22 matches found
MGASA-2026-0121 Updated nano packages fix security vulnerabilities
Local attacker can inject malicious .desktop launcher due to insecure directory permissions. CVE-2026-6842 Format string vulnerability leads to denial of service. CVE-2026-6843...
Updated nano packages fix security vulnerabilities
Local attacker can inject malicious .desktop launcher due to insecure directory permissions. CVE-2026-6842 Format string vulnerability leads to denial of service. CVE-2026-6843...
OESA-2026-2160 nano security update
Nano is a tiny GNU editor Security Fixes: A flaw was found in nano. In environments with permissive umask settings, a local attacker can exploit incorrect directory permissions 0777 instead of 0700 for the /.local directory. This allows the attacker to inject a malicious .desktop launcher, which...
Nano: nano: local attacker can inject malicious .desktop launcher due to insecure directory permissions
...
SUSE CVE-2026-6842
A flaw was found in nano. In environments with permissive umask settings, a local attacker can exploit incorrect directory permissions 0777 instead of 0700 for the /.local directory. This allows the attacker to inject a malicious .desktop launcher, which could lead to unintended actions or...
EUVD-2026-24633
A flaw was found in nano. In environments with permissive umask settings, a local attacker can exploit incorrect directory permissions 0777 instead of 0700 for the /.local directory. This allows the attacker to inject a malicious .desktop launcher, which could lead to unintended actions or...
CVE-2026-6842
A flaw was found in nano. In environments with permissive umask settings, a local attacker can exploit incorrect directory permissions 0777 instead of 0700 for the /.local directory. This allows the attacker to inject a malicious .desktop launcher, which could lead to unintended actions or...
CVE-2026-6842 Nano: nano: local attacker can inject malicious .desktop launcher due to insecure directory permissions
A flaw was found in nano. In environments with permissive umask settings, a local attacker can exploit incorrect directory permissions 0777 instead of 0700 for the /.local directory. This allows the attacker to inject a malicious .desktop launcher, which could lead to unintended actions or...
CVE-2026-6842
A flaw was found in nano. In environments with permissive umask settings, a local attacker can exploit incorrect directory permissions 0777 instead of 0700 for the /.local directory. This allows the attacker to inject a malicious .desktop launcher, which could lead to unintended actions or...
CVE-2026-6842
In Nano, a local attacker can exploit insecure directory permissions in environments with permissive umask settings. Specifically, overly permissive 0777 permissions on ~/.local allow injection of a malicious .desktop launcher, which could trigger unintended actions or information disclosure when...
CVE-2026-6842 Nano: nano: local attacker can inject malicious .desktop launcher due to insecure directory permissions
A flaw was found in nano. In environments with permissive umask settings, a local attacker can exploit incorrect directory permissions 0777 instead of 0700 for the /.local directory. This allows the attacker to inject a malicious .desktop launcher, which could lead to unintended actions or...
CVE-2026-6842
A flaw was found in nano. In environments with permissive umask settings, a local attacker can exploit incorrect directory permissions 0777 instead of 0700 for the /.local directory. This allows the attacker to inject a malicious .desktop launcher, which could lead to unintended actions or...
PT-2026-34267
Name of the Vulnerable Software and Affected Versions nano affected versions not specified Description A flaw exists where incorrect directory permissions are applied to the /.local directory, setting them to 0777 instead of 0700 in environments with permissive umask settings. A local attacker ca...
EUVD-2014-4780
Malware in sbrugna...
Security Bulletin: Multiple Vulnerabilities Have Been Identified In IBM Security Secret Server
Summary Multiple vulnerabilities identified on IBM Security Secret Server have been addressed in the release 10.7.000059. Vulnerability Details CVEID: CVE-2012-5662 DESCRIPTION: x3270 before 3.3.12ga12 does not verify that the server hostname matches a domain name in the subject's Common Name CN ...
Thycotic Secret Server Credentials Disclosure Vulnerability
The Remote Desktop Launcher in Thycotic Secret Server does not properly cleanup a temporary file that contains an encrypted password once a session has ended. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the...
Thycotic Secret Server Remote Desktop Launcher Remote Desktop Launch Vulnerability
Thycotic Secret Server is a suite of password protection software from Thycotic, Inc. Remote Desktop Launcher is one of the remote desktop launchers. A security vulnerability exists in Remote Desktop Launcher in versions of Thycotic Secret Server prior to 8.6.000010, which stems from the program...
CVE-2014-4861
The Remote Desktop Launcher in Thycotic Secret Server before 8.6.000010 does not properly cleanup a temporary file that contains an encrypted password once a session has ended...
Default credentials
The Remote Desktop Launcher in Thycotic Secret Server before 8.6.000010 does not properly cleanup a temporary file that contains an encrypted password once a session has ended...
CVE-2014-4861
The Remote Desktop Launcher in Thycotic Secret Server before 8.6.000010 does not properly cleanup a temporary file that contains an encrypted password once a session has ended...