Lucene search
+L

69 matches found

Tenable Nessus
Tenable Nessus
added 2024/01/25 12:0 a.m.34 views

RHEL 9 : rpm (RHSA-2024:0453)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:0453 advisory. The RPM Package Manager RPM is a command-line driven package management system capable of installing, uninstalling, verifying, querying, and...

6.7CVSS6.9AI score0.00491EPSS
Exploits3References9
OSV
OSV
added 2023/11/14 12:32 a.m.8 views

CVE-2023-47629 Privilege escalation through email sign-up in datahub

DataHub is an open-source metadata platform. In affected versions sign-up through an invite link does not properly restrict users from signing up as privileged accounts. If a user is given an email sign-up link they can potentially create an admin account given certain preconditions. If the defau...

7.1CVSS7.7AI score0.00472EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2023/01/12 12:0 a.m.30 views

Huawei EulerOS: Security Advisory for rpm (EulerOS-SA-2023-1202)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.7CVSS7.4AI score0.00491EPSS
Exploits3References2
OpenVAS
OpenVAS
added 2023/01/12 12:0 a.m.27 views

Huawei EulerOS: Security Advisory for rpm (EulerOS-SA-2023-1174)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.7CVSS7.4AI score0.00491EPSS
Exploits3References2
Tenable Nessus
Tenable Nessus
added 2023/01/11 12:0 a.m.42 views

EulerOS Virtualization 2.10.0 : rpm (EulerOS-SA-2023-1174)

According to the versions of the rpm packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A race condition vulnerability was found in rpm. A local unprivileged user could use this flaw to bypass the checks that were...

7.8CVSS6.5AI score0.00491EPSS
Exploits3References4
Tenable Nessus
Tenable Nessus
added 2023/01/10 12:0 a.m.41 views

EulerOS Virtualization 2.10.1 : rpm (EulerOS-SA-2023-1153)

According to the versions of the rpm packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A race condition vulnerability was found in rpm. A local unprivileged user could use this flaw to bypass the checks that were...

7.8CVSS6.5AI score0.00491EPSS
Exploits3References4
Tenable Nessus
Tenable Nessus
added 2022/12/01 12:0 a.m.32 views

FreeBSD : rpm4 -- Multiple Vulnerabilities (0c52abde-717b-11ed-98ca-40b034429ecf)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 0c52abde-717b-11ed-98ca-40b034429ecf advisory. - There is a flaw in RPM's signature functionality. OpenPGP subkeys are associated with a...

6.7CVSS6.3AI score0.00491EPSS
Exploits2References4
NVD
NVD
added 2022/08/25 8:15 p.m.21 views

CVE-2021-35938

A symbolic link issue was found in rpm. It occurs when rpm sets the desired permissions and credentials after installing a file. A local unprivileged user could use this flaw to exchange the original file with a symbolic link to a security-critical file and escalate their privileges on the system...

6.7CVSS0.00491EPSS
Exploits1References7
OSV
OSV
added 2022/08/22 3:15 p.m.7 views

AZL-10651 CVE-2021-3639 affecting package mod_auth_mellon for versions less than 0.16.0-4

A flaw was found in modauthmellon where it does not sanitize logout URLs properly. This issue could be used by an attacker to facilitate phishing attacks by tricking users into visiting a trusted web application URL that redirects to an external and potentially malicious server. The highest threa...

6.1CVSS5.7AI score0.00752EPSS
Exploits0References1
Oracle linux
Oracle linux
added 2022/05/17 12:0 a.m.34 views

squid:4 security and bug fix update

libecap squid 7:4.15-3 - Resolves: 1941506 - CVE-2021-28116 squid:4/squid: out-of-bounds read in WCCP protocol data may lead to information disclosure 7:4.15-2 - Resolves: 2006121 - SQUID shortens FTP Link wrong that contains a semi-colon and as a result is not able to download zip file.CODE 404 ...

5.3CVSS0.7AI score0.13005EPSS
Exploits0
Citrix
Citrix
added 2021/09/27 12:0 a.m.9 views

Path DEAD on Newly Installed or Existing WAN Link on Citrix SD-WAN

After a new WAN link is added to Citrix SD-WAN, the WAN path state is shown as DEAD...

7AI score
Exploits0
Redos
Redos
added 2021/09/08 12:0 a.m.11 views

ROS-2-1572

2.1572 Multiple Exim Server Vulnerabilities 1. Vulnerability description: CVE-2020-28007 A vulnerability in the Exim message forwarding agent, is related to a symbolic link in the Exim log directory. Exploitation of the vulnerability could allow an attacker to create a special symbolic link to a...

9.8CVSS8.7AI score0.61664EPSS
Exploits6
CNNVD
CNNVD
added 2021/06/30 12:0 a.m.5 views

rpm 后置链接漏洞

rpm is a powerful command-line driven package management tool used to install, uninstall, verify, query and update packages on Linux systems. A security vulnerability exists in rpm that originates from a symbolic link issue that occurs when rpm sets the required permissions and credentials after...

6.7CVSS6.7AI score0.00491EPSS
Exploits1References13
OSV
OSV
added 2016/02/22 6:5 p.m.3 views

USN-2906-1 cpio vulnerabilities

Alexander Cherepanov discovered that GNU cpio incorrectly handled symbolic links when used with the --no-absolute-filenames option. If a user or automated system were tricked into extracting a specially-crafted cpio archive, a remote attacker could possibly use this issue to write arbitrary files...

6.5CVSS6.8AI score0.05484EPSS
Exploits4References3
securityvulns
securityvulns
added 2004/09/13 12:0 a.m.115 views

StarOffice/OpenOffice symbolic links vulnerability

symlink problem during temporary files creation...

1.3AI score
Exploits0References2Affected Software2
exploitpack
exploitpack
added 2004/05/08 12:0 a.m.15 views

Qualcomm Eudora 6.x - Embedded Hyperlink URI Obfuscation

Qualcomm Eudora 6.x - Embedded Hyperlink URI Obfuscation source: https://www.securityfocus.com/bid/10305/info It has been reported that the Qualcomm Eudora MTA is prone to a URI obfuscation weakness that may hide the true contents of a link. The problem occurs when a user@location URI is formatte...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2003/07/08 12:0 a.m.38 views

Symbolic link problem in semi/wemi

Insecure temporary files handling...

0.2AI score
Exploits0References1Affected Software2
securityvulns
securityvulns
added 2003/04/15 12:0 a.m.37 views

ghostscript symbolic link problem

Symboli link problem during temporary files creation in ps2epsi...

1.1AI score
Exploits0References1
Cvelist
Cvelist
added 2003/04/02 5:0 a.m.23 views

CVE-2002-0178

uudecode, as available in the sharutils package before 4.2.1, does not check whether the filename of the uudecoded file is a pipe or symbolic link, which could allow attackers to overwrite files or execute commands...

6.6AI score0.00622EPSS
Exploits0References11
FreeBSD Advisory
FreeBSD Advisory
added 2002/05/20 12:0 a.m.5 views

FreeBSD-SA-02:25.bzip2

-----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SA-02:25 Security Advisory The FreeBSD Project Topic: bzip2 contains multiple security vulnerabilities Category: core/ports Module: bzip2 Announced: 2002-05-20 Credits: Volker...

5.8AI score
Exploits0
Rows per page
Query Builder