Lucene search
K

10 matches found

SUSE Linux
SUSE Linux
added 2026/01/27 8:20 a.m.8 views

Security update for nodejs22

This update for nodejs22 fixes the following issues: Security fixes: CVE-2026-22036: Fixed unbounded decompression chain in HTTP response leading to resource exhaustion bsc1256848 CVE-2026-21637: Fixed synchronous exceptions thrown during callbacks that bypass TLS error handling and causing denia...

9.2CVSS6.1AI score0.03782EPSS
Exploits2References28
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2011-3118

Malware in sbrugna...

5.9CVSS5.6AI score0.00601EPSS
Exploits0References2
Prion
Prion
added 2019/04/22 4:29 p.m.18 views

Design/Logic Flaw

The Ubuntu SELinux initscript before version 1:0.10 used touch to create a lockfile in a world-writable directory. If the OS kernel does not have symlink protections then an attacker can cause a zero byte file to be allocated on any writable filesystem...

5.8CVSS6.9AI score0.00601EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2019/04/22 3:35 p.m.56 views

CVE-2011-3151

CVE-2011-3151 affects the Ubuntu SELinux initscript prior to version 1:0.10. The initscript uses touch to create a lockfile in a world-writable directory. If the kernel lacks symlink protections, an attacker could cause a zero-byte file to be allocated on any writable filesystem. This description...

5.9CVSS5.2AI score0.00601EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2019/04/22 3:35 p.m.27 views

CVE-2011-3151 SELinux initscript misuse of touch

The Ubuntu SELinux initscript before version 1:0.10 used touch to create a lockfile in a world-writable directory. If the OS kernel does not have symlink protections then an attacker can cause a zero byte file to be allocated on any writable filesystem...

5.2CVSS5.5AI score0.00601EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2017/11/08 1:20 p.m.33 views

CVE-2016-10089

A vulnerability was found in Nagios 4.2.4, and earlier, which allows local users to gain root privileges via a hard link attack on the Nagios init script file, related to CVE-2016-8641. Mitigation This flaw, and others like it, are mitigated by enabling hardlink and symlink protections. These...

7.8CVSS2.9AI score0.0115EPSS
Exploits5References2
securityvulns
securityvulns
added 2015/10/12 12:0 a.m.183 views

[USN-2744-1] Apport vulnerability

========================================================================== Ubuntu Security Notice USN-2744-1 September 24, 2015 apport vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: -...

7.2CVSS0.0091EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2015/09/25 12:0 a.m.36 views

Ubuntu 14.04 LTS : Apport vulnerability (USN-2744-1)

The remote Ubuntu 14.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-2744-1 advisory. Halfdog discovered that Apport incorrectly handled kernel crash dump files. A local attacker could use this issue to cause a denial of service, or possibly elevat...

7.2CVSS5.7AI score0.0091EPSS
Exploits2References2
OSV
OSV
added 2015/09/24 11:58 a.m.3 views

USN-2744-1 apport vulnerability

Halfdog discovered that Apport incorrectly handled kernel crash dump files. A local attacker could use this issue to cause a denial of service, or possibly elevate privileges. The default symlink protections for affected releases should reduce the vulnerability to a denial of service...

7.2CVSS5.8AI score0.0091EPSS
Exploits2References2
UbuntuCve
UbuntuCve
added 2012/05/18 10:55 p.m.31 views

CVE-2012-2120

latex2man in texlive-extra-utils 2011.20120322, and possibly other versions or packages, when used with the H or T option, allows local users to overwrite arbitrary files via a symlink attack on a temporary file...

3.3CVSS5.9AI score0.00313EPSS
Exploits0References2
Rows per page
Query Builder