Salvatore Sanfilippo - Security Researcher - Exploit Intelligence Platform

CVE-2025-9810 WRITEUP MEDIUM WRITEUP

linenoise - Time-of-check Time-of-use Race Condition in linenoiseHistorySave

TOCTOU in linenoiseHistorySave in linenoise allows local attackers to overwrite arbitrary files and change permissions via a symlink race between fopen("w") on the history path and subsequent chmod() on the same path.

CVSS 6.8

View Code

CVE-2025-9810 WRITEUP MEDIUM WRITEUP

linenoise - Time-of-check Time-of-use Race Condition in linenoiseHistorySave

TOCTOU in linenoiseHistorySave in linenoise allows local attackers to overwrite arbitrary files and change permissions via a symlink race between fopen("w") on the history path and subsequent chmod() on the same path.

CVSS 6.8

View Code

CVE-2001-1009 EXPLOITDB c WORKING POC

fetchmail < 5.8.17 - Memory Corruption via Negative LIST Response Index

Fetchmail (aka fetchmail-ssl) before 5.8.17 allows a remote malicious (1) IMAP server or (2) POP/POP3 server to overwrite arbitrary memory and possibly gain privileges via a negative index number as part of a response to a LIST request.

View Code

CVE-2001-1009 EXPLOITDB c WORKING POC

fetchmail < 5.8.17 - Memory Corruption via Negative LIST Response Index

Fetchmail (aka fetchmail-ssl) before 5.8.17 allows a remote malicious (1) IMAP server or (2) POP/POP3 server to overwrite arbitrary memory and possibly gain privileges via a negative index number as part of a response to a LIST request.

View Code