CVE-2024-9902 Ansible-core: ansible-core user may read/write unauthorized content

A flaw was found in Ansible. The ansible-core user module can allow an unprivileged user to silently create or replace the contents of any file on any system path and take ownership of it when a privileged user executes the user module against the unprivileged user's home directory. If the...

JHead: Multiple vulnerabilities

Background JHead is an exif jpeg header manipulation tool. Description Marc Merlin and John Dong reported multiple vulnerabilities in JHead: A buffer overflow in the DoCommand function when processing the cmd argument and related to potential string overflows CVE-2008-4575. An insecure creation o...