A dependency confusion in pipreqs v0.3.0 to v0.4.11 allows attackers to execute arbitrary code via uploading a crafted PyPI package to the chosen repository server.Read More ...
Continue Reading
July 01, 2023
The Malwarebytes EDR 1.0.11 for Linux driver doesn't properly ensure whitelisting of executable libraries loaded by executable files, allowing arbitrary code execution. The attacker can set LD_LIBRARY ...
Continue Reading
July 01, 2023
Malwarebytes Anti-Exploit 4.4.0.220 is vulnerable to arbitrary file deletion and denial of service via an ALPC message in which FullFileNamePath lacks a '' character.Read More ...
Continue Reading
July 01, 2023
In Malwarebytes EDR 1.0.11 for Linux, it is possible to bypass the detection layers that depend on inode identifiers, because an identifier may be reused when a file is replaced, and because two files ...
Continue Reading
July 01, 2023
Gradle is a build tool with a focus on build automation and support for multi-language development. In affected versions when unpacking Tar archives, Gradle did not check that files could be written o ...
Continue Reading
July 01, 2023
Gradle is a build tool with a focus on build automation and support for multi-language development. When Gradle writes a dependency into its dependency cache, it uses the dependency's coordinates ...
Continue Reading
July 01, 2023
A hash collision flaw was found in the IPv6 connection lookup table in the Linux kernelâs IPv6 functionality when a user makes a new kind of SYN flood attack. A user located in the local network ...
Continue Reading
July 01, 2023
Improper Neutralization of Formula Elements in a CSV File in GitHub repository fossbilling/fossbilling prior to...Read More ...
Continue Reading
July 01, 2023
Back to Main
