Lucene search
K

2831 matches found

NVD
NVD
added 2019/06/03 3:29 a.m.21 views

CVE-2019-12589

In Firejail before 0.9.60, seccomp filters are writable inside the jail, leading to a lack of intended seccomp restrictions for a process that is joined to the jail after a filter has been modified by an attacker...

8.8CVSS8.7AI score0.0051EPSS
Exploits1References5
OSV
OSV
added 2019/06/03 3:29 a.m.2 views

DEBIAN-CVE-2019-12589

In Firejail before 0.9.60, seccomp filters are writable inside the jail, leading to a lack of intended seccomp restrictions for a process that is joined to the jail after a filter has been modified by an attacker...

8.8CVSS7.8AI score0.0051EPSS
Exploits1References1
OpenVAS
OpenVAS
added 2019/05/09 12:0 a.m.39 views

Samba World Writable Files Vulnerability (CVE-2019-3870)

Samba is prone to a world writeable files vulnerability. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:samba:samba";...

6.1CVSS6.9AI score0.00552EPSS
Exploits1References1
Veracode
Veracode
added 2019/05/02 4:57 a.m.40 views

Infomation Disclosure

OpenStack Compute nova launches and schedules large networks of virtual machines, creating a redundant and scalable cloud computing platform. Compute provides the software, control panels, and APIs required to orchestrate a cloud, including running virtual machine instances, managing networks, an...

7.1CVSS5.8AI score0.02159EPSS
Exploits3References22Affected Software1
Veracode
Veracode
added 2019/05/02 4:52 a.m.18 views

Arbitrary File Write

ibacm is vulnerable to arbitrary file write. It was found that the ibacm daemon created some files with world-writable permissions. A local attacker could use this flaw to overwrite the contents of the ibacm.log or ibacm.port file, allowing them to mask certain actions from the log or cause ibacm...

3.6CVSS5.8AI score0.00361EPSS
Exploits0References8Affected Software11
OSV
OSV
added 2019/04/26 5:29 p.m.1 views

CVE-2019-9798

On Android systems, Firefox can load a library from APITRACELIB, which is writable by all users and applications. This could allow malicious third party applications to execute a man-in-the-middle attack if a malicious code was written to that location and loaded. Note: This issue only affects...

7.4CVSS7.4AI score0.0091EPSS
Exploits0References2
OSV
OSV
added 2019/04/26 5:29 p.m.2 views

UBUNTU-CVE-2019-9798

On Android systems, Firefox can load a library from APITRACELIB, which is writable by all users and applications. This could allow malicious third party applications to execute a man-in-the-middle attack if a malicious code was written to that location and loaded. Note: This issue only affects...

7.4CVSS7.3AI score0.0091EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2019/04/26 5:29 p.m.24 views

CVE-2019-9798

On Android systems, Firefox can load a library from APITRACELIB, which is writable by all users and applications. This could allow malicious third party applications to execute a man-in-the-middle attack if a malicious code was written to that location and loaded. Note: This issue only affects...

7.4CVSS7.2AI score0.0091EPSS
Exploits0References2
Cvelist
Cvelist
added 2019/04/26 4:13 p.m.20 views

CVE-2019-9798

On Android systems, Firefox can load a library from APITRACELIB, which is writable by all users and applications. This could allow malicious third party applications to execute a man-in-the-middle attack if a malicious code was written to that location and loaded. Note: This issue only affects...

7.8AI score0.0091EPSS
Exploits0References2
NVD
NVD
added 2019/04/22 4:29 p.m.19 views

CVE-2011-3151

The Ubuntu SELinux initscript before version 1:0.10 used touch to create a lockfile in a world-writable directory. If the OS kernel does not have symlink protections then an attacker can cause a zero byte file to be allocated on any writable filesystem...

5.9CVSS5.2AI score0.00601EPSS
Exploits0References1
Prion
Prion
added 2019/04/22 4:29 p.m.17 views

Design/Logic Flaw

The Ubuntu SELinux initscript before version 1:0.10 used touch to create a lockfile in a world-writable directory. If the OS kernel does not have symlink protections then an attacker can cause a zero byte file to be allocated on any writable filesystem...

