28 matches found
CVE-2026-54231
A content injection vulnerability was found in the ABRT post-create event handler scripts in libreport. The event script queries the systemd journal for log entries matching the crashed process and writes the results to files in the dump directory without sanitizing embedded control characters. A...
CVE-2026-54231 Abrt: unsanitized systemd journal content written to dump directory files enables content injection
A content injection vulnerability was found in the ABRT post-create event handler scripts in libreport. The event script queries the systemd journal for log entries matching the crashed process and writes the results to files in the dump directory without sanitizing embedded control characters. A...
CVE-2026-54231 Abrt: unsanitized systemd journal content written to dump directory files enables content injection
A content injection vulnerability was found in the ABRT post-create event handler scripts in libreport. The event script queries the systemd journal for log entries matching the crashed process and writes the results to files in the dump directory without sanitizing embedded control characters. A...
CVE-2026-54231
CVE-2026-54231 affects ABRT’s post-create event handler scripts in libreport. The event script reads journal entries for the crashed process and writes results to files in the dump directory without sanitizing embedded control characters. A local user can inject arbitrary content into the journal...
MiracleLinux 9 : ipa-4.12.2-1.el9_5.3 (AXSA:2025-9559:01)
The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-9559:01 advisory. freeipa: Administrative user data leaked through systemd journal CVE-2024-11029 Tenable has extracted the preceding description block directly from the...
[SECURITY] Fedora 41 Update: toolbox-0.2-1.fc41
Toolbx is a tool for Linux, which allows the use of interactive command line environments for software development and troubleshooting the host operating system, without having to install software on the host. It is built on top of Podman and other standard container technologies from OCI. Toolbx...
SUSE-SU-2025:20597-1 Security update for systemd
This update for systemd fixes the following issues: - Remove the script used to help migrating the language and locale settings located in /etc/sysconfig/language on old systems to the systemd default locations bsc1247074 The script was introduced more than 7 years ago and all systems running TW...
[SECURITY] Fedora 42 Update: toolbox-0.2-1.fc42
Toolbx is a tool for Linux, which allows the use of interactive command line environments for software development and troubleshooting the host operating system, without having to install software on the host. It is built on top of Podman and other standard container technologies from OCI. Toolbx...
CVE-2020-8903
A vulnerability in Google Cloud Platform's guest-oslogin versions between 20190304 and 20200507 allows a user that is only granted the role "roles/compute.osLogin" to escalate privileges to root. Using their membership to the "adm" group, users with this role are able to read the DHCP XID from th...
freeipa: Administrative user data leaked through systemd journal
A flaw was found in the FreeIPA API audit, where it sends the whole FreeIPA command line to journalctl. As a consequence, during the FreeIPA installation process, it inadvertently leaks the administrative user credentials, including the administrator password, to the journal database. In the...
CVE-2024-11029 Freeipa: administrative user data leaked through systemd journal
A flaw was found in the FreeIPA API audit, where it sends the whole FreeIPA command line to journalctl. As a consequence, during the FreeIPA installation process, it inadvertently leaks the administrative user credentials, including the administrator password, to the journal database. In the...
CVE-2024-11029
CVE-2024-11029 is a real vulnerability affecting FreeIPA via an API audit flaw that leaks administrator credentials to systemd journal when the FreeIPA installation process logs the full command line. Connected advisories confirm affected packages (FreeIPA) across multiple distributions (e.g., Fe...
RHEL 9 : ipa (RHSA-2025:0334)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:0334 advisory. Red Hat Identity Management IdM is a centralized authentication, identity management, and authorization solution for both traditional and cloud-based...
Moderate: ipa security update
AlmaLinux Identity Management IdM is a centralized authentication, identity management, and authorization solution for both traditional and cloud-based enterprise environments. Security Fixes: freeipa: Administrative user data leaked through systemd journal CVE-2024-11029 For more details about t...
SUSE CVE-2014-9770
tmpfiles.d/systemd.conf in systemd before 214 uses weak permissions for journal files under 1 /run/log/journal/%m and 2 /var/log/journal/%m, which allows local users to obtain sensitive information by reading these files...
Linux: Get journald.conf (KB)
The file configures various parameters of the systemd journal service. Note: This script only stores information for other Policy Controls. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right...
CVE-2020-8903
A vulnerability in Google Cloud Platform's guest-oslogin versions between 20190304 and 20200507 allows a user that is only granted the role "roles/compute.osLogin" to escalate privileges to root. Using their membership to the "adm" group, users with this role are able to read the DHCP XID from th...
CVE-2020-8903
A vulnerability in Google Cloud Platform's guest-oslogin versions between 20190304 and 20200507 allows a user that is only granted the role "roles/compute.osLogin" to escalate privileges to root. Using their membership to the "adm" group, users with this role are able to read the DHCP XID from th...
CVE-2020-8903
A vulnerability in Google Cloud Platform's guest-oslogin versions between 20190304 and 20200507 allows a user that is only granted the role "roles/compute.osLogin" to escalate privileges to root. Using their membership to the "adm" group, users with this role are able to read the DHCP XID from th...
RHEL 7 : systemd (RHSA-2019:1502)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2019:1502 advisory. The systemd packages contain systemd, a system and service manager for Linux, compatible with the SysV and LSB init scripts. It provides aggressive...