7192 matches found
Important: sudo security update
The sudo packages contain the sudo utility which allows system administrators to provide certain users with the permission to execute privileged commands, which are used for system management purposes, without having to log in as root. Security Fixes: sudo: arbitrary file write with privileges of...
RHEL 7 : rh-nodejs10-nodejs (RHSA-2020:0597)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:0597 advisory. Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. The...
RHEL 8 : sudo (RHSA-2023:0280)
The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2023:0280 advisory. The sudo packages contain the sudo utility which allows system administrators to provide certain users with the permission to execute privileged...
SUSE: Security Advisory (SUSE-SU-2023:0117-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2023:0115-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2023:0114-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2023:0116-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Command Injection
froxlor/froxlor is vulnerable to Command Injection. The vulnerability is due to an Arbitrary File Write in the logging module which allows an attacker to overwrite an arbitrary file, and Template Injection. A remote authenticated attacker can chain these vulnerabilities together, resulting in...
SUSE-SU-2023:0117-1 Security update for sudo
This update for sudo fixes the following issues: - CVE-2023-22809: Fixed an arbitrary file write issue that could be exploited by users with sudoedit permissions bsc1207082. Other fixes: - Fixed a potential crash while using the sssd plugin bsc1206170...
SUSE-SU-2023:0116-1 Security update for sudo
This update for sudo fixes the following issues: - CVE-2023-22809: Fixed an arbitrary file write issue that could be exploited by users with sudoedit permissions bsc1207082. Other fixes: - Fixed a potential crash while using the sssd plugin bsc1206170...
SUSE-SU-2023:0115-1 Security update for sudo
This update for sudo fixes the following issues: - CVE-2023-22809: Fixed an arbitrary file write issue that could be exploited by users with sudoedit permissions bsc1207082...
SUSE-SU-2023:0114-1 Security update for sudo
This update for sudo fixes the following issues: - CVE-2023-22809: Fixed an arbitrary file write issue that could be exploited by users with sudoedit permissions bsc1207082...
SUSE: Security Advisory (SUSE-SU-2023:0100-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2023:0101-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE-SU-2023:0101-1 Security update for sudo
This update for sudo fixes the following issues: - CVE-2023-22809: Fixed an arbitrary file write issue that could be exploited by users with sudoedit permissions bsc1207082...
SUSE-SU-2023:0100-1 Security update for sudo
This update for sudo fixes the following issues: - CVE-2023-22809: Fixed an arbitrary file write issue that could be exploited by users with sudoedit permissions bsc1207082...
CVE-2022-46660
An unauthorized user could alter or write files with full control over the path and content of the file...
Auth0 JsonWebtoken < 9.0.0 Arbitrary File Write (deprecated)
This plugin has been deprecated because CVE-2022-23529 has been rejected, and this is no longer considered a vulnerability %NASLMINLEVEL 80900 C Tenable Network Security, Inc. @DEPRECATED@ Disabled on 2023/02/24. Deprecated because the asscociated CCVE was rejected. This is no longer considered a...
Cisco TelePresence CE Arbitrary File Write (cisco-sa-roomos-trav-beFvCcyu)
According to its self-reported version, Cisco TelePresence Collaboration Endpoint Software is affected by an arbitrary file write vulnerability. Due to improper access controls on files in the that are in the local system, a local attacker can place a symbolic link in a specific location in the...
jenkins-plugin: Arbitrary file write vulnerability in Pipeline Input Step Plugin
A flaw was found in the Pipeline Input Step Plugin. This issue affects the code of the component Archive File Handler. The manipulation of the argument file with a malicious input leads to a directory traversal vulnerability...