Lucene search
K

9 matches found

NVD
NVD
added 2026/06/13 3:16 a.m.22 views

CVE-2026-54228

A time-of-check time-of-use TOCTOU race condition was found in the abrt-dbus D-Bus service's SetElement method. Between dump directory creation and post-create event execution, any local user can call SetElement to write arbitrary text files into the root-owned dump directory, bypassing package...

7.8CVSS0.00103EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/13 2:34 a.m.13 views

EUVD-2026-36637

A time-of-check time-of-use TOCTOU race condition was found in the abrt-dbus D-Bus service's SetElement method. Between dump directory creation and post-create event execution, any local user can call SetElement to write arbitrary text files into the root-owned dump directory, bypassing package...

7.8CVSS5.4AI score0.00103EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/13 2:34 a.m.8 views

CVE-2026-54228 Abrt: toctou race condition in abrt-dbus setelement allows arbitrary file writes to dump directories

A time-of-check time-of-use TOCTOU race condition was found in the abrt-dbus D-Bus service's SetElement method. Between dump directory creation and post-create event execution, any local user can call SetElement to write arbitrary text files into the root-owned dump directory, bypassing package...

7.8CVSS5.4AI score0.00103EPSS
Exploits0References2
CVE
CVE
added 2026/06/13 2:34 a.m.28 views

CVE-2026-54228

Vulnerability context (CVE-2026-54228) : A TOCTOU race in the abrt-dbus D-Bus service’s SetElement method allows a local user to write arbitrary text files into the root-owned dump directory between dump directory creation and post-create, bypassing package validation and causing crashes of unpac...

7.8CVSS5.4AI score0.00103EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/06/13 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2026-54228

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A time-of-check time-of-use TOCTOU race condition was found in the abrt-dbus D-Bus service's SetElement method. Between dump directory creation and post-create...

7.8CVSS5.6AI score0.00103EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/13 12:0 a.m.14 views

PT-2026-49073

Name of the Vulnerable Software and Affected Versions abrt-dbus affected versions not specified Description A time-of-check time-of-use TOCTOU race condition exists in the SetElement method of the abrt-dbus D-Bus service. A TOCTOU race condition occurs when a program checks a condition such as a...

7.8CVSS5.6AI score0.00103EPSS
Exploits0References5
OSV
OSV
added 2019/01/24 4:29 a.m.3 views

CVE-2018-17639

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.2.0.9297. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

8.8CVSS6.2AI score0.03918EPSS
Exploits0References2
CNVD
CNVD
added 2018/10/17 12:0 a.m.3 views

Foxit Reader and Foxit PhantomPDF for Windows Memory Misreference Vulnerability (CNVD-2018-25189)

Foxit Reader for Windows is a Windows-based PDF document reader from China's Foxit Foxit Software Corporation.Foxit PhantomPDF for Windows is its commercial version. A memory misreference vulnerability exists in the handling of the setElement method in Foxit Reader 9.2.0.9297 and earlier versions...

8.8CVSS8.7AI score0.03918EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2018/10/11 12:0 a.m.27 views

Foxit Reader XFA setElement Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the...

7.8CVSS2.1AI score0.03918EPSS
Exploits0References1
Rows per page
Query Builder