EUVD-2012-3467

Malware in sbrugna...

SUSE CVE-2012-3512

Munin before 2.0.6 stores plugin state files that run as root in the same group-writable directory as non-root plugins, which allows local users to execute arbitrary code by replacing a state file, as demonstrated using the smart plugin...

Amazon Linux 2 : libvirt (ALAS-2019-1274) (MDSUM/RIDL) (MFBDS/RIDL/ZombieLoad) (MLPDS/RIDL) (MSBDS/Fallout)

Uncacheable memory on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. CVE-2019-11091 Modern Intel microprocessors implement hardware-level micro-optimizations to improve the...

CVE-2019-10166

Summary: CVE-2019-10166 affects libvirt. Affected versions: libvirt 4.x up to before 4.10.1 and 5.x up to before 5.4.1. Root cause: The virDomainManagedSaveDefineXML API was exposed to read‑only clients, enabling modification of managed save state files. Impact: If a privileged user created a man...

CVE-2019-10166

It was discovered that libvirtd, versions 4.x.x before 4.10.1 and 5.x.x before 5.4.1, would permit readonly clients to use the virDomainManagedSaveDefineXML API, which would permit them to modify managed save state files. If a managed save had already been created by a privileged user, a local...

libvirt: virDomainManagedSaveDefineXML API exposed to readonly clients

It was discovered that libvirtd would permit readonly clients to use the virDomainManagedSaveDefineXML API, which would permit them to modify managed save state files. If a managed save had already been created by a privileged user, a local attacker could modify this file such that libvirtd would...

Arbitrary Code Execution

libvirt is vulnerable to arbitrary code execution. It was discovered that libvirtd would permit readonly clients to use the virDomainManagedSaveDefineXML API, which would permit them to modify managed save state files. If a managed save had already been created by a privileged user, a local...

CVE-2019-10166

It was discovered that libvirtd would permit readonly clients to use the virDomainManagedSaveDefineXML API, which would permit them to modify managed save state files. If a managed save had already been created by a privileged user, a local attacker could modify this file such that libvirtd would...

CVE-2019-10166

It was discovered that libvirtd, versions 4.x.x before 4.10.1 and 5.x.x before 5.4.1, would permit readonly clients to use the virDomainManagedSaveDefineXML API, which would permit them to modify managed save state files. If a managed save had already been created by a privileged user, a local...

Munin Resource Monitoring < 2.0.6 Multiple Vulnerabilities

Binary data 6948.prm...

Mandriva Linux Security Advisory : munin (MDVSA-2013:105)

Updated munin packages fix security vulnerabilities : The qmailscan plugin for Munin before 2.0 rc6 allows local users to overwrite arbitrary files via a symlink attack on temporary files with predictable names CVE-2012-2103. Munin before 2.0.6 stores plugin state files that run as root in the sa...

DEBIAN-CVE-2012-3512

Munin before 2.0.6 stores plugin state files that run as root in the same group-writable directory as non-root plugins, which allows local users to execute arbitrary code by replacing a state file, as demonstrated using the smart plugin...

Design/Logic Flaw

Munin before 2.0.6 stores plugin state files that run as root in the same group-writable directory as non-root plugins, which allows local users to execute arbitrary code by replacing a state file, as demonstrated using the smart plugin...

Medium: munin

Issue Overview: Munin before 2.0.6 stores plugin state files that run as root in the same group-writable directory as non-root plugins, which allows local users to execute arbitrary code by replacing a state file, as demonstrated using the smart plugin. Affected Packages: munin Issue Correction:...

CVE-2012-3512

Munin before 2.0.6 stores plugin state files that run as root in the same group-writable directory as non-root plugins, which allows local users to execute arbitrary code by replacing a state file, as demonstrated using the smart plugin...