Lucene search
K

20 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2025/04/29 2:13 a.m.251 views

Security Bulletin: Cloud Pak for Security uses packages that are vulnerable to multiple CVEs

Summary Cloud Pak for Security CP4S v1.8.1.0 and earlier uses packages that are vulnerable to several CVEs. These have been remediated in the latest product release. Please see below for CVE details and the Remediation section for upgrade instructions. Vulnerability Details CVEID:CVE-2015-8985...

9.3CVSS9.9AI score0.03896EPSS
Exploits6Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2017-18018

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In GNU Coreutils through 8.29, chown-core.c in chown and chgrp does not prevent replacement of a plain file with a symlink during use of the POSIX -R -L options...

7.1CVSS5.7AI score0.00348EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2024/06/03 12:0 a.m.25 views

RHEL 7 : coreutils (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - coreutils: memory corruption flaw in parsedatetime CVE-2014-9471 - coreutils: Non-privileged session can...

6.5CVSS6.6AI score0.07087EPSS
Exploits2References3
Tenable Nessus
Tenable Nessus
added 2024/05/11 12:0 a.m.20 views

RHEL 4 : coreutils (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 4 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - coreutils: race condition vulnerability in chown and chgrp CVE-2017-18018 Note that Nessus has not tested for this...

7.3AI score0.00348EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2024/05/11 12:0 a.m.30 views

RHEL 7 : coreutils (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - coreutils: Non-privileged session can escape to the parent session in chroot CVE-2016-2781 - In GNU...

5.8AI score0.00428EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.13 views

Mageia: Security Advisory (MGASA-2019-0022)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS5.3AI score0.02515EPSS
Exploits2References6
Tenable Nessus
Tenable Nessus
added 2020/04/16 12:0 a.m.36 views

EulerOS Virtualization 3.0.2.2 : coreutils (EulerOS-SA-2020-1484)

According to the version of the coreutils package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - In GNU Coreutils through 8.29, chown-core.c in chown and chgrp does not prevent replacement of a plain file with a symlink during...

7.1CVSS5.8AI score0.00348EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2020/04/16 12:0 a.m.14 views

Huawei EulerOS: Security Advisory for coreutils (EulerOS-SA-2020-1484)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.1CVSS5.2AI score0.00348EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2020/03/13 12:0 a.m.49 views

Huawei EulerOS: Security Advisory for coreutils (EulerOS-SA-2020-1194)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.1CVSS5.2AI score0.00348EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2020/03/13 12:0 a.m.29 views

EulerOS Virtualization for ARM 64 3.0.2.0 : coreutils (EulerOS-SA-2020-1194)

According to the version of the coreutils package installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerability : - In GNU Coreutils through 8.29, chown-core.c in chown and chgrp does not prevent replacement of a plain file with a...

7.1CVSS5.8AI score0.00348EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.24 views

Huawei EulerOS: Security Advisory for coreutils (EulerOS-SA-2019-2134)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.1CVSS5.2AI score0.00348EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.14 views

Huawei EulerOS: Security Advisory for coreutils (EulerOS-SA-2019-2563)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.1CVSS5.2AI score0.00348EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.19 views

Huawei EulerOS: Security Advisory for coreutils (EulerOS-SA-2019-2333)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.1CVSS5.2AI score0.00348EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2019/12/19 12:0 a.m.41 views

EulerOS 2.0 SP3 : coreutils (EulerOS-SA-2019-2563)

According to the version of the coreutils package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - In GNU Coreutils through 8.29, chown-core.c in chown and chgrp does not prevent replacement of a plain file with a symlink during use of the POSI...

7.1CVSS5.9AI score0.00348EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2019/12/10 12:0 a.m.26 views

EulerOS 2.0 SP2 : coreutils (EulerOS-SA-2019-2417)

According to the version of the coreutils package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - In GNU Coreutils through 8.29, chown-core.c in chown and chgrp does not prevent replacement of a plain file with a symlink during use of the POSI...

7.1CVSS5.9AI score0.00348EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2019/11/12 12:0 a.m.26 views

EulerOS 2.0 SP5 : coreutils (EulerOS-SA-2019-2134)

According to the version of the coreutils package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - In GNU Coreutils through 8.29, chown-core.c in chown and chgrp does not prevent replacement of a plain file with a symlink during use of the POSI...

7.1CVSS5.9AI score0.00348EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2018/01/31 12:0 a.m.22 views

Fedora 27 : coreutils (2018-669520d2ba)

doc: warn about following symlinks recursively in chown/chgrp CVE-2017-18018 - mv -n: do not overwrite the destination - mv -n: provide more reliable diagnostic messages Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system...

7.1CVSS5.6AI score0.00348EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2018/01/04 4:0 a.m.2 views

CVE-2017-18018

In GNU Coreutils through 8.29, chown-core.c in chown and chgrp does not prevent replacement of a plain file with a symlink during use of the POSIX "-R -L" options, which allows local users to modify the ownership of arbitrary files by leveraging a race condition...

4.8AI score0.00348EPSS
Exploits1References1
CVE
CVE
added 2018/01/04 4:0 a.m.107 views

CVE-2017-18018

CVE-2017-18018 affects GNU Coreutils up to version 8.29, where chown-core.c in chown/chgrp fails to prevent replacing a plain file with a symlink when using POSIX -R -L, enabling a local user to modify ownership of arbitrary files via a race. IBM/CP4S remediation applies: Cloud Pak for Security i...

7.1CVSS4.6AI score0.00348EPSS
Exploits1References1Affected Software1
Debian CVE
Debian CVE
added 2018/01/04 4:0 a.m.76 views

CVE-2017-18018

In GNU Coreutils through 8.29, chown-core.c in chown and chgrp does not prevent replacement of a plain file with a symlink during use of the POSIX "-R -L" options, which allows local users to modify the ownership of arbitrary files by leveraging a race condition...

7.1CVSS5AI score0.00348EPSS
Exploits1
Rows per page
Query Builder