Security update for wireguard-tools (moderate)

openSUSE Security Update: Security update for wireguard-tools Announcement ID: openSUSE-SU-2021:1425-1 Rating: moderate References: 1191224 Affected Products: openSUSE Leap 15.2 An update that contains security fixes can now be installed. Description: This update for wireguard-tools fixes the...

openSUSE: Security Advisory for wireguard-tools (openSUSE-SU-2021:3527-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

OPENSUSE-SU-2021:3527-1 Security update for wireguard-tools

This update for wireguard-tools fixes the following issues: - Removed world-readable permissions from /etc/wireguard bsc1191224...

coreos-installer: restrict access permissions on /boot/ignition{,/config.ign}

A flaw was found in the coreos-installer, where it writes the Ignition config to the target system with world-readable access permissions. This flaw allows a local attacker to have read access to potentially sensitive data. The highest threat from this vulnerability is to confidentiality...

CVE-2020-4805

IBM Edge 4.2 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 189539...

RHEL 8 : cloud-init (RHSA-2021:3371)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2021:3371 advisory. The cloud-init packages provide a set of init scripts for cloud instances. Cloud instances need special scripts to run during initialization to...

cloud-init: randomly generated passwords logged in clear-text to world-readable file

A flaw was found in cloud-init. When a system is configured through cloud-init and the "Set Passwords" module is used with "chpasswd" directive and "RANDOM", the randomly generated password for the relative user is written in clear-text in a file readable by any existing user of the system. The...

jersey: Local information disclosure via system temporary directory

Eclipse Jersey 2.28 to 2.33 and Eclipse Jersey 3.0.0 to 3.0.1 contains a local information disclosure vulnerability. This is due to the use of the File.createTempFile which creates a file inside of the system temporary directory with the permissions: -rw-r--r--. Thus the contents of this file are...

cloud-init: randomly generated passwords logged in clear-text to world-readable file

A flaw was found in cloud-init. When a system is configured through cloud-init and the "Set Passwords" module is used with "chpasswd" directive and "RANDOM", the randomly generated password for the relative user is written in clear-text in a file readable by any existing user of the system. The...

OPENSUSE-SU-2021:2682-1 Security update for rpm

This update for rpm fixes the following issues: - Changed default package verification level to 'none' to be compatible to rpm-4.14.1 - Made illegal obsoletes a warning - Fixed a potential access of freed mem in ndb's glue code bsc1179416 - Added support for enforcing signature policy and payload...

RHEL 7 : .NET 5.0 on RHEL 7 (RHSA-2021:3147)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:3147 advisory. .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR...

CentOS 8 : .NET 5.0 (CESA-2021:3148)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2021:3148 advisory. - dotnet: ASP.NET Core WebSocket frame processing DoS CVE-2021-26423 - dotnet: Dump file created world-readable CVE-2021-34485 - dotnet: ASP.NET Core J...

RHEL 8 : .NET Core 2.1 (RHSA-2021:3145)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2021:3145 advisory. .NET Core is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR...

RHEL 8 : .NET 5.0 (RHSA-2021:3148)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:3148 advisory. .NET is a managed-software framework. It implements a subset of the .NET framework APIs and several new APIs, and it includes a CLR...

CentOS 8 : cloud-init (CESA-2021:3081)

The remote CentOS Linux 8 host has a package installed that is affected by a vulnerability as referenced in the CESA-2021:3081 advisory. - cloud-init: randomly generated passwords logged in clear-text to world-readable file CVE-2021-3429 Note that Nessus has not tested for this issue but has...

dotnet: Dump file created world-readable

.NET Core and Visual Studio Information Disclosure Vulnerability...

dotnet: Dump file created world-readable

.NET Core and Visual Studio Information Disclosure Vulnerability...

Low: Red Hat Security Advisory: .NET Core 2.1 security and bugfix update

An update for .NET Core 2.1 is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...

dotnet: Dump file created world-readable

.NET Core and Visual Studio Information Disclosure Vulnerability...

dotnet: Dump file created world-readable

.NET Core and Visual Studio Information Disclosure Vulnerability...