25 matches found
EUVD-2012-2284
Malware in sbrugna...
CVE-2012-2291
EMC Avamar Client 4.x, 5.x, and 6.x on HP-UX and Mac OS X, and the EMC Avamar plugin 4.x, 5.x, and 6.x for Oracle, uses world-writable permissions for cache directories, which allows local users to gain privileges via an unspecified symlink attack...
workflow-cps-global-lib: Sandbox bypass vulnerability
A flaw was found in Jenkins. The Pipeline: Shared Groovy Libraries plugin uses the names of Pipeline libraries to create cache directories without any sanitization. This flaw allows attackers with item/configure permission to execute arbitrary code in the context of the Jenkins controller JVM,...
CVE-2022-25183
Jenkins Pipeline: Shared Groovy Libraries Plugin 552.vd9cc05b8a2e1 and earlier uses the names of Pipeline libraries to create cache directories without any sanitization, allowing attackers with Item/Configure permission to execute arbitrary code in the context of the Jenkins controller JVM using...
CVE-2022-25183
Jenkins Pipeline: Shared Groovy Libraries Plugin 552.vd9cc05b8a2e1 and earlier uses the names of Pipeline libraries to create cache directories without any sanitization, allowing attackers with Item/Configure permission to execute arbitrary code in the context of the Jenkins controller JVM using...
CVE-2022-25183
Jenkins Pipeline: Shared Groovy Libraries Plugin 552.vd9cc05b8a2e1 and earlier uses the names of Pipeline libraries to create cache directories without any sanitization, allowing attackers with Item/Configure permission to execute arbitrary code in the context of the Jenkins controller JVM using...
CVE-2021-23827
Keybase Desktop Client before 5.6.0 on Windows and macOS, and before 5.6.1 on Linux, allows an attacker to obtain potentially sensitive media such as private pictures in the Cache and uploadtemps directories. It fails to effectively clear cached pictures, even after deletion via normal methodolog...
Privilege Escalation And Arbitrary Code Execution
doctrine/phpcr-odm is vulnerable to privilege escalation and arbitrary code execution. The vulnerability exists due to incorrect writable permissions in cache directories, allowing local attackers to escalate privileges and/or execute arbitrary code...
Security update for texlive-filesystem (moderate)
openSUSE Security Update: Security update for texlive-filesystem Announcement ID: openSUSE-SU-2020:0368-1 Rating: moderate References: 1150556 1155381 1158910 1159740 Affected Products: openSUSE Leap 15.1 An update that contains security fixes can now be installed. Description: This update for...
OPENSUSE-SU-2020:0057-1 Security update for singularity
This update for singularity fixes the following issues: - CVE-2019-19724: Fixed incorrect file permissions on user configuration and cache directories boo1159550...
Design/Logic Flaw
The Subscription Manager package aka subscription-manager before 1.17.7-1 for Candlepin uses weak permissions 755 for subscription-manager cache directories, which allows local users to obtain sensitive information by reading files in the directories...
CVE-2016-4455
The Subscription Manager package aka subscription-manager before 1.17.7-1 for Candlepin uses weak permissions 755 for subscription-manager cache directories, which allows local users to obtain sensitive information by reading files in the directories...
CVE-2016-4455
The Subscription Manager package aka subscription-manager before 1.17.7-1 for Candlepin uses weak permissions 755 for subscription-manager cache directories, which allows local users to obtain sensitive information by reading files in the directories...
CVE-2016-4455
The Subscription Manager package aka subscription-manager before 1.17.7-1 for Candlepin uses weak permissions 755 for subscription-manager cache directories, which allows local users to obtain sensitive information by reading files in the directories...
DEBIAN-CVE-2015-5723
Doctrine Annotations before 1.2.7, Cache before 1.3.2 and 1.4.x before 1.4.2, Common before 2.4.3 and 2.5.x before 2.5.1, ORM before 2.4.8 or 2.5.x before 2.5.1, MongoDB ODM before 1.0.2, and MongoDB ODM Bundle before 3.0.1 use world-writable permissions for cache directories, which allows local...
CVE-2015-5723
Doctrine Annotations before 1.2.7, Cache before 1.3.2 and 1.4.x before 1.4.2, Common before 2.4.3 and 2.5.x before 2.5.1, ORM before 2.4.8 or 2.5.x before 2.5.1, MongoDB ODM before 1.0.2, and MongoDB ODM Bundle before 3.0.1 use world-writable permissions for cache directories, which allows local...
CVE-2015-5723
Doctrine Annotations before 1.2.7, Cache before 1.3.2 and 1.4.x before 1.4.2, Common before 2.4.3 and 2.5.x before 2.5.1, ORM before 2.4.8 or 2.5.x before 2.5.1, MongoDB ODM before 1.0.2, and MongoDB ODM Bundle before 3.0.1 use world-writable permissions for cache directories, which allows local...
CVE-2015-5723
CVE-2015-5723 affects multiple Doctrine projects (Annotations <1.2.7; Cache <1.3.2 and 1.4.x <1.4.2; Common <2.4.3 and 2.5.x <2.5.1; ORM <2.4.8 or 2.5.x <2.5.1; MongoDB ODM <1.0.2; MongoDB ODM Bundle
CVE-2015-5723
Doctrine Annotations before 1.2.7, Cache before 1.3.2 and 1.4.x before 1.4.2, Common before 2.4.3 and 2.5.x before 2.5.1, ORM before 2.4.8 or 2.5.x before 2.5.1, MongoDB ODM before 1.0.2, and MongoDB ODM Bundle before 3.0.1 use world-writable permissions for cache directories, which allows local...
CVE-2015-5723
Doctrine Annotations before 1.2.7, Cache before 1.3.2 and 1.4.x before 1.4.2, Common before 2.4.3 and 2.5.x before 2.5.1, ORM before 2.4.8 or 2.5.x before 2.5.1, MongoDB ODM before 1.0.2, and MongoDB ODM Bundle before 3.0.1 use world-writable permissions for cache directories, which allows local...