Lucene search
K

22 matches found

OSV
OSV
added 2026/05/07 5:6 a.m.10 views

MGASA-2026-0121 Updated nano packages fix security vulnerabilities

Local attacker can inject malicious .desktop launcher due to insecure directory permissions. CVE-2026-6842 Format string vulnerability leads to denial of service. CVE-2026-6843...

5.5CVSS5.8AI score0.00108EPSS
Exploits0References3
Mageia
Mageia
added 2026/05/07 5:6 a.m.11 views

Updated nano packages fix security vulnerabilities

Local attacker can inject malicious .desktop launcher due to insecure directory permissions. CVE-2026-6842 Format string vulnerability leads to denial of service. CVE-2026-6843...

5.5CVSS5.8AI score0.00108EPSS
Exploits0References2
OSV
OSV
added 2026/05/03 9:56 a.m.7 views

OESA-2026-2160 nano security update

Nano is a tiny GNU editor Security Fixes: A flaw was found in nano. In environments with permissive umask settings, a local attacker can exploit incorrect directory permissions 0777 instead of 0700 for the /.local directory. This allows the attacker to inject a malicious .desktop launcher, which...

5.5CVSS5.7AI score0.00108EPSS
Exploits0References3
Microsoft CVE
Microsoft CVE
added 2026/05/03 8:2 a.m.12 views

Nano: nano: local attacker can inject malicious .desktop launcher due to insecure directory permissions

...

2.5CVSS5.8AI score0.00085EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2026/04/28 1:45 a.m.7 views

SUSE CVE-2026-6842

A flaw was found in nano. In environments with permissive umask settings, a local attacker can exploit incorrect directory permissions 0777 instead of 0700 for the /.local directory. This allows the attacker to inject a malicious .desktop launcher, which could lead to unintended actions or...

2.5CVSS5.3AI score0.00085EPSS
Exploits0References3
EUVD
EUVD
added 2026/04/22 9:31 a.m.4 views

EUVD-2026-24633

A flaw was found in nano. In environments with permissive umask settings, a local attacker can exploit incorrect directory permissions 0777 instead of 0700 for the /.local directory. This allows the attacker to inject a malicious .desktop launcher, which could lead to unintended actions or...

2.5CVSS5.7AI score0.00085EPSS
Exploits0References3
NVD
NVD
added 2026/04/22 8:16 a.m.6 views

CVE-2026-6842

A flaw was found in nano. In environments with permissive umask settings, a local attacker can exploit incorrect directory permissions 0777 instead of 0700 for the /.local directory. This allows the attacker to inject a malicious .desktop launcher, which could lead to unintended actions or...

2.5CVSS0.00085EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/04/22 7:34 a.m.4 views

CVE-2026-6842 Nano: nano: local attacker can inject malicious .desktop launcher due to insecure directory permissions

A flaw was found in nano. In environments with permissive umask settings, a local attacker can exploit incorrect directory permissions 0777 instead of 0700 for the /.local directory. This allows the attacker to inject a malicious .desktop launcher, which could lead to unintended actions or...

2.5CVSS5.7AI score0.00085EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/04/22 7:34 a.m.3 views

CVE-2026-6842

A flaw was found in nano. In environments with permissive umask settings, a local attacker can exploit incorrect directory permissions 0777 instead of 0700 for the /.local directory. This allows the attacker to inject a malicious .desktop launcher, which could lead to unintended actions or...

2.5CVSS5.7AI score0.00085EPSS
Exploits0References3
CVE
CVE
added 2026/04/22 7:34 a.m.15 views

CVE-2026-6842

In Nano, a local attacker can exploit insecure directory permissions in environments with permissive umask settings. Specifically, overly permissive 0777 permissions on ~/.local allow injection of a malicious .desktop launcher, which could trigger unintended actions or information disclosure when...

2.5CVSS5.7AI score0.00085EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/04/22 7:34 a.m.57 views

CVE-2026-6842 Nano: nano: local attacker can inject malicious .desktop launcher due to insecure directory permissions

A flaw was found in nano. In environments with permissive umask settings, a local attacker can exploit incorrect directory permissions 0777 instead of 0700 for the /.local directory. This allows the attacker to inject a malicious .desktop launcher, which could lead to unintended actions or...

2.5CVSS0.00085EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/04/22 7:34 a.m.4 views

CVE-2026-6842

A flaw was found in nano. In environments with permissive umask settings, a local attacker can exploit incorrect directory permissions 0777 instead of 0700 for the /.local directory. This allows the attacker to inject a malicious .desktop launcher, which could lead to unintended actions or...

2.5CVSS5.8AI score0.00085EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/04/22 12:0 a.m.7 views

PT-2026-34267

Name of the Vulnerable Software and Affected Versions nano affected versions not specified Description A flaw exists where incorrect directory permissions are applied to the /.local directory, setting them to 0777 instead of 0700 in environments with permissive umask settings. A local attacker ca...

2.5CVSS5.8AI score0.00085EPSS
Exploits0References26
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2014-4780

Malware in sbrugna...

9.8CVSS9.5AI score0.01191EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2020/01/24 6:35 a.m.22 views

Security Bulletin: Multiple Vulnerabilities Have Been Identified In IBM Security Secret Server

Summary Multiple vulnerabilities identified on IBM Security Secret Server have been addressed in the release 10.7.000059. Vulnerability Details CVEID: CVE-2012-5662 DESCRIPTION: x3270 before 3.3.12ga12 does not verify that the server hostname matches a domain name in the subject's Common Name CN ...

9.8CVSS0.9AI score0.01191EPSS
Exploits0Affected Software1
OpenVAS
OpenVAS
added 2018/04/10 12:0 a.m.31 views

Thycotic Secret Server Credentials Disclosure Vulnerability

The Remote Desktop Launcher in Thycotic Secret Server does not properly cleanup a temporary file that contains an encrypted password once a session has ended. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...

9.8CVSS9.8AI score0.01191EPSS
Exploits0References1
CNVD
CNVD
added 2018/03/14 12:0 a.m.1 views

Thycotic Secret Server Remote Desktop Launcher Remote Desktop Launch Vulnerability

Thycotic Secret Server is a suite of password protection software from Thycotic, Inc. Remote Desktop Launcher is one of the remote desktop launchers. A security vulnerability exists in Remote Desktop Launcher in versions of Thycotic Secret Server prior to 8.6.000010, which stems from the program...

9.8CVSS7.2AI score0.01191EPSS
Exploits0References1
NVD
NVD
added 2018/03/09 8:29 p.m.16 views

CVE-2014-4861

The Remote Desktop Launcher in Thycotic Secret Server before 8.6.000010 does not properly cleanup a temporary file that contains an encrypted password once a session has ended...

9.8CVSS9.6AI score0.01191EPSS
Exploits0References1
Prion
Prion
added 2018/03/09 8:29 p.m.16 views

Default credentials

The Remote Desktop Launcher in Thycotic Secret Server before 8.6.000010 does not properly cleanup a temporary file that contains an encrypted password once a session has ended...

7.5CVSS7.3AI score0.01191EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2018/03/09 8:0 p.m.20 views

CVE-2014-4861

The Remote Desktop Launcher in Thycotic Secret Server before 8.6.000010 does not properly cleanup a temporary file that contains an encrypted password once a session has ended...

9.7AI score0.01191EPSS
Exploits0References1
Rows per page
Query Builder