Lucene search
+L

4 matches found

OpenVAS
OpenVAS
added 2019/07/29 12:0 a.m.64 views

Fedora Update for dtkcore FEDORA-2019-3d418f349c

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7CVSS5.6AI score0.00443EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2019/07/29 12:0 a.m.33 views

Fedora 30 : deepin-clone / dtkcore / dtkwidget (2019-3d418f349c)

Security fix for CVE-2019-13228, CVE-2019-13229, CVE-2019-13227, CVE-2019-13226. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without...

7CVSS5.6AI score0.00443EPSS
Exploits0References5
NVD
NVD
added 2019/07/04 12:15 p.m.22 views

CVE-2019-13228

deepin-clone before 1.1.3 uses a fixed path /tmp/repo.iso in the BootDoctor::fix function to download an ISO file, and follows symlinks there. An unprivileged user can prepare a symlink attack there to create or overwrite files in arbitrary file system locations. The content is not attacker...

6.6CVSS5.5AI score0.00386EPSS
Exploits0References4
CVE
CVE
added 2019/07/04 11:33 a.m.51 views

CVE-2019-13228

Per the provided documents, CVE-2019-13228 affects the Deepin tool deepin-clone prior to version 1.1.3, which uses a fixed path /tmp/repo.iso in BootDoctor::fix() and follows symlinks. This enables a local attacker to leverage a symlink race to replace /tmp/repo.iso with an attacker-controlled IS...

6.6CVSS5.6AI score0.00386EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder