Lucene search
K

80 matches found

OSV
OSV
added 2019/07/02 11:15 p.m.0 views

DEBIAN-CVE-2019-13178

modules/luksbootkeyfile/main.py in Calamares versions 3.1 through 3.2.10 has a race condition between the time when the LUKS encryption keyfile is created and when secure permissions are set...

8.1CVSS6.8AI score0.01692EPSS
Exploits1References1
OSV
OSV
added 2019/07/02 11:15 p.m.4 views

DEBIAN-CVE-2019-13179

Calamares versions 3.1 through 3.2.10 copies a LUKS encryption keyfile from /cryptokeyfile.bin mode 0600 owned by root to /boot within a globally readable initramfs image with insecure permissions, which allows this originally protected file to be read by any user, thereby disclosing decryption...

7.5CVSS6.7AI score0.02088EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2019/07/02 11:15 p.m.2 views

CVE-2019-13179

Calamares versions 3.1 through 3.2.10 copies a LUKS encryption keyfile from /cryptokeyfile.bin mode 0600 owned by root to /boot within a globally readable initramfs image with insecure permissions, which allows this originally protected file to be read by any user, thereby disclosing decryption...

7.5CVSS5.4AI score0.02088EPSS
Exploits1References13
OSV
OSV
added 2019/07/02 11:15 p.m.3 views

UBUNTU-CVE-2019-13178

modules/luksbootkeyfile/main.py in Calamares versions 3.1 through 3.2.10 has a race condition between the time when the LUKS encryption keyfile is created and when secure permissions are set...

8.1CVSS7.2AI score0.01692EPSS
Exploits1References4
Prion
Prion
added 2019/07/02 11:15 p.m.18 views

Race condition

modules/luksbootkeyfile/main.py in Calamares versions 3.1 through 3.2.10 has a race condition between the time when the LUKS encryption keyfile is created and when secure permissions are set...

6.8CVSS7.9AI score0.01692EPSS
Exploits1References14Affected Software1
UbuntuCve
UbuntuCve
added 2019/07/02 11:15 p.m.17 views

CVE-2019-13179

Calamares versions 3.1 through 3.2.10 copies a LUKS encryption keyfile from /cryptokeyfile.bin mode 0600 owned by root to /boot within a globally readable initramfs image with insecure permissions, which allows this originally protected file to be read by any user, thereby disclosing decryption...

7.5CVSS7AI score0.02088EPSS
Exploits1References3
UbuntuCve
UbuntuCve
added 2019/07/02 11:15 p.m.12 views

CVE-2019-13178

modules/luksbootkeyfile/main.py in Calamares versions 3.1 through 3.2.10 has a race condition between the time when the LUKS encryption keyfile is created and when secure permissions are set...

8.1CVSS7.1AI score0.01692EPSS
Exploits1References3
OSV
OSV
added 2019/07/02 11:15 p.m.5 views

UBUNTU-CVE-2019-13179

Calamares versions 3.1 through 3.2.10 copies a LUKS encryption keyfile from /cryptokeyfile.bin mode 0600 owned by root to /boot within a globally readable initramfs image with insecure permissions, which allows this originally protected file to be read by any user, thereby disclosing decryption...

7.5CVSS7.2AI score0.02088EPSS
Exploits1References4
Cvelist
Cvelist
added 2019/07/02 10:43 p.m.24 views

CVE-2019-13179

Calamares versions 3.1 through 3.2.10 copies a LUKS encryption keyfile from /cryptokeyfile.bin mode 0600 owned by root to /boot within a globally readable initramfs image with insecure permissions, which allows this originally protected file to be read by any user, thereby disclosing decryption...

7.5AI score0.02088EPSS
Exploits1References8
CVE
CVE
added 2019/07/02 10:43 p.m.207 views

CVE-2019-13179

CVE-2019-13179 affects Calamares versions 3.1 to 3.2.10. The root cause is that Calamares copies the LUKS keyfile at /crypto_keyfile.bin (mode 0600, root-owned) into /boot inside a globally readable initramfs image, making the key accessible to any user and exposing decryption keys for LUKS conta...

7.5CVSS7.4AI score0.02088EPSS
Exploits1References8Affected Software1
Debian CVE
Debian CVE
added 2019/07/02 10:43 p.m.20 views

CVE-2019-13179

Calamares versions 3.1 through 3.2.10 copies a LUKS encryption keyfile from /cryptokeyfile.bin mode 0600 owned by root to /boot within a globally readable initramfs image with insecure permissions, which allows this originally protected file to be read by any user, thereby disclosing decryption...

