452 matches found
nano: running `chmod` and `chown` on the filename allows malicious user to replace the emergency file with a malicious symlink to a root-owned file
A vulnerability was found in GNU Nano that allows a possible privilege escalation through an insecure temporary file. If Nano is killed while editing, a file it saves to an emergency file with the permissions of the running user provides a window of opportunity for attackers to escalate privilege...
USN-7064-2 nano vulnerability
USN-7064-1 fixed a vulnerability in nano. This update provides the corresponding update for Ubuntu 14.04 LTS. Original advisory details: It was discovered that nano allowed a possible privilege escalation through an insecure temporary file. If nano was killed while editing, the permissions grante...
Fortinet FortiClient Insecure Temporary File (CWE-377) vulnerability (FG-IR-20-040)
The version of FortiClient installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-20-040 advisory. - An Insecure Temporary File vulnerability in FortiClient for Windows 6.2.1 and below may allow a local user to gain elevat...
CVE-2024-10372
A vulnerability classified as problematic was found in chidiwilliams buzz 1.1.0. This vulnerability affects the function downloadmodel of the file buzz/modelloader.py. The manipulation leads to insecure temporary file. It is possible to launch the attack on the local host. The complexity of an...
CVE-2024-10372
CVE-2024-10372 — chidiwilliams buzz 1.1.0 is affected through the function download_model in buzz/model_loader.py, where misuse creates an insecure temporary file. Attacks can be launched locally with high attack complexity and minimal privileges, and the vulnerability has been publicly disclosed...
Buzz 安全漏洞
Buzz is a tool by the individual developer Chidi Williams. It is used to transcribe and translate audio offline on a personal computer. A security vulnerability exists in Buzz version 1.1.0, which stems from a function downloadmodel in the file buzz/modelloader.py that results in an insecure...
PT-2024-16226 · Unknown · Chidiwilliams Buzz
Name of the Vulnerable Software and Affected Versions: chidiwilliams buzz version 1.1.0 Description: A problematic vulnerability was found in the download model function of the buzz/model loader.py file. This issue leads to an insecure temporary file and can be exploited locally, with a high...
USN-7064-1 nano vulnerability
It was discovered that nano allowed a possible privilege escalation through an insecure temporary file. If nano was killed while editing, the permissions granted to the emergency save file could be used by an attacker to escalate privileges using a malicious symlink...
Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS : nano vulnerability (USN-7064-1)
The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-7064-1 advisory. It was discovered that nano allowed a possible privilege escalation through an insecure temporary file. If nano wa...
nano: running `chmod` and `chown` on the filename allows malicious user to replace the emergency file with a malicious symlink to a root-owned file
A vulnerability was found in GNU Nano that allows a possible privilege escalation through an insecure temporary file. If Nano is killed while editing, a file it saves to an emergency file with the permissions of the running user provides a window of opportunity for attackers to escalate privilege...
Advisory ROSA-SA-2024-2461
software: grub2 2.06 WASP: ROSA-CHROME packageevrstring: grub2-2.06-20 CVE-ID: CVE-2022-2601 BDU-ID: 2022-06819 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the grubfontconstructglyph function of the Grub2 operating systems loader is related to an operation exceeding buffer boundaries in memory...
Updated nano packages fix security vulnerability
A vulnerability was found in GNU Nano that allows a possible privilege escalation through an insecure temporary file. If Nano is killed while editing, a file it saves to an emergency file with the permissions of the running user provides a window of opportunity for attackers to escalate privilege...
AZL-42612 CVE-2024-5742 affecting package nano for versions less than 6.4-2
A vulnerability was found in GNU Nano that allows a possible privilege escalation through an insecure temporary file. If Nano is killed while editing, a file it saves to an emergency file with the permissions of the running user provides a window of opportunity for attackers to escalate privilege...
AZL-42619 CVE-2024-5742 affecting package nano for versions less than 6.0-3
A vulnerability was found in GNU Nano that allows a possible privilege escalation through an insecure temporary file. If Nano is killed while editing, a file it saves to an emergency file with the permissions of the running user provides a window of opportunity for attackers to escalate privilege...
CVE-2024-5742
A vulnerability was found in GNU Nano that allows a possible privilege escalation through an insecure temporary file. If Nano is killed while editing, a file it saves to an emergency file with the permissions of the running user provides a window of opportunity for attackers to escalate privilege...
DEBIAN-CVE-2024-5742
A vulnerability was found in GNU Nano that allows a possible privilege escalation through an insecure temporary file. If Nano is killed while editing, a file it saves to an emergency file with the permissions of the running user provides a window of opportunity for attackers to escalate privilege...
CVE-2024-5742 Nano: running `chmod` and `chown` on the filename allows malicious user to replace the emergency file with a malicious symlink to a root-owned file
A vulnerability was found in GNU Nano that allows a possible privilege escalation through an insecure temporary file. If Nano is killed while editing, a file it saves to an emergency file with the permissions of the running user provides a window of opportunity for attackers to escalate privilege...
CVE-2024-5742 Nano: running `chmod` and `chown` on the filename allows malicious user to replace the emergency file with a malicious symlink to a root-owned file
A vulnerability was found in GNU Nano that allows a possible privilege escalation through an insecure temporary file. If Nano is killed while editing, a file it saves to an emergency file with the permissions of the running user provides a window of opportunity for attackers to escalate privilege...
RHEL 5 : iproute (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - iproute: multiple insecure temporary file use issues CVE-2012-1088 Note that Nessus has not tested for this issue b...
RHEL 4 : foomatic (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 4 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - foomatic: foomatic-rip debug mode insecure temporary file use in renderer command line by processing...