Lucene search
K

25 matches found

Debian CVE
Debian CVE
added 2020/12/02 4:45 p.m.23 views

CVE-2020-25265

AppImage libappimage before 1.0.3 allows attackers to trigger an overwrite of a system-installed .desktop file by providing a .desktop file that contains Name= with path components...

6.5CVSS6.4AI score0.01919EPSS
Exploits1
Cvelist
Cvelist
added 2020/06/08 4:32 p.m.34 views

CVE-2020-13696

An issue was discovered in LinuxTV xawtv before 3.107. The function devopen in v4l-conf.c does not perform sufficient checks to prevent an unprivileged caller of the program from opening unintended filesystem paths. This allows a local attacker with access to the v4l-conf setuid-root program to...

4.5AI score0.00355EPSS
Exploits0References11
OSV
OSV
added 2018/11/19 10:3 p.m.3 views

USN-3816-2 systemd vulnerability

USN-3816-1 fixed several vulnerabilities in systemd. However, the fix for CVE-2018-6954 was not sufficient. This update provides the remaining fixes. We apologize for the inconvenience. Original advisory details: Jann Horn discovered that unitdeserialize incorrectly handled status messages above ...

7.8CVSS6.8AI score0.00532EPSS
Exploits1References2
OSV
OSV
added 2018/02/13 12:0 a.m.3 views

UBUNTU-CVE-2018-6954

systemd-tmpfiles in systemd through 237 mishandles symlinks present in non-terminal path components, which allows local users to obtain ownership of arbitrary files via vectors involving creation of a directory and a file under that directory, and later replacing that directory with a symlink. Th...

7.8CVSS6.8AI score0.00532EPSS
Exploits1References4
OSV
OSV
added 2017/04/04 5:59 p.m.1 views

UBUNTU-CVE-2017-7418

ProFTPD before 1.3.5e and 1.3.6 before 1.3.6rc5 controls whether the home directory of a user could contain a symbolic link through the AllowChrootSymlinks configuration option, but checks only the last path component when enforcing AllowChrootSymlinks. Attackers with local access could bypass th...

5.5CVSS6.4AI score0.00419EPSS
Exploits0References5
Rows per page
Query Builder