21 matches found
EUVD-2004-1388
Malware in sbrugna...
EUVD-2004-1326
Malware in sbrugna...
EUVD-2004-1052
Malware in sbrugna...
EUVD-2004-1026
Malware in sbrugna...
EUVD-2025-24023
Malicious code in bioql PyPI...
EulerOS 2.0 SP11 : emacs (EulerOS-SA-2025-1923)
According to the versions of the emacs package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : In elisp-mode.el in GNU Emacs before 30.1, a user who chooses to invoke elisp-completion-at-point for code completion on untrusted Emacs Lisp source...
CVE-2025-6573
Kernel software installed and running inside an untrusted/rich execution environment REE could leak information from the trusted execution environment TEE...
CVE-2025-6573 GPU DDK - RGXFW_CTL.pui8FWScratchBuf Leak/Overwrite
Kernel software installed and running inside an untrusted/rich execution environment REE could leak information from the trusted execution environment TEE...
PT-2025-32415 · Kernel · Kernel
Name of the Vulnerable Software and Affected Versions: Kernel affected versions not specified Description: Kernel software operating within an untrusted/rich execution environment REE may disclose information originating from the trusted execution environment TEE. Recommendations: At the moment,...
CVE-2024-40644
gitoxide An idiomatic, lean, fast & safe pure Rust implementation of Git. gix-path can be tricked into running another git.exe placed in an untrusted location by a limited user account on Windows systems. Windows permits limited user accounts without administrative privileges to create new...
Type confusion
An error in Hermes' algorithm for copying objects properties prior to commit a00d237346894c6067a594983be6634f4168c9ad could be used by a malicious attacker to execute arbitrary code via type confusion. Note that this is only exploitable in cases where Hermes is used to execute untrusted JavaScrip...
PrivEsc in Lenovo Vantage. Two minutes later
TL;DR The latest and greatest Lenovo Vantage software which ships with the most recent Lenovo devices is affected by a privilege escalation vulnerability. Whilst Vantage has been released since circa 2016, the software replaced Lenovo Solutions Centre LSC as the recommended platform management an...
iDefense Security Advisory 07.30.08: SAP MaxDB dbmsrv Untrusted Execution Path Vulnerability
iDefense Security Advisory 07.30.08 http://labs.idefense.com/intelligence/vulnerabilities/ Jul 30, 2008 I. BACKGROUND SAP's MaxDB is a database software product. MaxDB was released as open source from version 7.5 up to version 7.6.00. Later versions are no longer open source but are available for...
CVE-2004-1391
Untrusted execution path vulnerability in the PPPoE daemon PPPoEd in QNX RTP 6.1 allows local users to execute arbitrary programs by modifying the PATH environment variable to point to a malicious mount program...
CVE-2004-1028
Untrusted execution path vulnerability in chcod on AIX IBM 5.1.0, 5.2.0, and 5.3.0 allows local users to execute arbitrary programs by modifying the PATH environment variable to point to a malicious "grep" program, which is executed from chcod...
CVE-2004-1329
The CVE describes an untrusted execution path vulnerability in IBM AIX 5.1–5.3: the diag commands (lsmcode, diag_exec, invscout, invscoutd) can be coerced into running arbitrary code when the DIAGNOSTICS environment variable is modified to reference a malicious Dctrl program. Affected components/...
CVE-2004-1054
CVE-2004-1054 – IBM AIX invscout Local Command Execution involves a local privilege escalation in invscout on AIX 5.1.0/5.2.0/5.3.0 where an untrusted PATH can cause a malicious binary named ‘uname’ to be used by lsvpd, allowing an attacker to gain root. The attack relies on not dropping privileg...
CVE-2004-1028
Untrusted execution path vulnerability in chcod on AIX IBM 5.1.0, 5.2.0, and 5.3.0 allows local users to execute arbitrary programs by modifying the PATH environment variable to point to a malicious "grep" program, which is executed from chcod...
CVE-2004-1028
CVE-2004-1028 describes a local privilege-escalation in IBM AIX chcod. The setuid root chcod on AIX 5.1.0/5.2.0/5.3.0 trusts PATH and invokes an external program named “grep.” If a local attacker can place a malicious grep in a directory in PATH and run chcod, arbitrary code could be executed wit...
CVE-2004-1054
Untrusted execution path vulnerability in invscout in IBM AIX 5.1.0, 5.2.0, and 5.3.0 allows local users to gain privileges by modifying the PATH environment variable to point to a malicious "uname" program, which is executed from lsvpd after lsvpd has been invoked by invscout...