CVE-2026-45246

Summarize prior to 0.15.1 contains an insecure file permission vulnerability in the refresh-free configuration rewrite path that allows local users to read sensitive credentials by exploiting default filesystem permissions. When the refresh-free path rewrites the configuration file, it creates th...

CVE-2026-32810

Halloy is an IRC application written in Rust. In versions on \nix and macOS prior to commit f180e41061db393acf65bc99f5c5e7397586d9cb, halloy creates its config directory and files using default umask permissions, which typically results in 0644 on files and 0755 on directories. This allows any...

SUSE CVE-2026-32810

Halloy is an IRC application written in Rust. In versions on \nix and macOS prior to commit f180e41061db393acf65bc99f5c5e7397586d9cb, halloy creates its config directory and files using default umask permissions, which typically results in 0644 on files and 0755 on directories. This allows any...

CVE-2026-32810 Halloy has insecure file permissions on credential files

Halloy is an IRC application written in Rust. In versions on \nix and macOS prior to commit f180e41061db393acf65bc99f5c5e7397586d9cb, halloy creates its config directory and files using default umask permissions, which typically results in 0644 on files and 0755 on directories. This allows any...

EUVD-2001-1303

Malware in sbrugna...

SUSE SLES12 Security Update : mariadb (SUSE-SU-2017:1311-1)

This update for mariadb fixes the following issues : - update to MariaDB 10.0.30 GA - notable changes : - XtraDB updated to 5.6.35-80.0 - TokuDB updated to 5.6.35-80.0 - PCRE updated to 8.40 - MDEV-11027: better InnoDB crash recovery progress reporting - MDEV-11520: improvements to how InnoDB dat...

SUSE-SU-2017:1137-1 Security update for mysql

This update for mysql to version 5.5.55 fixes the following issues: These security issues were fixed: - CVE-2017-3308: Unspecified vulnerability in Server: DML bsc1034850 - CVE-2017-3309: Unspecified vulnerability in Server: Optimizer bsc1034850 - CVE-2017-3329: Unspecified vulnerability in Serve...

SUSE-SU-2017:0998-1 Security update for bind

This update for bind fixes the following issues: CVE-2017-3137 bsc1033467: Mistaken assumptions about the ordering of records in the answer section of a response containing CNAME or DNAME resource records could have been exploited to cause a denial of service of a bind server performing recursion...

GLSA-200409-08 : Ruby: CGI::Session creates files insecurely

The remote host is affected by the vulnerability described in GLSA-200409-08 Ruby: CGI::Session creates files insecurely The CGI::Session::FileStore implementation and presumably CGI::Session::PStore, which allow data associated with a particular Session instance to be written to a file, writes t...

Mandrake Linux Security Advisory : xinetd (MDKSA-2001:055-1)

A bug exists in xinetd as shipped with Mandrake Linux 8.0 dealing with TCP connections with the WAIT state that prevents linuxconf-web from working properly. As well, xinetd contains a security flaw in which it defaults to a umask of 0. This means that applications using the xinetd umask that do...

CVE-2001-1322

xinetd 2.1.8 and earlier runs with a default umask of 0, which could allow local users to read or modify files that are created by an application that runs under xinetd but does not set its own safe umask...

CVE-2001-0859

2.4.3-12 kernel in Red Hat Linux 7.1 Korean installation program sets the setting default umask for init to 000, which installs files with world-writeable permissions...