23 matches found
CVE-2025-68462
Freedombox before 25.17.1 does not set proper permissions for the backups-data directory, allowing the reading of dump files of databases...
EUVD-2025-204034
Freedombox before 25.17.1 does not set proper permissions for the backups-data directory, allowing the reading of dump files of databases...
CVE-2025-68462
Freedombox before 25.17.1 does not set proper permissions for the backups-data directory, allowing the reading of dump files of databases...
CVE-2025-68462
Freedombox before 25.17.1 does not set proper permissions for the backups-data directory, allowing the reading of dump files of databases...
UBUNTU-CVE-2025-68462
Freedombox before 25.17.1 does not set proper permissions for the backups-data directory, allowing the reading of dump files of databases...
CVE-2025-68462
Freedombox before 25.17.1 does not set proper permissions for the backups-data directory, allowing the reading of dump files of databases...
CVE-2025-68462
CVE-2025-68462 affects Freedombox prior to 25.17.1. The vulnerability arises from improper permissions on the backups-data directory, which can allow reading of database dump files stored there. The CVSS baseline indicates a local attack with high complexity and no privileges required, yielding a...
Freedombox 安全漏洞
Freedombox is a Debian-based freeware home server operating system. A security vulnerability exists in Freedombox versions prior to 25.17.1 that stems from improperly set permissions on the backup data directory, which could result in database dump files being read...
Linux Distros Unpatched Vulnerability : CVE-2025-68462
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Freedombox before 25.17.1 does not set proper permissions for the backups-data directory, allowing the reading of dump files of databases. CVE-2025-68462 Note...
PT-2025-51993
Name of the Vulnerable Software and Affected Versions Freedombox versions prior to 25.17.1 Description Freedombox versions prior to 25.17.1 do not establish appropriate permissions for the backups-data directory. This allows unauthorized access to database dump files. Recommendations Update to...
EUVD-2020-17766
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2020-25073
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - FreedomBox through 20.13 allows remote attackers to obtain sensitive information from the /server-status page of the Apache HTTP Server, because a connection fr...
CVE-2020-25073
FreedomBox through 20.13 allows remote attackers to obtain sensitive information from the /server-status page of the Apache HTTP Server, because a connection from the Tor onion service or from PageKite is considered a local connection. This affects both the freedombox and plinth packages of some...
CVE-2020-25073
FreedomBox through 20.13 allows remote attackers to obtain sensitive information from the /server-status page of the Apache HTTP Server, because a connection from the Tor onion service or from PageKite is considered a local connection. This affects both the freedombox and plinth packages of some...
CVE-2020-25073
FreedomBox through 20.13 allows remote attackers to obtain sensitive information from the /server-status page of the Apache HTTP Server, because a connection from the Tor onion service or from PageKite is considered a local connection. This affects both the freedombox and plinth packages of some...
CVE-2020-25073
FreedomBox through 20.13 allows remote attackers to obtain sensitive information from the /server-status page of the Apache HTTP Server, because a connection from the Tor onion service or from PageKite is considered a local connection. This affects both the freedombox and plinth packages of some...
UBUNTU-CVE-2020-25073
FreedomBox through 20.13 allows remote attackers to obtain sensitive information from the /server-status page of the Apache HTTP Server, because a connection from the Tor onion service or from PageKite is considered a local connection. This affects both the freedombox and plinth packages of some...
Code injection
FreedomBox through 20.13 allows remote attackers to obtain sensitive information from the /server-status page of the Apache HTTP Server, because a connection from the Tor onion service or from PageKite is considered a local connection. This affects both the freedombox and plinth packages of some...
CVE-2020-25073
Removed by vendor...
CVE-2020-25073
FreedomBox through 20.13 allows remote attackers to obtain sensitive information from the /server-status page of the Apache HTTP Server, because a connection from the Tor onion service or from PageKite is considered a local connection. This affects both the freedombox and plinth packages of some...