7.5CVSS7.5AI score0.02088EPSS
Exploits1
Veracode
Veracode
added 2019/07/01 2:11 a.m.37 views

Improper Permissions For Directory And File Restrictions

glib uses improper permissions for directory and file restrictions. Directories are created using less restrictive permissions for directory and file using gfilemakedirectorywithparents kfsb-dir, NULL, NULL and files using gfilereplacecontents kfsb-file, contents, length, NULL, FALSE,...

7.5CVSS7.8AI score0.03211EPSS
Exploits0References14Affected Software2
NVD
NVD
added 2019/06/28 3:15 p.m.28 views

CVE-2019-13012

The keyfile settings backend in GNOME GLib aka glib2.0 before 2.60.0 creates directories using gfilemakedirectorywithparents kfsb-dir, NULL, NULL and files using gfilereplacecontents kfsb-file, contents, length, NULL, FALSE, GFILECREATEREPLACEDESTINATION, NULL, NULL, NULL. Consequently, it does n...

7.5CVSS8.6AI score0.03211EPSS
Exploits0References12
OSV
OSV
added 2019/06/28 3:15 p.m.2 views

DEBIAN-CVE-2019-13012

The keyfile settings backend in GNOME GLib aka glib2.0 before 2.60.0 creates directories using gfilemakedirectorywithparents kfsb-dir, NULL, NULL and files using gfilereplacecontents kfsb-file, contents, length, NULL, FALSE, GFILECREATEREPLACEDESTINATION, NULL, NULL, NULL. Consequently, it does n...

7.5CVSS6.3AI score0.03211EPSS
Exploits0References1
Prion
Prion
added 2019/06/28 3:15 p.m.31 views

Null pointer dereference

The keyfile settings backend in GNOME GLib aka glib2.0 before 2.60.0 creates directories using gfilemakedirectorywithparents kfsb-dir, NULL, NULL and files using gfilereplacecontents kfsb-file, contents, length, NULL, FALSE, GFILECREATEREPLACEDESTINATION, NULL, NULL, NULL. Consequently, it does n...

5CVSS8.4AI score0.03211EPSS
Exploits0References12Affected Software1
Cvelist
Cvelist
added 2019/06/28 2:7 p.m.31 views

CVE-2019-13012

The keyfile settings backend in GNOME GLib aka glib2.0 before 2.60.0 creates directories using gfilemakedirectorywithparents kfsb-dir, NULL, NULL and files using gfilereplacecontents kfsb-file, contents, length, NULL, FALSE, GFILECREATEREPLACEDESTINATION, NULL, NULL, NULL. Consequently, it does n...

8.8AI score0.03211EPSS
Exploits0References12
Debian CVE
Debian CVE
added 2019/06/28 2:7 p.m.49 views

CVE-2019-13012

The keyfile settings backend in GNOME GLib aka glib2.0 before 2.60.0 creates directories using gfilemakedirectorywithparents kfsb-dir, NULL, NULL and files using gfilereplacecontents kfsb-file, contents, length, NULL, FALSE, GFILECREATEREPLACEDESTINATION, NULL, NULL, NULL. Consequently, it does n...

7.5CVSS6.7AI score0.03211EPSS
Exploits0
CVE
CVE
added 2019/06/28 2:7 p.m.345 views

CVE-2019-13012

CVE-2019-13012 affects GNOME GLib (glib2.0). The keyfile settings backend before 2.60.0 creates directories with 0777 permissions and files with default permissions due to improper restriction, enabling potential exposure of sensitive data. This is tied to g_file_make_directory_with_parents and g...

7.5CVSS7AI score0.03211EPSS
Exploits0References12Affected Software1
Kitploit
Kitploit
added 2019/03/01 12:43 p.m.194 views

VSHG - Hardware resistance & enhanced security for GnuPG

VSHG aims to provide a memory / hardware resistant reinforcement to GnuPG's standared s2k key-derivation-function + a simplified interface for symmetric encryption . About VSHG VSHG Very secure hash generator is a standalone Addon for GnuPG Gnu privacy guard . It is written as a shell script and ...

7.5AI score
Exploits0References1
n0where
n0where
added 2018/10/23 4:46 a.m.89 views

Hardware resistance & enhanced security for GnuPG

VSHG aims to provide a memory / hardware resistant reinforcement to GnuPG’s standard s2k key-derivation-function + a simplified interface for symmetric encryption . VSHG Very secure hash generator is a standalone Addon for GnuPG Gnu privacy guard . It is written as a shell script and is designed...

7.5AI score
Exploits0References1
Rows per page
Query Builder