CVE-2002-1913

phptonuke.php in myPHPNuke 1.8.8 allows remote attackers to read arbitrary files via a full pathname in the filnavn variable...

CVE-2003-0932

Buffer overflow in omega-rpg 0.90 allows local users to execute arbitrary code via a long 1 command line or 2 environment variable...

CVE-2003-0454

Multiple buffer overflows in xgalaga 2.0.34 and earlier allow local users to gain privileges via a long HOME environment variable...

CVE-2003-0061

Buffer overflow in passwd for HP UX B.10.20 allows local users to execute arbitrary commands with root privileges via a long LANG environment variable...

CVE-2002-2087

Buffer overflow in Borland InterBase 6.0 allows local users to execute arbitrary code via a long INTERBASE environment variable when calling 1 gdsdrop, 2 gdslockmgr, or 3 gdsinetserver...

CVE-2002-2017

sastcpd in SAS/Base 8.0 allows local users to execute arbitrary code by setting the authprog environment variable to reference a malicious program, which is then executed by sastcpd...

CVE-2008-7278

The S/MIME feature in Open Ticket Request System OTRS before 2.2.5, and 2.3.x before 2.3.0-beta1, does not properly configure the RANDFILE environment variable for OpenSSL, which might make it easier for remote attackers to decrypt e-mail messages that had lower than intended entropy available fo...

CVE-2003-0830

Buffer overflow in marbles 1.0.2 and earlier allows local users to gain privileges via a long HOME environment variable...

CVE-1999-0690

HP CDE program includes the current directory in root's PATH variable...

CVE-1999-0767

Buffer overflow in Solaris libc, ufsrestore, and rcp via LCMESSAGES environmental variable...

CVE-1999-0740

Remote attackers can cause a denial of service on Linux in.telnetd telnet daemon through a malformed TERM environmental variable...

CVE-1999-0388

DataLynx suGuard trusts the PATH environment variable to execute the ps command, allowing local users to execute commands as root...

CVE-1999-0318

Buffer overflow in xmcd 2.0p12 allows local users to gain access through an environmental variable...

CVE-1999-0192

Buffer overflow in telnet daemon tgetent routing allows remote attackers to gain root access via the TERMCAP environmental variable...

CVE-2025-48069 ejson2env has insufficient input sanitization

ejson2env allows users to decrypt EJSON secrets and export them as environment variables. Prior to version 2.0.8, the ejson2env tool has a vulnerability related to how it writes to stdout. Specifically, the tool is intended to write an export statement for environment variables and their values...

Outsourcing SAT-Based Verification Computations in Network Security

The emergence of cloud computing gives huge impact on large computations. Cloud computing platforms offer servers with large computation power to be available for customers. These servers can be used efficiently to solve problems that are complex by nature, for example, satisfiability SAT problem...

CVE-2025-37961 ipvs: fix uninit-value for saddr in do_output_route4

In the Linux kernel, the following vulnerability has been resolved: ipvs: fix uninit-value for saddr in dooutputroute4 syzbot reports for uninit-value for the saddr argument 1. commit 4754957f04f5 "ipvs: do not use random local source address for tunnels" already implies that the input value of...

PT-2025-22195 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue concerns a pointer check in the graph util parse link direction function within the Linux kernel's ASoC simple-card-utils. The problem arises when the function fails to...

CVE-2025-32962

Flask-AppBuilder is an application development framework built on top of Flask. Versions prior to 4.6.2 would allow for a malicious unauthenticated actor to perform an open redirect by manipulating the Host header in HTTP requests. Flask-AppBuilder 4.6.2 introduced the FABSAFEREDIRECTHOSTS...

SUSE CVE-2025-37890

In the Linux kernel, the following vulnerability has been resolved: netsched: hfsc: Fix a UAF vulnerability in class with netem as child qdisc As described in Gerrard's report 1, we have a UAF case when an hfsc class has a netem child qdisc. The crux of the issue is that hfsc is assuming that...