-writable. This is used for the "/run/cloud-init/hook-hotplug-cmd" FIFO. An unprivileged user could trigger hotplug-hook commands...
CVE-2025-24891 Dumb Drop has an arbitrary file overwrite and path traversal for root shell
Dumb Drop is a file upload application. Users with permission to upload to the service are able to exploit a path traversal vulnerability to overwrite arbitrary system files. As the container runs as root by default, there is no limit to what can be overwritten. With this, it's possible to inject...
RHEL 8 : bpftrace (RHSA-2024:8830)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:8830 advisory. BPFtrace is a high-level tracing language for Linux enhanced Berkeley Packet Filter eBPF available in recent Linux kernels 4.x. BPFtrace uses LLVM as...
Adobe ColdFusion Elevation of Privilege Vulnerability
Adobe ColdFusion is the United States Odo than Adobe company's set of rapid application development platform. The platform includes an integrated development environment and scripting language. An elevation of privilege vulnerability exists in the Adobe ColdFusion installer, which can be exploite...
Shareplex 2.1.3 .9/2.2.2 beta Arbitary Local File Disclosure Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/2535/info Shareplex is a database replication tool from Quest Software. Versions of the product contain a vulnerability which can permit local unprivileged users to read arbitrary files. The Qview component of Shareplex...
[Full-Disclosure] CSA-200402-1: Previous Open Webmail vulnerability is exploitable
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cycom AB Security Advisory CSA-200402-1 www.cycom.se Advisory: Previous Open Webmail vulnerability is exploitable Date: Sat Feb 21 15:18:21 CET 2004, updated: Thu May 6 10:37:29 CEST 2004 Application: Open Webmail 2.20, 2.21 and 2.30 and -current...
kpopup 0.9.x - Privileged Command Execution
// source: https://www.securityfocus.com/bid/8915/info It has been alleged that it is possible for local attackers to gain root privileges through kpopup, which is is installed setuid root by default. According to the report, kpopup uses the system3 C-library function insecurely to run other...
SAP DB 7.3.00 - Symbolic Link
SAP DB 7.3.00 - Symbolic Link source: https://www.securityfocus.com/bid/6316/info A vulnerability has been discovered in SAP DB that may allow an unprivileged to execute commands with root privileges. The vulnerability is due to insufficient sanity checks by lserver, when attempting to execute th...