5.8CVSS6.9AI score0.00601EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2019/04/22 3:35 p.m.24 views

CVE-2011-3151 SELinux initscript misuse of touch

The Ubuntu SELinux initscript before version 1:0.10 used touch to create a lockfile in a world-writable directory. If the OS kernel does not have symlink protections then an attacker can cause a zero byte file to be allocated on any writable filesystem...

5.2CVSS5.5AI score0.00601EPSS
Exploits0References1
OSV
OSV
added 2019/04/17 3:29 p.m.4 views

CVE-2019-8453

Some of the DLLs loaded by Check Point ZoneAlarm up to 15.4.062 are taken from directories where all users have write permissions. This can allow a local attacker to replace a DLL file with a malicious one and cause Denial of Service to the client...

5.5CVSS6AI score
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2019/04/16 12:0 a.m.35 views

Samba 4.9.x < 4.9.6 / 4.10.0 < 4.10.2 World-Writable Files Vulnerability (CVE-2019-3870)

The version of Samba running on the remote host is 4.9.x 4.9.6 or 4.10.0 prior to 4.10.2. It is, therefore, potentially affected by a world writable files vulnerability. An authenticated, local attacker can exploit this issue to read and update files in the private/ directory. Note that Nessus ha...

6.1CVSS7AI score0.00552EPSS
Exploits1References3
OSV
OSV
added 2019/04/09 4:29 p.m.5 views

AZL-45057 CVE-2019-3870 affecting package samba for versions less than 4.18.3-1

A vulnerability was found in Samba from version including 4.9 to versions before 4.9.6 and 4.10.2. During the creation of a new Samba AD DC, files are created in a private subdirectory of the install location. This directory is typically mode 0700, that is owner root only access. However in some...

6.1CVSS6.6AI score0.00552EPSS
Exploits1References1
OSV
OSV
added 2019/04/09 4:29 p.m.2 views

DEBIAN-CVE-2019-3870

A vulnerability was found in Samba from version including 4.9 to versions before 4.9.6 and 4.10.2. During the creation of a new Samba AD DC, files are created in a private subdirectory of the install location. This directory is typically mode 0700, that is owner root only access. However in some...

6.1CVSS6.7AI score0.00552EPSS
Exploits1References1
Prion
Prion
added 2019/04/09 4:29 p.m.20 views

Design/Logic Flaw

A vulnerability was found in Samba from version including 4.9 to versions before 4.9.6 and 4.10.2. During the creation of a new Samba AD DC, files are created in a private subdirectory of the install location. This directory is typically mode 0700, that is owner root only access. However in some...

3.6CVSS6AI score0.00552EPSS
Exploits1References7Affected Software5
CVE
CVE
added 2019/04/09 3:17 p.m.118 views

CVE-2019-3870

CVE-2019-3870 affects Samba 4.9 (inclusive) through 4.9.5, and 4.10.x up to 4.10.2. During new Samba AD DC creation, a private install subdirectory (often 0700) may be left with looser permissions (e.g., 0755) after upgrades. Within this directory, files are created with mode 0666, making sensiti...

6.1CVSS6.1AI score0.00552EPSS
Exploits1References7Affected Software1
Cvelist
Cvelist
added 2019/04/09 3:17 p.m.30 views

CVE-2019-3870

A vulnerability was found in Samba from version including 4.9 to versions before 4.9.6 and 4.10.2. During the creation of a new Samba AD DC, files are created in a private subdirectory of the install location. This directory is typically mode 0700, that is owner root only access. However in some...

6.1CVSS6AI score0.00552EPSS
Exploits1References7
RedhatCVE
RedhatCVE
added 2019/04/09 4:24 a.m.34 views

CVE-2019-3870

A vulnerability was found in Samba versions 4.9 and later. During the creation of a new Samba AD DC, files are created in a private subdirectory of the install location. This directory is typically mode 0700, that is owner root only access. However in some upgraded installations it will have othe...

6.1CVSS2.3AI score0.00552EPSS
Exploits1References5
Rows per page
Query Builder