59 matches found
MiracleLinux 8 : patch-2.7.6-11.el8 (AXSA:2020-262:01)
The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2020-262:01 advisory. patch: the following of symlinks in inp.c and util.c is mishandled in cases other than input files CVE-2019-13636 Tenable has extracted the preceding...
Apple macOS Tahoe Symbolic Link Mishandling Vulnerability (CNVD-2025-3115302)
Apple macOS Tahoe is a desktop operating system released by Apple on June 10, 2025, using the LiquidGlass design language and integrating several AI and cross-device features. Apple macOS Tahoe suffers from a symbolic link mishandling vulnerability that stems from insufficient security restrictio...
EUVD-2017-11573
Malware in sbrugna...
EUVD-2019-5064
Malware in sbrugna...
EUVD-2015-5692
Malware in sbrugna...
EUVD-2018-15898
Malware in sbrugna...
EUVD-2019-4335
Malware in sbrugna...
CVE-2024-45845
Rejected reason: DO NOT USE THIS CVE RECORD. Consult IDs: CVE-2024-45593. Reason: This record is a reservation duplicate of CVE-2024-45593. Notes: All CVE users should reference CVE-2024-45593 instead of this record. All references and descriptions in this record have been removed to prevent...
RHEL 5 : dbus (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - dbus: users with the same numeric UID could lead to use-after-free and undefined behaviour CVE-2020-35512...
Oracle Linux 8 : dbus (ELSA-2019-3707)
The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2019-3707 advisory. 1.12.8-9.0.1 - fix netlink poll: error 4 Zhenzhong Duan 1:1.12.8-9 - Ensure that patches are applied 1725570 1:1.12.8-8 - Fix CVE-2019-12749 1725570 Tenable has...
K25719440: D-Bus vulnerability CVE-2019-12749
Security Advisory Description dbus before 1.10.28, 1.12.x before 1.12.16, and 1.13.x before 1.13.12, as used in DBusServer in Canonical Upstart in Ubuntu 14.04 and in some, less common, uses of dbus-daemon, allows cookie spoofing because of symlink mishandling in the reference implementation of...
SUSE CVE-2019-12749
dbus before 1.10.28, 1.12.x before 1.12.16, and 1.13.x before 1.13.12, as used in DBusServer in Canonical Upstart in Ubuntu 14.04 and in some, less common, uses of dbus-daemon, allows cookie spoofing because of symlink mishandling in the reference implementation of DBUSCOOKIESHA1 in the libdbus...
Amazon Linux 2 : dbus (ALAS-2022-1870)
The version of dbus installed on the remote host is prior to 1.10.24-7. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2022-1870 advisory. A flaw was found in dbus. The implementation of DBUSCOOKIESHA1 is susceptible to a symbolic link attack. A malicious client...
Nutanix AHV : Multiple Vulnerabilities (NXSA-AHV-20201105.1021)
The version of AHV installed on the remote host is prior to 20201105.1021. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AHV-20201105.1021 advisory. - In Network Security Services NSS before 3.46, several cryptographic primitives had missing length checks. In...
SUSE-SU-2022:1932-1 Security update for patch
This update for patch fixes the following issues: Security fixes: - CVE-2019-13636: Fixed mishandled following of symlinks in certain cases other than input files bsc1142041. - CVE-2018-6952: Fixed double free of memory in pch.c:anotherhunk bsc1080985. Bugfixes: - Pass the correct stat to backup...
NewStart CGSL CORE 5.05 / MAIN 5.05 : dbus Vulnerability (NS-SA-2021-0152)
The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has dbus packages installed that are affected by a vulnerability: - dbus before 1.10.28, 1.12.x before 1.12.16, and 1.13.x before 1.13.12, as used in DBusServer in Canonical Upstart in Ubuntu 14.04 and in some, less common, use...
Privilege escalation
Creation of a Temporary Directory with Insecure Permissions in Nagios XI 5.7.5 and earlier allows for Privilege Escalation via creation of symlinks, which are mishandled in getprofile.sh...
CentOS 8 : patch (CESA-2020:1852)
The remote CentOS Linux 8 host has a package installed that is affected by a vulnerability as referenced in the CESA-2020:1852 advisory. - patch: the following of symlinks in inp.c and util.c is mishandled in cases other than input files CVE-2019-13636 Note that Nessus has not tested for this iss...
Security Bulletin: IBM Security Guardium is affected by a dbus vulnerability
Summary IBM Security Guardium has addressed the following vulnerabilities. Vulnerability Details CVEID: CVE-2019-12749 DESCRIPTION: dbus before 1.10.28, 1.12.x before 1.12.16, and 1.13.x before 1.13.12, as used in DBusServer in Canonical Upstart in Ubuntu 14.04 and in some, less common, uses of...
Oracle Linux 7 : dbus (ELSA-2020-4032)
The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2020-4032 advisory. 1:1.10.24-15.0.1 - fix netlink poll: error 4 Zhenzhong Duan 1:1.10.24-15 - Fix CVE-2020-12049 1851992 Tenable has extracted the preceding description block...