11 matches found
GHSA-5CWG-9F6J-9JVX Claude Code: Insecure System-Wide Configuration Loading Enables Local Privilege Escalation on Windows
On Windows, Claude Code loaded system-wide default configuration from C:\ProgramData\ClaudeCode\managed-settings.json without validating directory ownership or access permissions. Because the ProgramData directory is writable by non-administrative users by default and the ClaudeCode subdirectory...
Claude Code: Insecure System-Wide Configuration Loading Enables Local Privilege Escalation on Windows
On Windows, Claude Code loaded system-wide default configuration from C:\ProgramData\ClaudeCode\managed-settings.json without validating directory ownership or access permissions. Because the ProgramData directory is writable by non-administrative users by default and the ClaudeCode subdirectory...
CVE-2026-35603
CVE-2026-35603 (Claude Code, Windows) : In versions prior to 2.1.75, Claude Code loaded the system-wide default configuration from C:\ProgramData\ClaudeCode\managed-settings.json without validating directory ownership or access permissions. Since ProgramData is writable by non-administrative user...
Fedora 40 : uv (2024-075f626765)
The remote Fedora 40 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-075f626765 advisory. Update uv from 0.4.30 to 0.5.5. This is a significant update. Please see the following notes. ---- By updating to a current release of uv, this update fixes...
CVE-2023-38544
A logged in user can modify specific files that may lead to unauthorized changes in system-wide configuration settings. This vulnerability could be exploited to compromise the integrity and security of the network on the affected system...
CVE-2023-38544
CVE-2023-38544 affects Ivanti (Secure Access Client) on Linux. A logged-in user can modify specific files, potentially enabling unauthorized changes to system-wide configuration settings, compromising integrity. Root cause: exploitation locally by a user with low privileges; impact listed as part...
How to Configure WinHTTP Proxy for Veeam Components
Known Limitation A tenant's Veeam Backup & Replication server cannot access Veeam Cloud Connect infrastructure components through HTTP/HTTPS proxy servers. All cloud-targeted traffic from the tenant's Veeam Backup & Replication server will ignore proxy settings. Purpose This article documents how...
Security update for neovim (important)
openSUSE Security Update: Security update for neovim Announcement ID: openSUSE-SU-2019:1997-1 Rating: important References: 1137443 Cross-References: CVE-2019-12735 Affected Products: openSUSE Backports SLE-15-SP1 An update that fixes one vulnerability is now available. Description: This update f...
Security update for neovim (important)
openSUSE Security Update: Security update for neovim Announcement ID: openSUSE-SU-2019:1796-1 Rating: important References: 1137443 Cross-References: CVE-2019-12735 Affected Products: openSUSE Backports SLE-15 An update that fixes one vulnerability is now available. Description: This update for...
openSUSE Security Update : neovim (openSUSE-2019-1759)
This update for neovim fixes the following issues : neovim was updated to version 0.3.7 : - CVE-2019-12735: source should check sandbox boo1137443 - genappimage.sh: migrate to linuxdeploy Version Update to version 0.3.5 : - options: properly reset directories on 'autochdir' - Remove MSVC...
Run a Command on Multiple Servers: ClusterSSH
Run a Command on Multiple Servers How to run a command on multiple servers at once? If you maintain multiple Linux servers, there are cases where you want to run the same commands on all the servers. For example, you may want to install/upgrade packages, patch the kernel, and update configuration...