SUSE: Security Advisory (SUSE-SU-2023:0116-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2023:0117-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Important: sudo security update

The sudo packages contain the sudo utility which allows system administrators to provide certain users with the permission to execute privileged commands, which are used for system management purposes, without having to log in as root. Security Fixes: sudo: arbitrary file write with privileges of...

RHEL 7 : rh-nodejs10-nodejs (RHSA-2020:0597)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:0597 advisory. Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The...

RHEL 7 : rh-nodejs12-nodejs (RHSA-2020:0602)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:0602 advisory. Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The...

Command Injection

froxlor/froxlor is vulnerable to Command Injection. The vulnerability is due to an Arbitrary File Write in the logging module which allows an attacker to overwrite an arbitrary file, and Template Injection. A remote authenticated attacker can chain these vulnerabilities together, resulting in...

SUSE-SU-2023:0117-1 Security update for sudo

This update for sudo fixes the following issues: - CVE-2023-22809: Fixed an arbitrary file write issue that could be exploited by users with sudoedit permissions bsc1207082. Other fixes: - Fixed a potential crash while using the sssd plugin bsc1206170...

SUSE-SU-2023:0116-1 Security update for sudo

This update for sudo fixes the following issues: - CVE-2023-22809: Fixed an arbitrary file write issue that could be exploited by users with sudoedit permissions bsc1207082. Other fixes: - Fixed a potential crash while using the sssd plugin bsc1206170...

SUSE-SU-2023:0115-1 Security update for sudo

This update for sudo fixes the following issues: - CVE-2023-22809: Fixed an arbitrary file write issue that could be exploited by users with sudoedit permissions bsc1207082...

SUSE-SU-2023:0114-1 Security update for sudo

This update for sudo fixes the following issues: - CVE-2023-22809: Fixed an arbitrary file write issue that could be exploited by users with sudoedit permissions bsc1207082...

SUSE: Security Advisory (SUSE-SU-2023:0100-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2023:0101-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE-SU-2023:0101-1 Security update for sudo

This update for sudo fixes the following issues: - CVE-2023-22809: Fixed an arbitrary file write issue that could be exploited by users with sudoedit permissions bsc1207082...

SUSE-SU-2023:0100-1 Security update for sudo

This update for sudo fixes the following issues: - CVE-2023-22809: Fixed an arbitrary file write issue that could be exploited by users with sudoedit permissions bsc1207082...

Auth0 JsonWebtoken < 9.0.0 Arbitrary File Write (deprecated)

This plugin has been deprecated because CVE-2022-23529 has been rejected, and this is no longer considered a vulnerability %NASLMINLEVEL 80900 C Tenable Network Security, Inc. @DEPRECATED@ Disabled on 2023/02/24. Deprecated because the asscociated CCVE was rejected. This is no longer considered a...

Cisco TelePresence CE Arbitrary File Write (cisco-sa-roomos-trav-beFvCcyu)

According to its self-reported version, Cisco TelePresence Collaboration Endpoint Software is affected by an arbitrary file write vulnerability. Due to improper access controls on files in the that are in the local system, a local attacker can place a symbolic link in a specific location in the...

jenkins-plugin: Arbitrary file write vulnerability in Pipeline Input Step Plugin

A flaw was found in the Pipeline Input Step Plugin. This issue affects the code of the component Archive File Handler. The manipulation of the argument file with a malicious input leads to a directory traversal vulnerability...

Froxlor 2.0.6 Remote Command Execution via Arbitrary File Write and Server Side Template Injection

Description Froxlor 2.0.6 Stable is suffering from Remote Command Execution that was achieved by chaining two bugs, the first one is an arbitrary file write on the logging feature, which allows an authenticated attacker to point the log file to any writable path even if it was the web server...

PT-2023-1605

Name of the Vulnerable Software and Affected Versions Windows versions prior to the January 2023 Patch Tuesday Description The issue is related to the implementation of the NT LAN Manager NTLM protocol in Windows operating systems, which is associated with insufficient access restrictions...

CVE-2022-4884

Path-Traversal in MKP storing in Tribe29 Checkmk =2.0.0p32 and = 2.1.0p18 allows an administrator to write mkp files to arbitrary locations via a malicious mkp file...