9 matches found
Security Bulletin: IBM InfoSphere Information Server is affected but not classified as vulnerable to multiple vulnerabilities in Node.js
Summary Multiple vulnerabilities in Node.js used by IBM InfoSphere Information Server were addressed. Vulnerability Details CVEID:CVE-2019-16777 DESCRIPTION: npm CLI could allow a local attacker to bypass security restrictions, caused by the failure to prevent existing globally-installed binaries...
GHSA-PH34-PC88-72GC Incorrect Permission Assignment for Critical Resource in NPM
An issue was discovered in an npm 5.7.0 2018-02-21 pre-release marked as "next: 5.7.0" and therefore automatically installed by an "npm upgrade -g npm" command, and also announced in the vendor's blog without mention of pre-release status. It might allow local users to bypass intended filesystem...
Design/Logic Flaw
An issue was discovered in an npm 5.7.0 2018-02-21 pre-release marked as "next: 5.7.0" and therefore automatically installed by an "npm upgrade -g npm" command, and also announced in the vendor's blog without mention of pre-release status. It might allow local users to bypass intended filesystem...
CVE-2018-7408
An issue was discovered in an npm 5.7.0 2018-02-21 pre-release marked as "next: 5.7.0" and therefore automatically installed by an "npm upgrade -g npm" command, and also announced in the vendor's blog without mention of pre-release status. It might allow local users to bypass intended filesystem...
CVE-2018-7408
An issue was discovered in an npm 5.7.0 2018-02-21 pre-release marked as "next: 5.7.0" and therefore automatically installed by an "npm upgrade -g npm" command, and also announced in the vendor's blog without mention of pre-release status. It might allow local users to bypass intended filesystem...
Debian Security Advisory DSA 823-1 (util-linux)
The remote host is missing an update to util-linux announced via advisory DSA 823-1. David Watson discoverd a bug in mount as provided by util-linux and other packages such as loop-aes-utils that allows local users to bypass filesystem access restrictions by re-mounting it read-only. For the old...
Debian: Security Advisory (DSA-825-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian: Security Advisory (DSA-823-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian DSA-823-1 : util-linux - privilege escalation
David Watson discovered a bug in mount as provided by util-linux and other packages such as loop-aes-utils that allows local users to bypass filesystem access restrictions by re-mounting it read-only. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in...