Unity Linux 20.1070e Security Update: festival (UTSA-2026-016710)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016710 advisory. festivalserver in Centre for Speech Technology Research CSTR Festival, probably 2.0.95-beta and earlier, places a zero-length directory name in the LDLIBRARYPATH,...

EUVD-2010-3349

Malware in sbrugna...

EUVD-2010-3361

Malware in sbrugna...

EUVD-2010-3976

Malware in sbrugna...

EUVD-2010-3391

Malware in sbrugna...

EUVD-2010-3384

Malware in sbrugna...

EUVD-2010-3360

Malware in sbrugna...

EUVD-2010-3376

Malware in sbrugna...

EUVD-2012-3353

Malware in sbrugna...

EUVD-2010-3362

Malware in sbrugna...

EUVD-2010-3981

Malware in sbrugna...

EUVD-2010-3359

Malware in sbrugna...

EUVD-2010-3375

Malware in sbrugna...

EUVD-2010-3972

Malware in sbrugna...

EUVD-2010-3363

Malware in sbrugna...

EUVD-2010-3382

Malware in sbrugna...

sfcb in sblim-sfcb places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.

...

envvars (aka envvars-std) in the Apache HTTP Server before 2.4.2 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse DSO in the current working directory during execution of apachectl.

...

CVE-2010-3393

magics-config in Magics++ 2.10.0 places a zero-length directory name in the LDLIBRARYPATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory...

CVE-2010-3362

lastfm 1.5.4 places a zero-length directory name in the LDLIBRARYPATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory...