Lucene search
K

20 matches found

SUSE Linux
SUSE Linux
added 2026/02/11 9:25 a.m.10 views

Security update for nodejs20

This update for nodejs20 fixes the following issues: Update to 20.20.0: CVE-2026-22036: Updated undici to 6.23.0 bsc1256848 CVE-2025-59465: Add TLSSocket default error handler bsc1256573 CVE-2025-55132: Disable futimes when permission model is enabled bsc1256571 CVE-2025-55130: Require full read...

9.2CVSS5.8AI score0.03782EPSS
Exploits2References28
OSV
OSV
added 2026/01/27 8:20 a.m.6 views

SUSE-SU-2026:0301-1 Security update for nodejs22

This update for nodejs22 fixes the following issues: Security fixes: - CVE-2026-22036: Fixed unbounded decompression chain in HTTP response leading to resource exhaustion bsc1256848 - CVE-2026-21637: Fixed synchronous exceptions thrown during callbacks that bypass TLS error handling and causing...

9.1CVSS6AI score0.03782EPSS
Exploits2References15
RedhatCVE
RedhatCVE
added 2026/01/07 9:39 a.m.7 views

CVE-1999-0402

wget 1.5.3 follows symlinks to change permissions of the target file instead of the symlink itself...

5CVSS6.9AI score0.01452EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2023-58821

Malicious code in bioql PyPI...

7.8CVSS7.2AI score0.00313EPSS
Exploits0References12
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2023-48735

Malicious code in bioql PyPI...

6.5CVSS5.8AI score0.0021EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2025/08/19 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2023-6597

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was found in the CPython tempfile.TemporaryDirectory class affecting versions 3.12.1, 3.11.7, 3.10.13, 3.9.18, and 3.8.18 and prior. The...

7.8CVSS7AI score0.00313EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2023-44387

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Gradle is a build tool with a focus on build automation and support for multi-language development. When copying or archiving symlinked files, Gradle resolves...

6.5CVSS6.5AI score0.0021EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/01/01 12:0 a.m.8 views

PT-2026-2469

Name of the Vulnerable Software and Affected Versions Node.js affected versions not specified Description A flaw exists in Node.js related to out-of-bounds deletion of critical data. Remote attackers may be able to impact the confidentiality and integrity of information. A race condition in...

7.6CVSS6.1AI score0.03493EPSS
Exploits0References162
Amazon
Amazon
added 2024/05/13 12:0 a.m.5 views

Important: python3.9

Issue Overview: An issue was found in the CPython tempfile.TemporaryDirectory class affecting versions 3.12.2, 3.11.8, 3.10.13, 3.9.18, and 3.8.18 and prior. The tempfile.TemporaryDirectory class would dereference symlinks during cleanup of permissions-related errors. This means users which can r...

7.8CVSS7AI score0.00313EPSS
Exploits0
OSV
OSV
added 2024/03/28 3:52 a.m.19 views

MGASA-2024-0096 Updated python3, python packages fix security vulnerabilities

The tempfile.TemporaryDirectory class would dereference symlinks during cleanup of permissions-related errors. This means users which can run privileged programs are potentially able to modify permissions of files referenced by symlinks in some circumstances. CVE-2023-6597 The zipfile module is...

7.8CVSS7.1AI score0.00336EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/10/10 1:30 a.m.4 views

SUSE CVE-2023-44387

Gradle is a build tool with a focus on build automation and support for multi-language development. When copying or archiving symlinked files, Gradle resolves them but applies the permissions of the symlink itself instead of the permissions of the linked file to the resulting file. This leads to...

6.5CVSS9.1AI score0.0021EPSS
Exploits0References3
NVD
NVD
added 2023/10/05 6:15 p.m.37 views

CVE-2023-44387

Gradle is a build tool with a focus on build automation and support for multi-language development. When copying or archiving symlinked files, Gradle resolves them but applies the permissions of the symlink itself instead of the permissions of the linked file to the resulting file. This leads to...

6.5CVSS4.9AI score0.0021EPSS
Exploits0References5
OSV
OSV
added 2023/10/05 6:15 p.m.4 views

DEBIAN-CVE-2023-44387

Gradle is a build tool with a focus on build automation and support for multi-language development. When copying or archiving symlinked files, Gradle resolves them but applies the permissions of the symlink itself instead of the permissions of the linked file to the resulting file. This leads to...

6.5CVSS6AI score0.0021EPSS
Exploits0References1
OSV
OSV
added 2023/10/05 6:15 p.m.8 views

UBUNTU-CVE-2023-44387

Gradle is a build tool with a focus on build automation and support for multi-language development. When copying or archiving symlinked files, Gradle resolves them but applies the permissions of the symlink itself instead of the permissions of the linked file to the resulting file. This leads to...

6.5CVSS5.7AI score0.0021EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2023/10/05 12:0 a.m.8 views

PT-2023-29221 · Gradle +1 · Gradle +1

Name of the Vulnerable Software and Affected Versions: Gradle versions prior to 7.6.3 Gradle versions prior to 8.4 Description: Gradle is a build tool with a focus on build automation and support for multi-language development. When copying or archiving symlinked files, Gradle resolves them but...

6.5CVSS5AI score0.0021EPSS
Exploits0References20
OSV
OSV
added 2020/04/12 3:15 a.m.5 views

CVE-2020-11707

An issue was discovered in ProVide formerly zFTPServer through 13.1. It doesn't enforce permission over Windows Symlinks or Junctions. As a result, a low-privileged user non-admin can craft a Junction Link in a directory he has full control of, breaking out of the sandbox...

8.8CVSS5.8AI score0.01003EPSS
Exploits1References2
Prion
Prion
added 2017/09/13 5:29 p.m.20 views

Design/Logic Flaw

D-Link DIR-850L REV. A with firmware through FW114WWb07h2abbeta1 and REV. B with firmware through FW208WWb02 devices have 0644 /var/etc/shadow aka the /etc/shadow symlink target permissions...

2.1CVSS7.7AI score0.0034EPSS
Exploits1References1Affected Software1
OPENSUSE Linux
OPENSUSE Linux
added 2016/03/24 3:9 p.m.51 views

Security update for samba (important)

This update for the samba server fixes the following issues: Security issue fixed: - CVE-2015-7560: Getting and setting Windows ACLs on symlinks can change permissions on link target; bso11648; bsc968222. Other bugs fixed: - Enable clustering CTDB support; bsc966271. - s3: smbd: Fix timestamp...

4CVSS6.6AI score0.12938EPSS
Exploits0References7
OpenVAS
OpenVAS
added 2016/03/19 12:0 a.m.31 views

openSUSE: Security Advisory for samba (openSUSE-SU-2016:0813-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS6.5AI score0.12938EPSS
Exploits0References1
Cvelist
Cvelist
added 1999/09/29 4:0 a.m.32 views

CVE-1999-0402

wget 1.5.3 follows symlinks to change permissions of the target file instead of the symlink itself...

6.5AI score0.01452EPSS
Exploits0References1
Rows per page
Query Builder