Desktop client created folders with world-readable and world-writable permissions on Linux

None...

Toward greater transparency: Publishing machine-readable CSAF files

Welcome to the third installment in our series on transparency at the Microsoft Security Response Center MSRC. In this ongoing discussion, we talk about our commitment to providing comprehensive vulnerability information to our customers. At MSRC, our mission is to protect our customers,...

RHEL 7 : openstack-puppet-modules (RHSA-2017:0359)

The remote Redhat Enterprise Linux 7 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2017:0359 advisory. openstack-puppet-modules provides a collection of Puppet modules which Red Hat OpenStack Platform director uses to install and configure OpenStack...

SUSE CVE-2024-36814

An arbitrary file read vulnerability in Adguard Home before v0.107.52 allows authenticated attackers to access arbitrary files as root on the underlying Operating System via placing a crafted file into a readable directory...

PT-2024-34646 · Nix · Nix

Name of the Vulnerable Software and Affected Versions: Nix versions prior to 2.18.9 Nix versions prior to 2.19.7 Nix versions prior to 2.20.9 Nix versions prior to 2.21.5 Nix versions prior to 2.22.4 Nix versions prior to 2.23.4 Nix versions prior to 2.24.10 Description: The issue concerns the Ni...

Nix 安全漏洞

Nix is a powerful package manager from the Nix open source. It is used for making packages. Nix has a security vulnerability that stems from built-in builders on macOS that are not executed in the macOS sandbox, resulting in these builders being able to access globally readable paths and globally...

UBUNTU-CVE-2024-49975

In the Linux kernel, the following vulnerability has been resolved: uprobes: fix kernel info leak via "uprobes" vma xoladdvma maps the uninitialized page allocated by createxolarea into userspace. On some architectures x86 this memory is readable even without VMREAD, VMEXEC results in the same...

CVE-2023-32190

mlocate's %post script allows RUNUPDATEDBAS user to make arbitrary files world readable by abusing insecure file operations that run with root privileges...

UBUNTU-CVE-2023-32190

mlocate's %post script allows RUNUPDATEDBAS user to make arbitrary files world readable by abusing insecure file operations that run with root privileges...

CVE-2023-32190 mlocate's %post script allows RUN_UPDATEDB_AS user to make arbitrary files world readable

mlocate's %post script allows RUNUPDATEDBAS user to make arbitrary files world readable by abusing insecure file operations that run with root privileges...

CVE-2023-32190

mlocate's %post script allows RUNUPDATEDBAS user to make arbitrary files world readable by abusing insecure file operations that run with root privileges...

PT-2024-12299 · Mlocate · Mlocate

Name of the Vulnerable Software and Affected Versions: mlocate affected versions not specified Description: The issue allows the RUN UPDATEDB AS user to make arbitrary files world readable by abusing insecure file operations that run with root privileges. This is due to mlocate's %post script...

CVE-2024-36814

An arbitrary file read vulnerability in Adguard Home before v0.107.52 allows authenticated attackers to access arbitrary files as root on the underlying Operating System via placing a crafted file into a readable directory...

CLSA-2024-1727797025 Fix CVE(s): CVE-2024-32002

SECURITY UPDATE: Hardlink creation to arbitrary user-readable files - debian/patches/CVE-2024-32002.patch: submodule paths must not contain symlinks - CVE-2024-32002...

Franklin Fueling TS-550 EVO Automatic Tank Gauge 安全漏洞

Franklin Fueling TS-550 EVO Automatic Tank Gauge is an automated industrial tank gauge from Franklin Fueling USA. A security vulnerability previously existed in the Franklin Fueling TS-550 EVO Automatic Tank Gauge version 2.26.4.8967, which stemmed from administrator credentials being stored in a...

SUSE CVE-2024-46958

In Nextcloud Desktop Client 3.13.1 through 3.13.3 on Linux, synchronized files between the server and client may become world writable or world readable. This is fixed in 3.13.4...

DEBIAN-CVE-2024-46958

In Nextcloud Desktop Client 3.13.1 through 3.13.3 on Linux, synchronized files between the server and client may become world writable or world readable. This is fixed in 3.13.4...

CVE-2024-46958

In Nextcloud Desktop Client 3.13.1 through 3.13.3 on Linux, synchronized files between the server and client may become world writable or world readable. This is fixed in 3.13.4...

UBUNTU-CVE-2024-46958

In Nextcloud Desktop Client 3.13.1 through 3.13.3 on Linux, synchronized files between the server and client may become world writable or world readable. This is fixed in 3.13.4...

CVE-2024-46958

In Nextcloud Desktop Client 3.13.1 through 3.13.3 on Linux, synchronized files between the server and client may become world writable or world readable. This is fixed in 3.13.4...