Filter
-Infinity
0
Trending
openSUSEobs-service-go_modules: arbitrary directory delete
5.5
First published (updated )
openSUSEsendmail: mail to root privilege escalation via sm-client.pre script
7.8
First published (updated )
openSUSEslurm: %post for slurm-testsuite operates as root in user owned directory
6.5
First published (updated )
Cannacanna: unsafe handling of /tmp/.iroha_unix directory
5.3
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
openSUSEsuddoers configuration for cscreen not restrictive enough
5.3
First published (updated )
openSUSEcscreen: usage of fixed path /tmp/cscreen.debug
6.1
First published (updated )
CentOS Grub2-pc-modulesgrub2-once uses fixed file name in /var/tmp
5.1
First published (updated )
openSUSEparsec: dangerous 777 permissions for /run/parsec
5.9
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
RubyCGI::Cookie.parse in Ruby through 2.6.8 mishandles security prefixes in cookie names. This also affe…
7.5
First published (updated )
RubyDate.parse in the date gem through 3.2.0 for Ruby allows ReDoS (regular expression Denial of Service…
7.5
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
SUSE Linux Enterprise Serverclone-master-clean-up: dangerous file system operations
7.1
First published (updated )
arpwatcharpwatch: Local privilege escalation from runtime user to root
7.8
First published (updated )
HyperKittypython-HyperKitty: hyperkitty-permissions.sh used during %post allows local privilege escalation from hyperkitty user to root
7.8
First published (updated )
Postoriuspython-postorius: postorius-permissions.sh used during %post allows local privilege escalation from postorius user to root
7.8
First published (updated )
CUPS librariescups: ownership of /var/log/cups allows the lp user to create files as root
3.3
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
openSUSEvirtualbox: missing sticky bit for /etc/vbox allows local root exploit for members of vboxusers group
7.8
First published (updated )
redhat/grub2GRUB2 contains a race condition leading to a use-after-free vulnerability which can be triggered by redefining a function whilst the same function is already executing.
6.4
First published (updated )
openSUSEosc: stores downloaded (supposed) RPM in network-controlled filesystem paths
9.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
SUSE OBS Service - Tar SCMobs-service-extract_file's outfilename parameter allows to write files outside of package directory
7.5
First published (updated )
PrivoxyLocal privilege escalation from user privoxy to root
7.8
First published (updated )
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.