Lucene search
K

6886 matches found

Tenable Nessus
Tenable Nessus
added 2019/08/20 12:0 a.m.23 views

openSUSE Security Update : nodejs8 (openSUSE-2019-1907)

This update for nodejs8 fixes the following issues : Security issue fixed : - CVE-2019-13173: Fixed a potential file overwrite via hardlink in fstream.DirWriter bsc1140290. Non-security issue fixed : - Backported fixes for OpenSSL 1.1.1 from nodejs8 bsc1134209. This update was imported from the...

7.5CVSS7.9AI score0.02781EPSS
Exploits0References3
OSV
OSV
added 2019/08/19 2:53 p.m.5 views

SUSE-SU-2019:2181-1 Security update for nodejs6

This update for nodejs6 fixes the following issues: - CVE-2019-13173: Fixed a potential file overwrite via hardlink in fstream.DirWriter bsc1140290...

7.5CVSS7.5AI score0.02781EPSS
Exploits0References3
Veracode
Veracode
added 2019/08/19 6:53 a.m.20 views

Unauthorized File Overwrite

github.com/cnlh/nps is vulnerable to unauthorized file overwrite. The permission for /usr/local/bin/nps and/or /usr/bin/nps is 0777 instead of 0755, allowing a local user to perform an unauthorized file overwriting...

5.5CVSS2.6AI score0.00955EPSS
Exploits1References2Affected Software1
NVD
NVD
added 2019/08/16 3:15 p.m.25 views

CVE-2019-15119

lib/install/install.go in cnlh nps through 0.23.2 uses 0777 permissions for /usr/local/bin/nps and/or /usr/bin/nps, leading to a file overwrite by a local user...

5.8CVSS5.4AI score0.00955EPSS
Exploits1References2
OSV
OSV
added 2019/08/16 3:15 p.m.17 views

CVE-2019-15119

lib/install/install.go in cnlh nps through 0.23.2 uses 0777 permissions for /usr/local/bin/nps and/or /usr/bin/nps, leading to a file overwrite by a local user...

5.5CVSS6.6AI score
Exploits0References2
Prion
Prion
added 2019/08/16 3:15 p.m.16 views

Design/Logic Flaw

lib/install/install.go in cnlh nps through 0.23.2 uses 0777 permissions for /usr/local/bin/nps and/or /usr/bin/nps, leading to a file overwrite by a local user...

5.8CVSS5.4AI score0.00955EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2019/08/16 2:2 p.m.163 views

CVE-2019-15119

CVE-2019-15119 affects cnlh/nps prior to 0.23.2 where install.go sets 0777 on /usr/local/bin/nps and/or /usr/bin/nps, enabling a local user to overwrite the file. Connected records corroborate the issue details (world-writable binaries and local overwrite risk). Exploitation details, affected ver...

5.8CVSS5.3AI score0.00955EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2019/08/16 2:2 p.m.27 views

CVE-2019-15119

lib/install/install.go in cnlh nps through 0.23.2 uses 0777 permissions for /usr/local/bin/nps and/or /usr/bin/nps, leading to a file overwrite by a local user...

5.4AI score0.00955EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2019/08/16 12:0 a.m.18 views

openSUSE: Security Advisory for nodejs8 (openSUSE-SU-2019:1907-1)

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.5CVSS7.7AI score0.02781EPSS
Exploits0References2
CVE
CVE
added 2019/08/15 6:58 p.m.124 views

CVE-2019-3974

CVE-2019-3974 affects Tenable Nessus on Windows (versions 8.5.2 and earlier). The issue allows arbitrary overwriting of certain system files, potentially causing a denial-of-service condition. Root cause: file overwrite flaw in Nessus’ Windows file handling. Affected product/version per sources: ...

8.5CVSS7.9AI score0.01818EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2019/08/15 9:43 a.m.4 views

OPENSUSE-SU-2019:1907-1 Security update for nodejs8

This update for nodejs8 fixes the following issues: Security issue fixed: - CVE-2019-13173: Fixed a potential file overwrite via hardlink in fstream.DirWriter bsc1140290. Non-security issue fixed: - Backported fixes for OpenSSL 1.1.1 from nodejs8 bsc1134209. This update was imported from the...

