Lucene search
K

25 matches found

RedhatCVE
RedhatCVE
added 2026/03/31 10:11 p.m.5 views

CVE-2026-21716

A flaw was found in Node.js. An incomplete security fix allows code operating under restricted file system write permissions to bypass these limitations. This vulnerability enables the modification of file permissions and ownership on already-open files, even when explicit write access is denied...

3.8CVSS6.2AI score0.00159EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/05/23 10:22 a.m.9 views

CVE-2024-43199

Nagios NDOUtils before 2.1.4 allows privilege escalation from nagios to root because certain executable files are owned by the nagios user...

8.8CVSS7.1AI score0.01097EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2023/10/31 12:0 a.m.23 views

Debian dla-3643 : libpmi-pmix-dev - security update

The remote Debian 10 host has packages installed that are affected by a vulnerability as referenced in the dla-3643 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3643-1 [email protected] https://www.debian.org/lts/security/...

8.1CVSS8AI score0.01121EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2023/09/29 12:0 a.m.22 views

SUSE SLES15: libmca_common_dstore1 / libpmix2 / pmix / pmix-devel / pmix-headers / etc (SUSE-SU-2023:3859-1)

The remote SUSE Linux SLES15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:3859-1 advisory. - CVE-2023-41915: Fixed a potential vulnerability where a chown may follow a user-created link bsc1215190. - Install pmix-plugin-munge if...

8.1CVSS7.3AI score0.01121EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2023/09/15 11:24 a.m.43 views

CVE-2023-41915

OpenPMIx PMIx is vulnerable to a race condition during execution of library code with UID 0, which allows attackers to obtain ownership of arbitrary files...

8.1CVSS7.9AI score0.01121EPSS
Exploits0References3
OSV
OSV
added 2022/03/08 11:26 a.m.8 views

SUSE-FU-2022:0750-1 Feature update for SUSE Manager Client Tools

This feature update fixes the following issues: cobbler: - Move configuration files ownership to apache bsc1195906 - Make configuration files only readable by root bsc1193671, CVE-2021-45083 golang-github-prometheus-prometheus: - Upgrade to upstream version 2.32.1 jscSLE-22863 + Bugfixes: Scrape:...

7.1CVSS7AI score0.00306EPSS
Exploits0References11
OPENSUSE Linux
OPENSUSE Linux
added 2022/03/01 12:0 a.m.43 views

Security update for cobbler (important)

openSUSE Security Update: Security update for cobbler Announcement ID: openSUSE-SU-2022:0062-1 Rating: important References: 1184561 1185679 1186124 1189458 1193671 1193673 1193675 1193676 1193678 1194333 1195906 1195918 Cross-References: CVE-2021-40323 CVE-2021-40324 CVE-2021-40325 CVE-2021-4508...

9.1CVSS7.4AI score0.88482EPSS
Exploits2References12
OpenVAS
OpenVAS
added 2022/02/19 12:0 a.m.13 views

SUSE: Security Advisory (SUSE-SU-2022:14891-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.1CVSS8.4AI score0.00306EPSS
Exploits0References5
OSV
OSV
added 2022/02/18 10:44 a.m.6 views

SUSE-SU-2022:14891-1 Security update for cobbler

This update for cobbler fixes the following issues: - CVE-2021-45083: Fixed unsafe permissions on sensitive files bsc1193671. The following non-security bugs were fixed: - Move configuration files ownership to apache bsc1195906...

7.1CVSS7AI score0.00306EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2021/03/26 5:15 p.m.34 views

CVE-2021-20197

There is an open race window when writing output in the following utilities in GNU binutils version 2.35 and earlier:ar, objcopy, strip, ranlib. When these utilities are run as a privileged user presumably as part of a script updating binaries across different users, an unprivileged user can tric...

6.3CVSS7AI score0.00307EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2021/02/08 12:0 a.m.32 views

Fedora 33 : mingw-binutils (2021-354441fcdd)

The remote Fedora 33 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2021-354441fcdd advisory. - There is an open race window when writing output in the following utilities in GNU binutils version 2.35 and earlier:ar, objcopy, strip, ranlib...

6.3CVSS7.8AI score0.00307EPSS
Exploits0References2
OSV
OSV
added 2021/02/04 12:0 p.m.14 views

RUSTSEC-2021-0034 office is unmaintained, use calamine instead

The office crate is unmaintained. Use calamine for reading excel files. Contact the office author for ownership of the package name...

7.2AI score
Exploits0References3
AlpineLinux
AlpineLinux
added 2020/10/27 3:42 a.m.34 views

CVE-2018-21269

checkpath in OpenRC through 0.42.1 might allow local users to take ownership of arbitrary files because a non-terminal path component can be a symlink...

5.5CVSS5.5AI score0.00384EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2020/10/21 12:0 a.m.37 views

EulerOS Virtualization 3.0.2.2 : systemd (EulerOS-SA-2020-2221)

According to the version of the systemd packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - systemd-tmpfiles in systemd through 237 mishandles symlinks present in non-terminal path components, which allows local users to...

7.8CVSS6.3AI score0.00532EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2020/01/17 12:0 a.m.29 views

SUSE SLES12 Security Update : shibboleth-sp (SUSE-SU-2020:0115-1)

This update for shibboleth-sp fixes the following issues : Security issue fixed : CVE-2019-19191: Fixed escalation to root by fixing ownership of log files bsc1157471. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenabl...

7.8CVSS7.4AI score0.0048EPSS
Exploits1References4
OPENSUSE Linux
OPENSUSE Linux
added 2020/01/13 12:0 a.m.60 views

Security update for shibboleth-sp (moderate)

openSUSE Security Update: Security update for shibboleth-sp Announcement ID: openSUSE-SU-2020:0020-1 Rating: moderate References: 1157471 Cross-References: CVE-2019-19191 Affected Products: openSUSE Leap 15.1 An update that fixes one vulnerability is now available. Description: This update for...

7.8CVSS7.8AI score0.0048EPSS
Exploits1References1
Gentoo Linux
Gentoo Linux
added 2018/06/24 12:0 a.m.538 views

PNP4Nagios: Root privilege escalation

Background PNP4Nagios is an addon for the Nagios Network Monitoring System. Description It was found that PHP4Nagios creates files owned by an unprivileged user that are used by root. Impact A local attacker could escalate privileges to root. Workaround There is no known workaround at this time...

7.8CVSS4.1AI score0.00357EPSS
Exploits0
Prion
Prion
added 2018/02/14 8:29 p.m.19 views

Hardcoded credentials

OpenRC opentmpfiles through 0.1.3, when the fs.protectedhardlinks sysctl is turned off, allows local users to obtain ownership of arbitrary files by creating a hard link inside a directory on which "chown -R" will be run...

2.1CVSS5.4AI score0.00411EPSS
Exploits0References1Affected Software1
UbuntuCve
UbuntuCve
added 2018/02/14 8:29 p.m.27 views

CVE-2017-18188

OpenRC opentmpfiles through 0.1.3, when the fs.protectedhardlinks sysctl is turned off, allows local users to obtain ownership of arbitrary files by creating a hard link inside a directory on which "chown -R" will be run...

5.5CVSS6.2AI score0.00411EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2017/11/04 12:0 a.m.5 views

PT-2017-4218 · Vim +4 · Vim +4

Name of the Vulnerable Software and Affected Versions: Vim versions prior to 8.0.1263 Description: The issue is related to the fileio.c component in Vim, which sets the group ownership of a .swp file to the editor's primary group. This can allow local users to obtain sensitive information by...

9.8CVSS7.1AI score0.25314EPSS
Exploits102References413
Rows per page
Query Builder