81 matches found
RHEL 6 : chromium-browser (RHSA-2018:2282)
The remote Redhat Enterprise Linux 6 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2018:2282 advisory. Chromium is an open-source web browser, powered by WebKit Blink. This update upgrades Chromium to version 68.0.3440.75. Security Fixes:...
FreeBSD : chromium -- multiple vulnerabilities (b9c525d9-9198-11e8-beba-080027ef1a23)
Google Chrome Releases reports : 42 security fixes in this release, including : - 850350 High CVE-2018-6153: Stack buffer overflow in Skia. Reported by Zhen Zhou of NSFOCUS Security Team on 2018-06-07 - 848914 High CVE-2018-6154: Heap buffer overflow in WebGL. Reported by Omair on 2018-06-01 -...
chromium -- multiple vulnerabilities
Google Chrome Releases reports: 42 security fixes in this release, including: 850350 High CVE-2018-6153: Stack buffer overflow in Skia. Reported by Zhen Zhou of NSFOCUS Security Team on 2018-06-07 848914 High CVE-2018-6154: Heap buffer overflow in WebGL. Reported by Omair on 2018-06-01 842265 Hig...
CVE-2014-2312
The main function in androidmain.cpp in thermald allows local users to write to arbitrary files via a symlink attack on /tmp/thermald.pid...
CVE-2014-1858
init.py in f2py in NumPy before 1.8.1 allows local users to write to arbitrary files via a symlink attack on a temporary file...
CVE-2015-5700
mktexlsr revision 22855 through revision 36625 as packaged in texlive allows local users to write to arbitrary files via a symlink attack...
CVE-2015-8697
stalin 0.11-5 allows local users to write to arbitrary files...
CVE-2015-8697
CVE-2015-8697 affects the stalin package, version 0.11-5. The available connected documents confirm that local users can write to arbitrary files due to this vulnerability. The provided material does not include root cause details, specific patches, or remediation steps. No exploit status or in-t...
CVE-2016-6089
IBM WebSphere MQ 9.0.0.1 and 9.0.2 could allow a local user to write to a file or delete files in a directory they should not have access to due to improper access controls. IBM X-Force ID: 117926...
MGASA-2017-0101 Updated munin packages fix security vulnerability
Stevie Trujillo discovered a local file write vulnerability in munin, a network-wide graphing framework, when CGI graphs are enabled. GET parameters are not properly handled, allowing to inject options into munin-cgi-graph and overwriting any file accessible by the user running the cgi-process...
Security update for munin (important)
This update for munin fixes the following issues: - An attacker has been able to write arbitrary local files with the permissions of the web server, by using parameter injection boo1026539, CVE-2017-6188 - The MySQL plugin has been fixed to work correctly against MySQL 5.5 on Leap 42.1...
[SECURITY] [DSA 3794-3] munin regression update
------------------------------------------------------------------------- Debian Security Advisory DSA-3794-3 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso March 03, 2017 https://www.debian.org/security/faq -...
[SECURITY] [DSA 3794-3] munin regression update
------------------------------------------------------------------------- Debian Security Advisory DSA-3794-3 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso March 03, 2017 https://www.debian.org/security/faq -...
Debian DSA-3794-1 : munin - security update
Stevie Trujillo discovered a local file write vulnerability in munin, a network-wide graphing framework, when CGI graphs are enabled. GET parameters are not properly handled, allowing to inject options into munin-cgi-graph and overwriting any file accessible by the user running the cgi-process...
[SECURITY] [DSA 3794-1] munin security update
------------------------------------------------------------------------- Debian Security Advisory DSA-3794-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso February 25, 2017 https://www.debian.org/security/faq -...
Munin Local File Write Vulnerability
Munin is a set of network resource monitoring tools. The tool monitors core system resources including memory, disk, CPU usage, server applications and more. A local file write vulnerability exists in Munin versions prior to 2.999.6. An attacker can exploit the vulnerability by setting multiple...
DEBIAN-CVE-2017-6188
Munin before 2.999.6 has a local file write vulnerability when CGI graphs are enabled. Setting multiple upperlimit GET parameters allows overwriting any file accessible to the www-data user...
CVE-2017-6188
Munin before 2.999.6 has a local file write vulnerability when CGI graphs are enabled. Setting multiple upperlimit GET parameters allows overwriting any file accessible to the www-data user...
CVE-2017-6188
Munin before 2.999.6 has a local file write vulnerability when CGI graphs are enabled. Setting multiple upperlimit GET parameters allows overwriting any file accessible to the www-data user...
UBUNTU-CVE-2017-6188
Munin before 2.999.6 has a local file write vulnerability when CGI graphs are enabled. Setting multiple upperlimit GET parameters allows overwriting any file accessible to the www-data user...