1107 matches found
openSUSE 15 Security Update : etcd (SUSE-SU-2024:3656-1)
The remote openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:3656-1 advisory. Update to version 3.5.12: Security fixes: - CVE-2018-16873: Fixed remote command execution in cmd/go bsc1118897 - CVE-2018-16874: Fixed directory...
Security update for etcd
This update for etcd fixes the following issues: Update to version 3.5.12: Security fixes: CVE-2018-16873: Fixed remote command execution in cmd/go bsc1118897 CVE-2018-16874: Fixed directory traversal in cmd/go bsc1118898 CVE-2018-16875: Fixed CPU denial of service in crypto/x509 bsc1118899...
SUSE-SU-2024:3656-1 Security update for etcd
This update for etcd fixes the following issues: Update to version 3.5.12: Security fixes: - CVE-2018-16873: Fixed remote command execution in cmd/go bsc1118897 - CVE-2018-16874: Fixed directory traversal in cmd/go bsc1118898 - CVE-2018-16875: Fixed CPU denial of service in crypto/x509 bsc1118899...
CVE-2024-45276
An unauthenticated remote attacker can get read access to files in the "/tmp" directory due to missing authentication...
CVE-2024-45276 MB connect line/Helmholz: tmp directory exposed via webservice
An unauthenticated remote attacker can get read access to files in the "/tmp" directory due to missing authentication...
CVE-2024-45276 MB connect line/Helmholz: tmp directory exposed via webservice
An unauthenticated remote attacker can get read access to files in the "/tmp" directory due to missing authentication...
CVE-2024-45276
Summary: CVE-2024-45276 permits an unauthenticated remote attacker to read files in the "/tmp" directory due to missing authentication. Connected sources identify affected hardware as Helmholz MB connect line / REX100 wireless router, with public records noting versions prior to 2.3.1 are impacte...
Helmholz REX100 安全漏洞
Helmholz REX100 is a wireless router from Helmholz. A security vulnerability exists in Helmholz REX100 versions prior to 2.3.1, which stems from a lack of authentication and allows an unauthenticated, remote attacker to gain read access to files in the /tmp directory...
emacs: Gnus treats inline MIME contents as trusted
A flaw was found in Emacs. When Emacs is used as an email client, inline MIME attachments are considered to be trusted by default, allowing a crafted LaTeX document to exhaust the disk space or the inodes allocated for the partition where the /tmp directory is located. This issue possibly results...
CVE-2024-36041
KSmserver in KDE Plasma Workspace aka plasma-workspace before 5.27.11.1 and 6.x before 6.0.5.1 allows connections via ICE based purely on the host, i.e., all local connections are accepted. This allows another user on the same machine to gain access to the session manager, e.g., use the...
CVE-2024-36041
KSmserver in KDE Plasma Workspace aka plasma-workspace before 5.27.11.1 and 6.x before 6.0.5.1 allows connections via ICE based purely on the host, i.e., all local connections are accepted. This allows another user on the same machine to gain access to the session manager, e.g., use the...
RHEL 6 : policycoreutils (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - policycoreutils: Relabelling of symbolic links in /tmp and /var/tmp change the context of their target instead...
UBUNTU-CVE-2024-36041
KSmserver in KDE Plasma Workspace aka plasma-workspace before 5.27.11.1 and 6.x before 6.0.5.1 allows connections via ICE based purely on the host, i.e., all local connections are accepted. This allows another user on the same machine to gain access to the session manager, e.g., use the...
RHEL 6 : ctdb (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - ctdb: /tmp file vulnerability issues CVE-2013-4159 Note that Nessus has not tested for this issue but has instead...
RHEL 5 : jbds (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - jakarta-commons-fileupload, apache-commons-fileupload: /tmp directory used by default for uploaded files possibilit...
RHEL 4 : opencryptoki (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 4 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - opencryptoki: insecure handling of files in the /tmp directory CVE-2012-4455 - openCryptoki before 2.4.1,...
RHEL 5 : opencryptoki (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - opencryptoki: insecure handling of files in the /tmp directory CVE-2012-4455 - openCryptoki before 2.4.1,...
RHEL 4 : emacspeak (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 4 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - emacspeak: Insecure auxiliary /tmp file usage symlink attack possible CVE-2008-4191 Note that Nessus has not tested...
RHEL 5 : ctdb (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - ctdb: /tmp file vulnerability issues CVE-2013-4159 Note that Nessus has not tested for this issue but has instead...
SUSE CVE-2024-36041
KSmserver in KDE Plasma Workspace aka plasma-workspace before 5.27.11.1 and 6.x before 6.0.5.1 allows connections via ICE based purely on the host, i.e., all local connections are accepted. This allows another user on the same machine to gain access to the session manager, e.g., use the...