Lucene search
K

9 matches found

Tenable Nessus
Tenable Nessus
added 2021/03/15 12:0 a.m.30 views

SUSE SLES12 Security Update : s390-tools (SUSE-SU-2021:0776-1)

This update for s390-tools fixes the following issues : Fixed an issue where IPL was not working when bootloader was installed on a SCSI disk with 4k physical blocksize without using a devicemapper target bsc1183041. CVE-2021-25316: Do not use predictable temporary file names bsc1182777. Made the...

3.3CVSS4.8AI score0.00315EPSS
Exploits1References6
OSV
OSV
added 2020/09/01 4:3 p.m.17 views

GHSA-V3JV-WRF4-5845 Local Privilege Escalation in npm

Affected versions of npm use predictable temporary file names during archive unpacking. If an attacker can create a symbolic link at the location of one of these temporary file names, the attacker can arbitrarily write to any file that the user which owns the npm process has permission to write t...

3.3CVSS6.1AI score0.00372EPSS
Exploits0References11
OSV
OSV
added 2019/02/18 11:40 p.m.31 views

GHSA-6CPC-MJ5C-M9RQ Arbitrary File Write in cli

Affected versions of cli use predictable temporary file names. If an attacker can create a symbolic link at the location of one of these temporarly file names, the attacker can arbitrarily write to any file that the user which owns the cli process has permission to write to. Proof of Concept By...

4.9CVSS4AI score0.00992EPSS
Exploits1References5
Node.js
Node.js
added 2016/10/27 4:8 p.m.35 views

Local Privilege Escalation

Overview Affected versions of npm use predictable temporary file names during archive unpacking. If an attacker can create a symbolic link at the location of one of these temporary file names, the attacker can arbitrarily write to any file that the user which owns the npm process has permission t...

3.3CVSS3.1AI score0.00372EPSS
Exploits0Affected Software1
Node.js
Node.js
added 2016/03/28 9:24 p.m.41 views

Arbitrary File Write

Overview Affected versions of cli use predictable temporary file names. If an attacker can create a symbolic link at the location of one of these temporarly file names, the attacker can arbitrarily write to any file that the user which owns the cli process has permission to write to. Proof of...

4.9CVSS3.5AI score0.00992EPSS
Exploits1Affected Software1
OpenVAS
OpenVAS
added 2015/06/13 12:0 a.m.41 views

Debian Security Advisory DSA 3285-1 (qemu-kvm - security update)

Several vulnerabilities were discovered in qemu-kvm, a full virtualization solution on x86 hardware. CVE-2015-3209 Matt Tait of Google OpenVAS Vulnerability Test $Id: deb3285.nasl 6609 2017-07-07 12:05:59Z cfischer $ Auto-generated from advisory DSA 3285-1 using nvtgen 1.0 Script version: 1.0...

7.5CVSS0.3AI score0.09668EPSS
Exploits0References1
OSV
OSV
added 2012/06/27 9:55 p.m.6 views

CVE-2012-2451

The Config::IniFiles module before 2.71 for Perl creates temporary files with predictable names, which allows local users to overwrite arbitrary files via a symlink attack. NOTE: some of these details are obtained from third party information. NOTE: it has been reported that this might only be...

6.1AI score
Exploits0References12
OSV
OSV
added 2012/04/13 12:0 a.m.29 views

DSA-2451-1 puppet - several

Bulletin has no description...

6CVSS6AI score0.02632EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2012/03/19 7:55 p.m.19 views

CVE-2012-0808

as31 2.3.1-4 does not seed the random number generator and generates predictable temporary file names, which makes it easier for local users to create or truncate files via a symlink attack...

3.6CVSS5.8AI score0.0035EPSS
Exploits0References1
Rows per page
Query Builder