2839 matches found
CVE-2023-34204
imapsync through 2.229 uses predictable paths under /tmp and /var/tmp in its default mode of operation. Both of these are typically world-writable, and thus for example an attacker can modify imapsync's cache and overwrite files belonging to the user who runs it...
CVE-2023-34204
imapsync through 2.229 uses predictable paths under /tmp and /var/tmp in its default mode of operation. Both of these are typically world-writable, and thus for example an attacker can modify imapsync's cache and overwrite files belonging to the user who runs it...
PT-2023-24735 · Imapsync · Imapsync
Name of the Vulnerable Software and Affected Versions: imapsync versions through 2.229 Description: The issue concerns the use of predictable paths under /tmp and /var/tmp in the default mode of operation. Since these paths are typically world-writable, an attacker can modify imapsync's cache and...
CVE-2023-34204
imapsync through 2.229 uses predictable paths under /tmp and /var/tmp in its default mode of operation. Both of these are typically world-writable, and thus for example an attacker can modify imapsync's cache and overwrite files belonging to the user who runs it...
CVE-2023-30571
Libarchive through 3.6.2 can cause directories to have world-writable permissions. The umask call inside archivewritediskposix.c changes the umask of the whole process for a very short period of time; a race condition with another thread can lead to a permanent umask 0 setting. Such a race...
CVE-2023-30571
Libarchive through 3.6.2 can cause directories to have world-writable permissions. The umask call inside archivewritediskposix.c changes the umask of the whole process for a very short period of time; a race condition with another thread can lead to a permanent umask 0 setting. Such a race...
DEBIAN-CVE-2023-30571
Libarchive through 3.6.2 can cause directories to have world-writable permissions. The umask call inside archivewritediskposix.c changes the umask of the whole process for a very short period of time; a race condition with another thread can lead to a permanent umask 0 setting. Such a race...
CVE-2023-30571
Libarchive through 3.6.2 can cause directories to have world-writable permissions. The umask call inside archivewritediskposix.c changes the umask of the whole process for a very short period of time; a race condition with another thread can lead to a permanent umask 0 setting. Such a race...
UBUNTU-CVE-2023-30571
Libarchive through 3.6.2 can cause directories to have world-writable permissions. The umask call inside archivewritediskposix.c changes the umask of the whole process for a very short period of time; a race condition with another thread can lead to a permanent umask 0 setting. Such a race...
CVE-2023-30571
Libarchive through 3.6.2 can cause directories to have world-writable permissions. The umask call inside archivewritediskposix.c changes the umask of the whole process for a very short period of time; a race condition with another thread can lead to a permanent umask 0 setting. Such a race...
CVE-2023-30571
Libarchive through 3.6.2 can cause directories to have world-writable permissions. The umask call inside archivewritediskposix.c changes the umask of the whole process for a very short period of time; a race condition with another thread can lead to a permanent umask 0 setting. Such a race...
PT-2023-35518 · Oracle · Java
Name of the Vulnerable Software and Affected Versions: Java affected versions not specified Description: A security exception occurs due to an issue in the java.awt.image package, specifically in the DataBufferInt constructor, which is called by Raster.createPackedRaster and...
nfpm has incorrect default permissions
Summary When building packages directly from source control, file permissions on the checked-in files are not maintained. Details When building packages directly from source control, file permissions on the checked-in files are not maintained. When nfpm packaged the files without extra config for...
PT-2023-23971 · Nfpm · Nfpm
Name of the Vulnerable Software and Affected Versions: nfpm affected versions not specified Description: The issue arises when nfpm packages files without maintaining the original file permissions from the source control. This can result in files being packaged with incorrect permissions, such as...
USN-6088-2: runC vulnerabilities
USN-6088-1 fixed vulnerabilities in runC. This update provides the corresponding updates for Ubuntu 16.04 LTS. It was discovered that runC incorrectly performed access control when mounting /proc to non-directories. An attacker could possibly use this issue to escalate privileges. CVE-2019-19921...
USN-6088-1 runc vulnerabilities
It was discovered that runC incorrectly made /sys/fs/cgroup writable when in rootless mode. An attacker could possibly use this issue to escalate privileges. CVE-2023-25809 It was discovered that runC incorrectly performed access control when mounting /proc to non-directories. An attacker could...
PT-2023-3613 · Netskope · Netskope Client Service
Name of the Vulnerable Software and Affected Versions: Netskope client service versions prior to R96 Description: The issue is related to a synchronization error when using a shared resource, which can be exploited by a malicious local user to elevate privileges. The Netskope client service runs ...
PT-2023-21098 · Siemens · Scalance Lpe9403
Name of the Vulnerable Software and Affected Versions: SCALANCE LPE9403 versions prior to V2.1 Description: A vulnerability has been identified where the i2c mutex file is created with the permissions bits of -rw-rw-rw-. This file is used as a mutex for multiple applications interacting with i2c...
CVE-2023-29465
SageMath FlintQS 1.0 relies on pathnames under TMPDIR typically world-writable, which for example allows a local user to overwrite files with the privileges of a different user who is running FlintQS...
Improper Access Control
github.com/opencontainers/runc is vulnerable to Improper Access Control. The vulnerability exists because the rootless runc makes /sys/fs/cgroup writable when runc is executed inside the user namespace, and the config.json does not specify the cgroup namespace to be unshared e.g..,...