Lucene search
K

7 matches found

Tenable Nessus
Tenable Nessus
added 2020/03/31 12:0 a.m.50 views

Ubuntu 19.10 : Timeshift vulnerability (USN-4312-1)

Matthias Gerstner discovered that Timeshift did not securely create temporary files. An attacker could exploit a race condition in Timeshift and potentially execute arbitrary commands as root. Note that Tenable Network Security has extracted the preceding description block directly from the Ubunt...

7CVSS7.3AI score0.0028EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2020/03/25 12:0 a.m.25 views

Fedora 30 : timeshift (2020-1050d60507)

Security fix for CVE-2020-10174 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. C Tenable Network...

7CVSS6.9AI score0.0028EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2020/03/24 12:0 a.m.29 views

Fedora 31 : timeshift (2020-6b3ae09449)

Security fix for CVE-2020-10174 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. C Tenable Network...

7CVSS6.9AI score0.0028EPSS
Exploits0References2
OSV
OSV
added 2020/03/05 4:15 p.m.20 views

CVE-2020-10174

inittmp in TeeJee.FileSystem.vala in Timeshift before 20.03 unsafely reuses a preexisting temporary directory in the predictable location /tmp/timeshift. It follows symlinks in this location or uses directories owned by unprivileged users. Because Timeshift also executes scripts under this...

7CVSS6.5AI score
Exploits0References8
Cvelist
Cvelist
added 2020/03/05 3:28 p.m.32 views

CVE-2020-10174

inittmp in TeeJee.FileSystem.vala in Timeshift before 20.03 unsafely reuses a preexisting temporary directory in the predictable location /tmp/timeshift. It follows symlinks in this location or uses directories owned by unprivileged users. Because Timeshift also executes scripts under this...

6.6AI score0.0028EPSS
Exploits0References8
CVE
CVE
added 2020/03/05 3:28 p.m.77 views

CVE-2020-10174

CVE-2020-10174 affects Timeshift prior to 20.03, where init_tmp reuses a preexisting /tmp/timeshift directory and may follow symlinks or use directories owned by unprivileged users. The resulting race condition can allow an attacker to replace Timeshift-created scripts with attacker-controlled sc...

7CVSS6.5AI score0.0028EPSS
Exploits0References8Affected Software1
Debian CVE
Debian CVE
added 2020/03/05 3:28 p.m.18 views

CVE-2020-10174

inittmp in TeeJee.FileSystem.vala in Timeshift before 20.03 unsafely reuses a preexisting temporary directory in the predictable location /tmp/timeshift. It follows symlinks in this location or uses directories owned by unprivileged users. Because Timeshift also executes scripts under this...

7CVSS6.7AI score0.0028EPSS
Exploits0
Rows per page
Query Builder