CVE-2026-6842

A flaw was found in nano. In environments with permissive umask settings, a local attacker can exploit incorrect directory permissions 0777 instead of 0700 for the /.local directory. This allows the attacker to inject a malicious .desktop launcher, which could lead to unintended actions or...

EUVD-2023-34952

Malicious code in bioql PyPI...

Mageia: Security Advisory (MGASA-2014-0058)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2021-21364

swagger-codegen is an open-source project which contains a template-driven engine to generate documentation, API clients and server stubs in different languages by parsing your OpenAPI / Swagger definition. In swagger-codegen before version 2.4.19, on Unix-Like systems, the system temporary...

CVE-2021-21364

swagger-codegen is an open-source project which contains a template-driven engine to generate documentation, API clients and server stubs in different languages by parsing your OpenAPI / Swagger definition. In swagger-codegen before version 2.4.19, on Unix-Like systems, the system temporary...

Design/Logic Flaw

swagger-codegen is an open-source project which contains a template-driven engine to generate documentation, API clients and server stubs in different languages by parsing your OpenAPI / Swagger definition. In swagger-codegen before version 2.4.19, on Unix-Like systems, the system temporary...

CVE-2021-21364 Generated Code Contains Local Information Disclosure Vulnerability

swagger-codegen is an open-source project which contains a template-driven engine to generate documentation, API clients and server stubs in different languages by parsing your OpenAPI / Swagger definition. In swagger-codegen before version 2.4.19, on Unix-Like systems, the system temporary...

CVE-2021-21364

CVE-2021-21364 affects the open-source project swagger-codegen. On Unix-like systems, prior to version 2.4.19, a shared system temporary directory allows a local attacker to observe or exploit the creation of temporary files/directories with default permissions, enabling potential data exposure o...

MGASA-2014-0058 Updated augeas package fixes security vulnerabilities

Multiple flaws were found in the way Augeas handled configuration files when updating them. An application using Augeas to update configuration files in a directory that is writable to by a different user for example, an application running as root that is updating files in a directory owned by a...

Updated augeas package fixes security vulnerabilities

Multiple flaws were found in the way Augeas handled configuration files when updating them. An application using Augeas to update configuration files in a directory that is writable to by a different user for example, an application running as root that is updating files in a directory owned by a...

Mandriva Linux Security Advisory : augeas (MDVSA-2014:022)

Updated augeas packages fix security vulnerabilities : Multiple flaws were found in the way Augeas handled configuration files when updating them. An application using Augeas to update configuration files in a directory that is writable to by a different user for example, an application running a...

Scientific Linux Security Update : augeas on SL6.x i386/x86_64 (20140120)

A flaw was found in the way Augeas handled certain umask settings when creating new configuration files. This flaw could result in configuration files being created as world-writable, allowing unprivileged local users to modify their content. CVE-2013-6412 All running applications using augeas mu...

RHEL 6 : augeas (RHSA-2014:0044)

Updated augeas packages that fix one security issue are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

Moderate: Red Hat Security Advisory: augeas security update

Updated augeas packages that fix one security issue are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

qpopper -- multiple privilege escalation vulnerabilities

Jens Steube reports that qpopper is vulnerable to a privilege escalation vulnerability. qpopper does not properly drop root privileges so that user supplied configuration and trace files can be processed with root privileges. This could allow a local attacker to create or modify arbitrary files...

Palm Desktop 4.0b76-77 for Mac OS X

Hotsyncing via Palm Desktop 4.0b76-77 for Mac OS X creates backup folders and files that are world readable...even if umask is set to 077. Chat with friends online, try MSN Messenger: http://messenger.msn.com...