8 matches found
MiracleLinux 8 : php:7.3 (AXSA:2020-779:01)
The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2020-779:01 advisory. php: Out-of-bounds read due to integer overflow in iconvmimedecodeheaders CVE-2019-11039 php: Buffer over-read in exifreaddata CVE-2019-11040 php:...
MiracleLinux 7 : cpio-2.11-28.el7 (AXSA:2020-579:01)
The remote MiracleLinux 7 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2020-579:01 advisory. CVE-2019-14866 In all versions of cpio before 2.13 does not properly validate input files when generating TAR archives. When cpio is used to create TAR archiv...
CVE-2005-2212
Backup Manager 0.5.8a creates an archive repository with world readable and writable permissions, which allows attackers to modify or read the repository...
CVE-2020-7063 Files added to tar with Phar::buildFromIterator have all-access permissions
In PHP versions 7.2.x below 7.2.28, 7.3.x below 7.3.15 and 7.4.x below 7.4.3, when creating PHAR archive using PharData::buildFromIterator function, the files are added with default permissions 0666, or all access even if the original files on the filesystem were with more restrictive permissions...
sosreport information disclosure vulnerability
sosreport is a set of tools for collecting log information on all systems. The tool supports automatic zipping of the collected information into a compressed package and provides MD5 checksums. A security vulnerability exists in sosreport version 3.2, which stems from the program assigning weak...
DEBIAN-CVE-2015-3171
sosreport 3.2 uses weak permissions for generated sosreport archives, which allows local users with access to /var/tmp/ to obtain sensitive information by reading the contents of the archive...
UBUNTU-CVE-2015-3171
sosreport 3.2 uses weak permissions for generated sosreport archives, which allows local users with access to /var/tmp/ to obtain sensitive information by reading the contents of the archive...
DEBIAN-CVE-2014-4200
vm-support 0.88 in VMware Tools, as distributed with VMware Workstation through 10.0.3 and other products, uses 0644 permissions for the vm-support archive, which allows local users to obtain sensitive information by extracting files from this archive...