SUSE CVE-2025-54368

uv is a Python package and project manager written in Rust. In versions 0.8.5 and earlier, remote ZIP archives were handled in a streamwise fashion, and file entries were not reconciled against the archive's central directory. An attacker could contrive a ZIP archive that would extract with...

CVE-2025-54368

uv is a Python package and project manager written in Rust. In versions 0.8.5 and earlier, remote ZIP archives were handled in a streamwise fashion, and file entries were not reconciled against the archive's central directory. An attacker could contrive a ZIP archive that would extract with...

CVE-2025-54368 uv is vulnerable to ZIP payload obfuscation through parsing differentials

uv is a Python package and project manager written in Rust. In versions 0.8.5 and earlier, remote ZIP archives were handled in a streamwise fashion, and file entries were not reconciled against the archive's central directory. An attacker could contrive a ZIP archive that would extract with...

Important: mtr

Issue Overview: mtr through 0.95, in certain privileged contexts, mishandles execution of a program specified by the MTRPACKET environment variable. CVE-2025-49809 Affected Packages: mtr Issue Correction: Run dnf update mtr --releasever 2023.8.20250808 or dnf update --advisory ALAS2023-2025-1102...

Linux Distros Unpatched Vulnerability : CVE-2025-4878

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was found in libssh, where an uninitialized variable exists under certain conditions in the privatekeyfromfile function. This flaw can be...

mtd: nand: ecc-mxic: Fix use of uninitialized variable ret

...

Linux Distros Unpatched Vulnerability : CVE-2023-52893

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - gsmi: fix null-deref in gsmigetvariable We can get EFI variables without fetching the attribute, so we must allow for that in gsmi. commit 859748255b43 efi:...

Use of Uninitialized Variable

Overview Affected versions of this package are vulnerable to Use of Uninitialized Variable due to the absent check of pimage value before calling opjj2kreadheader function. An attacker can achieve arbitrary code execution or cause a denial of service by supplying a specially crafted image file...

CVE-2025-43195

An issue existed in the handling of environment variables. This issue was addressed with improved validation. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. An app may be able to access sensitive user data...

InsydeH2O 安全漏洞

InsydeH2O is a customizable firmware codebase from China's Insyde Insyde Corporation. A security vulnerability exists in InsydeH2O, which originates from an arbitrary call to SmmSetVariable with unsanitized parameters in the SMI handler...

Important: mtr

Issue Overview: mtr through 0.95, in certain privileged contexts, mishandles execution of a program specified by the MTRPACKET environment variable. CVE-2025-49809 Affected Packages: mtr Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ section for the...

RockyLinux 9 : freetype (RLSA-2025:3407)

The remote RockyLinux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2025:3407 advisory. freetype: OOB write when attempting to parse font subglyph structures related to TrueType GX and variable font files CVE-2025-27363 Tenable has extracted the...

CVE-2025-43195

An issue existed in the handling of environment variables. This issue was addressed with improved validation. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. An app may be able to access sensitive user data...

CVE-2025-43195

CVE-2025-43195 describes an environment-variable handling issue in macOS that could allow an app to access sensitive user data. The root cause is improper validation in how environment variables are processed, which was addressed by improved validation in the macOS updates. Affected products incl...

RLSA-2025:3407 Important: freetype security update

FreeType is a free, high-quality, portable font engine that can open and manage font files. FreeType loads, hints, and renders individual glyphs efficiently. Security Fixes: freetype: OOB write when attempting to parse font subglyph structures related to TrueType GX and variable font files...

RLSA-2025:3421 Important: freetype security update

FreeType is a free, high-quality, portable font engine that can open and manage font files. FreeType loads, hints, and renders individual glyphs efficiently. Security Fixes: freetype: OOB write when attempting to parse font subglyph structures related to TrueType GX and variable font files...

Linux PAM Environment - Variable Injection Local Privilege Escalation

Exploit Title: Linux PAM Environment - Variable Injection Local Privilege Escalation Exploit Author: @İbrahimsql Exploit Author's github: https://github.com/ibrahmsql Description: PAM pamenv.so module allows environment variable injection via /.pamenvironment leading to privilege escalation throu...

easy-linux-pwn

This is a set of Linux binary exploitation tasks for beginners on various architectures. The tasks are designed to be solved using a suggested approach, even if there are other easier ways. The tasks assume a dynamically linked libc with a known binary and require the use of ROP Return-Oriented...

CVE-2025-42947

SAP FICA ODN framework allows a high privileged user to inject value inside the local variable which can then be executed by the application. An attacker could thereby control the behaviour of the application causing high impact on integrity, low impact on availability and no impact on...

D-Link DIR-816L Command Injection Vulnerability

The D-Link DIR-816L is a wireless router from China's AUO D-Link. A command injection vulnerability exists in the D-Link DIR-816L 2.06B01 and earlier versions, which stems from the lxmldbcsystem function in the environment variable handling component failing to properly filter construct command...