Lucene search
K

4 matches found

Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.4 views

MiracleLinux 9 : nodejs:20 (AXSA:2024-8726:01)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8726:01 advisory. nodejs: Bypass network import restriction via data URL CVE-2024-22020 nodejs: fs.lstat bypasses permission model CVE-2024-22018 nodejs:...

6.5CVSS6.9AI score0.01104EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2024/09/16 12:0 a.m.26 views

Rocky Linux 9 : nodejs:20 (RLSA-2024:5815)

The remote Rocky Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:5815 advisory. nodejs: Bypass network import restriction via data URL CVE-2024-22020 nodejs: fs.lstat bypasses permission model CVE-2024-22018 nodejs: fs.fchown/fchmod...

6.5CVSS6.4AI score0.01104EPSS
Exploits0References7
Snyk
Snyk
added 2024/07/09 9:47 a.m.1 views

Authorization Bypass

Overview Affected versions of this package are vulnerable to Authorization Bypass via fs.fchown or fs.fchmod operations which can use a "read-only" file descriptor to change the owner and permissions of a file. Note: This is only exploitable for users using the experimental permission when the...

4.2CVSS6.9AI score0.00395EPSS
Exploits0References2
0day.today
0day.today
added 2018/10/26 12:0 a.m.74 views

Linux systemd Symlink Dereference Via chown_one() Exploit

Linux suffers from an issue with systemd where chownone can dereference symlinks. systemd: chownone can dereference symlinks CVE-2018-15687 I am sending this bug report to Ubuntu, even though it's an upstream bug, as requested at...

0.2AI score0.01058EPSS
Exploits4
Rows per page
Query Builder