Lucene search
K

78 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 5:33 a.m.8 views

SUSE CVE-2013-6493

The LiveConnect implementation in plugin/icedteanp/IcedTeaNPPlugin.cc in IcedTea-Web before 1.4.2 allows local users to read the messages between a Java applet and a web browser by pre-creating a temporary socket file with a predictable name in /tmp...

2.1CVSS6.5AI score0.00482EPSS
Exploits1References5
SUSE CVE
SUSE CVE
added 2023/02/15 5:29 a.m.2 views

SUSE CVE-2014-2905

fish aka fish-shell 1.16.0 before 2.1.1 does not properly check the credentials, which allows local users to gain privileges via the universal variable socket, related to /tmp/fishd.socket.user permissions...

6.9CVSS7.1AI score0.0035EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2022/02/22 12:0 a.m.39 views

Ubuntu 16.04 ESM / 18.04 LTS : Linux kernel vulnerabilities (USN-5298-1)

The remote Ubuntu 16.04 ESM / 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5298-1 advisory. It was discovered that the Packet network protocol implementation in the Linux kernel contained a double- free vulnerability. A local attacke...

7.8CVSS7.7AI score0.05918EPSS
Exploits8References13
OpenVAS
OpenVAS
added 2020/11/23 12:0 a.m.10 views

openGauss: Ensuring the Existence of the Socket File

Some application programs may search for the socket file in the /tmp directory to deceive the server. During the system startup, the socket file /tmp/ $ USER gaussdb/.s.PGSQL. $PGPORT is created by default to prevent some applications from creating or overwriting the socket file in the /tmp...

7.3AI score
Exploits0References1
OpenVAS
OpenVAS
added 2020/11/20 12:0 a.m.9 views

GaussDB Kernel: Ensuring the Existence of the Socket File

Some application programs may search for the socket file in the /tmp directory to deceive the server. During the system startup, the socket file /tmp/ $ USER mppdb/.s.PGSQL. $PGPORT is created by default to prevent some applications from creating or overwriting the socket file in the /tmp...

7.3AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2020/04/29 12:0 a.m.7 views

The vulnerability of the stroke_socket.c function in IPSEC’s strongSwan daemon allows a hacker to cause a service failure.

The vulnerability of the strokesocket.c function in IPSEC’s strongSwan daemon is caused by a violation of the buffer’s initial boundary. Exploiting this vulnerability could allow an attacker, operating remotely, to cause a service failure...

6.8CVSS6.7AI score0.04009EPSS
Exploits0References8Affected Software9
CVE
CVE
added 2019/09/21 1:54 a.m.377 views

CVE-2019-16650

CVE-2019-16650 affects Supermicro X10/X11 BMCs. The vulnerability stems from improper authentication in the virtual media service, allowing an attacker to transfer a client’s access privileges to another client that shares the same socket file descriptor. In practice, a remote attacker could conn...

10CVSS9.3AI score0.02163EPSS
Exploits0References3Affected Software1
Veracode
Veracode
added 2019/01/15 9:1 a.m.19 views

Arbitrary Code Execution

Lilibguestfs is vulnerable to arbitrary command execution. When --remote or --listen option is used for creating a temporary socket file in this directory, the ownership of /tmp/.guestfish-$UID/ is not validated properly, leading to write to the socket and execute arbitrary commands by creating...

6.8CVSS7AI score0.00754EPSS
Exploits0References33Affected Software1
Veracode
Veracode
added 2019/01/15 8:54 a.m.20 views

Information Disclosure

icedtea-web is vulnerable to information disclosure attacks. The vulnerability exists as the LiveConnect implementation in plugin/icedteanp/IcedTeaNPPlugin.cc in IcedTea-Web before 1.4.2 allows local users to read the messages between a Java applet and a web browser by pre-creating a temporary...

2.1CVSS5.2AI score0.00482EPSS
Exploits1References9Affected Software1
RedHat Linux
RedHat Linux
added 2018/10/30 12:5 p.m.4 views

kernel: NULL pointer dereference if close and fchownat system calls share a socket file descriptor

A NULL pointer dereference issue was found in the Linux kernel. If the close and fchownat system calls share a socket file descriptor as an argument, then the two calls can race and trigger a NULL pointer dereference leading to a system crash and a denial of service...

7.1CVSS6.7AI score0.06609EPSS
Exploits0References4
OSV
OSV
added 2018/06/12 12:0 a.m.8 views

UBUNTU-CVE-2018-12232

In net/socket.c in the Linux kernel through 4.17.1, there is a race condition between fchownat and close in cases where they target the same socket file descriptor, related to the sockclose and sockfssetattr functions. fchownat does not increment the file descriptor reference count, which allows...

5.9CVSS6.7AI score0.06609EPSS
Exploits0References9
UbuntuCve
UbuntuCve
added 2018/06/12 12:0 a.m.40 views

CVE-2018-12232

In net/socket.c in the Linux kernel through 4.17.1, there is a race condition between fchownat and close in cases where they target the same socket file descriptor, related to the sockclose and sockfssetattr functions. fchownat does not increment the file descriptor reference count, which allows...

7.1CVSS6.8AI score0.06609EPSS
Exploits0References8
OSV
OSV
added 2017/06/03 11:35 p.m.4 views

MGASA-2017-0154 Updated pcmanfm packages fix security vulnerability

PCManFM 1.2.5 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service application unavailability. CVE-2017-8934...

5.5CVSS5.4AI score0.00334EPSS
Exploits0References3
Mageia
Mageia
added 2017/06/03 11:35 p.m.27 views

Updated pcmanfm packages fix security vulnerability

PCManFM 1.2.5 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service application unavailability. CVE-2017-8934...

5.5CVSS2.9AI score0.00334EPSS
Exploits0References2
OSV
OSV
added 2017/05/15 2:29 p.m.6 views

CVE-2017-8933

Libmenu-cache 1.0.2 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service menu unavailability...

3.3CVSS3.7AI score
Exploits0References2
OSV
OSV
added 2017/05/15 2:29 p.m.3 views

UBUNTU-CVE-2017-8934

PCManFM 1.2.5 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service application unavailability...

5.5CVSS6.7AI score0.00334EPSS
Exploits0References3
OSV
OSV
added 2017/05/15 2:29 p.m.2 views

DEBIAN-CVE-2017-8934

PCManFM 1.2.5 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service application unavailability...

5.5CVSS6.5AI score0.00334EPSS
Exploits0References1
OSV
OSV
added 2017/05/15 2:29 p.m.2 views

DEBIAN-CVE-2017-8933

Libmenu-cache 1.0.2 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service menu unavailability...

3.3CVSS6.5AI score0.0032EPSS
Exploits0References1
OSV
OSV
added 2017/05/15 2:29 p.m.6 views

CVE-2017-8934

PCManFM 1.2.5 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service application unavailability...

5.5CVSS5.3AI score
Exploits0References2
NVD
NVD
added 2017/05/15 2:29 p.m.11 views

CVE-2017-8933

Libmenu-cache 1.0.2 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service menu unavailability...

3.3CVSS3.6AI score0.0032EPSS
Exploits0References2
Rows per page
Query Builder