5 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-8997
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - vifm is vulnerable to a heap buffer overflow during the history merge process when saving the state file vifminfo.json. This flaw occurs because the application...
Medium: redis6
Issue Overview: TOCTOU in linenoiseHistorySave in linenoise allows local attackers to overwrite arbitrary files and change permissions via a symlink race between fopen"w" on the history path and subsequent chmod on the same path. CVE-2025-9810 Affected Packages: redis6 Issue Correction: Run dnf...
Amazon Linux 2 : redis, --advisory ALAS2REDIS6-2025-014 (ALASREDIS6-2025-014)
The version of redis installed on the remote host is prior to 6.2.14-2. It is, therefore, affected by a vulnerability as referenced in the ALAS2REDIS6-2025-014 advisory. TOCTOU in linenoiseHistorySave in linenoise allows local attackers to overwrite arbitrary files and change permissions via a...
CVE-2025-9810
TOCTOU vulnerability CVE-2025-9810 in linenoiseHistorySave (linenoise) enables local attackers to overwrite files or change permissions via a symlink race between fopen("w") on the history path and a subsequent chmod() on the same path. Connected advisories confirm this CVE affects Redis-related ...
CVE-2025-9810 TOCTOU race in Linenoise enables arbitrary file overwrite and permission changes
TOCTOU in linenoiseHistorySave in linenoise allows local attackers to overwrite arbitrary files and change permissions via a symlink race between fopen"w" on the history path and subsequent chmod on the same path...