Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Nano Security Vulnerabilities - November

cve
cve

CVE-2010-1160

GNU nano before 2.2.4 does not verify whether a file has been changed before it is overwritten in a file-save operation, which allows local user-assisted attackers to overwrite arbitrary files via a symlink attack on an attacker-owned file that is being edited by the victim.

6AI Score

0.0004EPSS

2010-04-16 07:30 PM
32
cve
cve

CVE-2010-1161

Race condition in GNU nano before 2.2.4, when run by root to edit a file that is not owned by root, allows local user-assisted attackers to change the ownership of arbitrary files via vectors related to the creation of backup files.

6.1AI Score

0.0004EPSS

2010-04-16 07:30 PM
28
cve
cve

CVE-2024-5742

A vulnerability was found in GNU Nano that allows a possible privilege escalation through an insecure temporary file. If Nano is killed while editing, a file it saves to an emergency file with the permissions of the running user provides a window of opportunity for attackers to escalate privileges ...

6.7CVSS

5.1AI Score

0.0004EPSS

2024-06-12 09:15 AM
38