2192 matches found
CVE-2024-46958
In Nextcloud Desktop Client 3.13.1 through 3.13.3 on Linux, synchronized files between the server and client may become world writable or world readable. This is fixed in 3.13.4...
CVE-2024-46958
In Nextcloud Desktop Client 3.13.1 through 3.13.3 on Linux, synchronized files between the server and client may become world writable or world readable. This is fixed in 3.13.4...
Structured logging in Spring Boot 3.4
Logging is a long established part of troubleshooting applications and one of the three pillars of observability, next to metrics and traces. No one likes flying blind in production, and when incidents happen, developers are happy to have log files. Logs are often written out in a human-readable...
CVE-2024-41954
Summary: CVE-2024-41954 affects FOGProject. The vulnerable component is the /opt/fog/.fogsettings file, which stores plaintext service account credentials and is readable by all users on the host. Exploitation of these credentials could allow a malicious user to create new web-application account...
DEBIAN-CVE-2024-29069
In snapd versions prior to 2.62, snapd failed to properly check the destination of symbolic links when extracting a snap. The snap format is a squashfs file-system image and so can contain symbolic links and other file types. Various file entries within the snap squashfs image such as icons and...
PT-2024-22642 · Toshiba · Sharp/Toshiba Tec Mfps
Name of the Vulnerable Software and Affected Versions: Sharp/Toshiba Tec MFPs affected versions not specified Description: The issue allows any local user of the device to examine coredump files, which are stored with world-readable permission when the device crashes. This enables the user to...
PT-2024-21704 · Toshiba · Toshiba Printers
Name of the Vulnerable Software and Affected Versions: Toshiba printers affected versions not specified Description: It was observed that all the Toshiba printers contain credentials used for WebDAV access in a readable file, allowing for full access with WebDAV to the printer. Recommendations: A...
RHEL 9 : rpm-ostree (RHSA-2024:3823)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:3823 advisory. The rpm-ostree tool binds together the RPM packaging model with the OSTree model of bootable file system trees. It provides commands that can be used...
Moderate: Red Hat Security Advisory: rpm-ostree security update
An update for rpm-ostree is now available for Red Hat Enterprise Linux 9.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available f...
rpm-ostree: world-readable /etc/shadow file
A security vulnerability has been discovered within rpm-ostree, pertaining to the /etc/shadow file in default builds having the world-readable bit enabled. This issue arises from the default permissions being set at a higher level than recommended, potentially exposing sensitive authentication da...
ALSA-2024:3823 Moderate: rpm-ostree security update
The rpm-ostree tool binds together the RPM packaging model with the OSTree model of bootable file system trees. It provides commands that can be used both on client systems and on server-side composes. The rpm-ostree-client package provides commands for client systems to perform upgrades and...
Moderate: rpm-ostree security update
The rpm-ostree tool binds together the RPM packaging model with the OSTree model of bootable file system trees. It provides commands that can be used both on client systems and on server-side composes. The rpm-ostree-client package provides commands for client systems to perform upgrades and...
RHEL 7 : vim (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - vim: Integer overflow at an unserializeuep memory allocation site CVE-2017-6350 - VIM version 8.0.1187 an...
[SECURITY] Fedora 39 Update: rust-pretty-bytes-0.2.0-6.fc39
Convert bytes to a human readable string...
The vulnerability of the distributed Git version control system, related to improper preservation of permissions, allows a violator to create hard links to any readable file within the same file system.
The vulnerability of the distributed Git version control system relates to access to the database of objects in another user’s target repository. Exploiting this vulnerability allows a perpetrator to create hard links to any readable files within the same file system...
Moderate: Red Hat Security Advisory: rpm-ostree security update
An update for rpm-ostree is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available f...
rpm-ostree: world-readable /etc/shadow file
A security vulnerability has been discovered within rpm-ostree, pertaining to the /etc/shadow file in default builds having the world-readable bit enabled. This issue arises from the default permissions being set at a higher level than recommended, potentially exposing sensitive authentication da...
Fedora: Security Advisory for rust-pretty-bytes (FEDORA-2024-ce2936b568)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] Fedora 40 Update: rust-pretty-bytes-0.2.0-6.fc40
Convert bytes to a human readable string...
The vulnerability of the distributed Git version control system, related to the use of pre-installed security-related data, allows a hacker to create hard links to any readable file within the same file system.
The vulnerability of the distributed Git version control system is related to the use of pre-installed data related to security. Exploiting this vulnerability allows a attacker to create hard links to any readable file within the same file system...