EUVD-1999-1536

Malware in sbrugna...

PT-2025-39390

Name of the Vulnerable Software and Affected Versions iMonitor EAM version 9.6394 Description The iMonitor EAM software version 9.6394 installs a system service, eamusbsrv64.exe, that operates with NT AUTHORITYSYSTEM privileges. This service contains an insecure update mechanism that automaticall...

CVE-2009-4358

freebsd-update in FreeBSD 8.0, 7.2, 7.1, 6.4, and 6.3 uses insecure permissions in its working directory /var/db/freebsd-update by default, which allows local users to read copies of sensitive files after a 1 freebsd-update fetch fetch or 2 freebsd-update upgrade upgrade operation...

PT-2024-15709 · Centreon · Centreon

Name of the Vulnerable Software and Affected Versions: Centreon affected versions not specified Description: This issue allows remote attackers to execute arbitrary code on affected installations of Centreon. Authentication is required to exploit this issue. The specific flaw exists within the...

MGASA-2022-0271 Updated firefox packages fix security vulnerability

When visiting directory listings for chrome:// URLs as source text, some parameters were reflected CVE-2022-36318. When combining CSS properties for overflow and transform, the mouse cursor could interact with different coordinates than displayed CVE-2022-36319...

Debian DLA-2622-1 : python-django security update

It was discovered that there was a potential directory traversal issue in Django, a Python-based web development framework. The vulnerability could have been exploited by maliciously crafted filenames. However, the upload handlers built into Django itself were not affected. For Debian 9 'Stretch'...

SUSE-SU-2020:3016-1 Security update for python-pip

This update for python-pip fixes the following issues: - CVE-2019-20916: Fixed a directory traversal in downloadhttpurl bsc1176262...

Avast Secure Browser Local Elevation of Privilege Vulnerability

Avast Secure Browser is a new browser built for privacy. A security vulnerability exists in Avast Secure Browser version 76.0.1659.101 that stems from an insecure ACL set by the AvastBrowserUpdate.exe file. The vulnerability can be exploited by creating a hard link named Update.ini in the...

openSUSE: Security Advisory for hiawatha (openSUSE-SU-2019:0294-1)

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Low: automake19

Issue Overview: It was found that the distcheck rule in Automake-generated Makefiles made a directory world-writable when preparing source archives. If a malicious, local user could access this directory, they could execute arbitrary code with the privileges of the user running "make distcheck"...

PT-2013-1865 · Specview · Specview

Name of the Vulnerable Software and Affected Versions: SpecView versions 2.5 build 853 and earlier Description: A directory traversal issue in the web server allows remote attackers to read arbitrary files via a series of dots in a URI. Recommendations: For versions 2.5 build 853 and earlier,...

[SECURITY] [DSA 499-1] New rsync packages fix directory traversal bug

-------------------------------------------------------------------------- Debian Security Advisory DSA 499-1 [email protected] http://www.debian.org/security/ Matt Zimmerman May 1st, 2004 http://www.debian.org/security/faq -...

CVE-1999-1555

Cheyenne InocuLAN Anti-Virus Server in Inoculan 4.0 before Service Pack 2 creates an update directory with "EVERYONE FULL CONTROL" permissions, which allows local users to cause Inoculan's antivirus update feature to install a Trojan horse dll...