7.5CVSS7.4AI score0.02781EPSS
Exploits0References4
OPENSUSE Linux
OPENSUSE Linux
added 2019/08/15 12:0 a.m.63 views

Security update for icedtea-web (important)

openSUSE Security Update: Security update for icedtea-web Announcement ID: openSUSE-SU-2019:1911-1 Rating: important References: 1142825 1142832 1142835 Cross-References: CVE-2019-10181 CVE-2019-10182 CVE-2019-10185 Affected Products: openSUSE Leap 15.0 An update that fixes three vulnerabilities ...

8.6CVSS8.2AI score0.04022EPSS
Exploits0References3
OPENSUSE Linux
OPENSUSE Linux
added 2019/08/15 12:0 a.m.56 views

Security update for nodejs8 (important)

openSUSE Security Update: Security update for nodejs8 Announcement ID: openSUSE-SU-2019:1907-1 Rating: important References: 1134209 1140290 Cross-References: CVE-2019-13173 Affected Products: openSUSE Leap 15.1 openSUSE Leap 15.0 An update that solves one vulnerability and has one errata is now...

7.5CVSS7.5AI score0.02781EPSS
Exploits0References2
CNVD
CNVD
added 2019/08/14 12:0 a.m.2 views

Tenable Network Security Nessus Access Control Error Vulnerability

Tenable Network Security Nessus is an open source system vulnerability scanner from Tenable Network Security, USA. An Access Control Error vulnerability exists in versions 8.5.2 and earlier of Tenable Network Security Nessus for Windows-based platforms, which can be exploited by an attacker to...

8.5CVSS6.7AI score0.01818EPSS
Exploits0References1
Tenable Product Security Advisories
Tenable Product Security Advisories
added 2019/08/13 9:25 p.m.64 views

[R1] Nessus 8.6.0 Fixes One Vulnerability

Nessus versions 8.5.2 and earlier on Windows platforms were found to contain a flaw where certain files could be overwritten arbitrarily. An authenticated, remote attacker could potentially exploit this vulnerability to create a denial of service condition...

6.8AI score
Exploits0
OSV
OSV
added 2019/08/12 4:13 p.m.4 views

OPENSUSE-SU-2019:1846-1 Security update for nodejs10

This update for nodejs10 to version 10.16.0 fixes the following issues: Security issue fixed: - CVE-2019-13173: Fixed a potential file overwrite via hardlink in fstream.DirWriter bsc1140290. Non-security issue fixed: - Update to new upstream LTS version 10.16.0, including npm version 6.9.0 and...

7.5CVSS7.6AI score0.02781EPSS
Exploits0References4
Hacker One
Hacker One
added 2019/08/12 7:29 a.m.18 views

Mail.ru: Avatar upload allows arbitrary file overwriting

Directory traversal via filename extension for avatar upload allowed to overwrite arbitrary files in S3-compatible bucket for static files in pandao.ru. Pandao.ru belongs to extended scope...

4.6AI score
Exploits0
OPENSUSE Linux
OPENSUSE Linux
added 2019/08/12 12:0 a.m.64 views

Security update for nodejs10 (important)

openSUSE Security Update: Security update for nodejs10 Announcement ID: openSUSE-SU-2019:1846-1 Rating: important References: 1134208 1140290 Cross-References: CVE-2019-13173 Affected Products: openSUSE Leap 15.1 An update that solves one vulnerability and has one errata is now available...

7.5CVSS7.7AI score0.02781EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2019/08/12 12:0 a.m.47 views

RHEL 8 : icedtea-web (RHSA-2019:2004)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:2004 advisory. The IcedTea-Web project provides a Java web browser plug-in and an implementation of Java Web Start, which is based on the Netx project. It...

8.6CVSS7.6AI score0.04022EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2019/08/12 12:0 a.m.24 views

SUSE SLES12 Security Update : nodejs10 (SUSE-SU-2019:2099-1)

This update for nodejs10 to version 10.16.0 fixes the following issues : Security issue fixed : CVE-2019-13173: Fixed a potential file overwrite via hardlink in fstream.DirWriter bsc1140290. Non-security issue fixed: Update to new upstream LTS version 10.16.0, including npm version 6.9.0 and...

7.5CVSS7.9AI score0.02781EPSS
Exploits0References5
Rows per page
Query Builder