19 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-25674
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in 6.0 before 6.0.3, 5.2 before 5.2.12, and 4.2 before 4.2.29. Race condition in file-system storage and file-based cache backends in...
EUVD-2016-1840
Malware in sbrugna...
EUVD-2021-0808
Malware in sbrugna...
EUVD-2019-0070
Malware in sbrugna...
EUVD-2013-3368
Malware in sbrugna...
USN-5495-2: curl regression
USN-5495-1 fixed vulnerabilities in curl. The fix for CVE-2022-32205 miscalculated the maximum cookie size, causing a regression. This update fixes the problem. Original advisory details: Harry Sintonen discovered that curl incorrectly handled certain cookies. An attacker could possibly use this...
CVE-2025-27613 Gitk can create and truncate files in the user's home directory
Gitk is a Tcl/Tk based Git history browser. Starting with 1.7.0, when a user clones an untrusted repository and runs gitk without additional command arguments, files for which the user has write permission can be created and truncated. The option Support per-file encoding must have been enabled...
CVE-2025-31182
This issue was addressed with improved handling of symlinks. This issue is fixed in iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5, tvOS 18.4, visionOS 2.4, watchOS 11.4. An app may be able to delete files for which it does not have permission...
CVE-2025-2098
Fast CAD Reader application on MacOS was found to be installed with incorrect file permissions rwxrwxrwx. This is inconsistent with standard macOS security practices, where applications should have drwxr-xr-x permissions. Incorrect permissions allow for Dylib Hijacking. Guest account, other users...
CVE-2025-1413
DaVinci Resolve on MacOS was found to be installed with incorrect file permissions rwxrwxrwx. This is inconsistent with standard macOS security practices, where applications should have drwxr-xr-x permissions. Incorrect permissions allow for Dylib Hijacking. Guest account, other users and...
CVE-2020-36605 File Permissions Vulnerability in Hitachi Infrastructure Analytics Advisor, Hitachi Ops Center Analyzer, Hitachi Ops Center Viewpoint
Incorrect Default Permissions vulnerability in Hitachi Infrastructure Analytics Advisor on Linux Analytics probe component, Hitachi Ops Center Analyzer on Linux Analyzer probe component, Hitachi Ops Center Viewpoint on Linux Viewpoint RAID Agent component allows local users to read and write...
SUSE-SU-2020:0647-1 Security update for php72
This update for php72 fixes the following issues: - CVE-2020-7062: Fixed a null pointer dereference when using file upload functionality under specific circumstances bsc1165280. - CVE-2020-7063: Fixed an issue where adding files change the permissions to default bsc1165289...
CVE-2014-4659
Ansible before 1.5.5 sets 0644 permissions for sources.list, which might allow local users to obtain sensitive credential information in opportunistic circumstances by reading a file that uses the "deb http://user:pass@server:port/" format...
CVE-2011-4339
ipmievd aka the IPMI event daemon in OpenIPMI, as used in the ipmitool package 1.8.11 in Red Hat Enterprise Linux RHEL 6, Debian GNU/Linux, Fedora 16, and other products uses 0666 permissions for its ipmievd.pid PID file, which allows local users to kill arbitrary processes by writing to this fil...
CVE-2009-3281
Summary (CVE-2009-3281 / CVE-2009-3282 in VMware Fusion) VMware Fusion 2.0.5 and earlier are affected by two kernel issues in the vmx86 extension: CVE-2009-3281 (file-permission problem enabling arbitrary code execution in host kernel context by an unprivileged user) and CVE-2009-3282 (integer ov...
Serious holes affecting SiteBar 3.3.8
All, As a result of a short security audit of SiteBar, a number of security holes were found. The holes included code execution, a malicious redirect and multiple cases of Javascript injection. After liasing with the developers, the holes have been patched. Attached are the advisory and patch...
Low: Red Hat Security Advisory: cpio security update
An updated cpio package that fixes a umask bug and supports large files 2GB is now available. This update has been rated as having low security impact by the Red Hat Security Response Team GNU cpio copies files into or out of a cpio or tar archive. It was discovered that cpio uses a 0 umask when...
Important: Red Hat Security Advisory: kdelibs security update
Updated kdelibs packages that fix telnet URI handler and mailto URI handler file vulnerabilities are now available. The kdelibs packages include libraries for the K Desktop Environment. KDE Libraries include: kdecore KDE core library, kdeui user interface, kfm file manager, khtmlw HTML widget, ki...
CVE-2002-0355
netstat in SGI IRIX before 6.5.12 allows local users to determine the existence of files on the system, even if the users do not have the appropriate permissions...