Page 44 of 700 results (0.009 seconds)

CVSS: 3.3EPSS: 0%CPEs: 1EXPL: 0

CVE-2015-8842

https://notcve.org/view.php?id=CVE-2015-8842

tmpfiles.d/systemd.conf in systemd before 229 uses weak permissions for /var/log/journal/%m/system.journal, which allows local users to obtain sensitive information by reading the file. tmpfiles.d/systemd.conf en systemd en versiones anteriores a 229 utiliza permisos débiles para /var/log/journal/%m/system.journal, lo que permite a usuarios locales obtener información sensible leyendo el archivo. • http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00044.html http://lists.opensuse.org/opensuse-updates/2016-05/msg00109.html http://www.openwall.com/lists/oss-security/2016/04/08/14 http://www.openwall.com/lists/oss-security/2016/04/08/15 https://bugzilla.suse.com/show_bug.cgi?id=972612 https://github.com/systemd/systemd/commit/afae249efa4774c6676738ac5de6aeb4daf4889f • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 3.3EPSS: 0%CPEs: 1EXPL: 0

CVE-2014-9770

https://notcve.org/view.php?id=CVE-2014-9770

tmpfiles.d/systemd.conf in systemd before 214 uses weak permissions for journal files under (1) /run/log/journal/%m and (2) /var/log/journal/%m, which allows local users to obtain sensitive information by reading these files. tmpfiles.d/systemd.conf en systemd en versiones anteriores a 214 utiliza permisos débiles para archivos journal bajo (1) /run/log/journal/%m y (2) /var/log/journal/%m, lo que permite a usuarios locales obtener información sensible leyendo estos archivos. • http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00044.html http://lists.opensuse.org/opensuse-updates/2016-05/msg00109.html http://www.openwall.com/lists/oss-security/2016/04/08/14 http://www.openwall.com/lists/oss-security/2016/04/08/15 https://bugzilla.suse.com/show_bug.cgi?id=972612 • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 10.0EPSS: 67%CPEs: 81EXPL: 0

CVE-2016-3427 – Oracle Java SE and JRockit Unspecified Vulnerability

https://notcve.org/view.php?id=CVE-2016-3427

Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77; Java SE Embedded 8u77; and JRockit R28.3.9 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JMX. Vulnerabilidad no especificada en Oracle Java SE 6u113, 7u99 y 8u77; Java SE Embedded 8u77; y JRockit R28.3.9 permite a atacantes remotos afectar a la confidencialidad, integridad y disponibilidad a través de vectores relacionados con JMX. It was discovered that the RMI server implementation in the JMX component in OpenJDK did not restrict which classes can be deserialized when deserializing authentication credentials. A remote, unauthenticated attacker able to connect to a JMX port could possibly use this flaw to trigger deserialization flaws. Oracle Java SE and JRockit contains an unspecified vulnerability that allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Java Management Extensions (JMX). • http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00006.html http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00009.html http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00012.html http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00021.html http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00022.html http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00026.html http://lists.opensuse.org/opensuse-security-announce/2016-05 • CWE-284: Improper Access Control •

CVSS: 6.2EPSS: 1%CPEs: 2EXPL: 0

CVE-2016-3186 – libtiff: buffer overflow in gif2tiff

https://notcve.org/view.php?id=CVE-2016-3186

Buffer overflow in the readextension function in gif2tiff.c in LibTIFF 4.0.6 allows remote attackers to cause a denial of service (application crash) via a crafted GIF file. Desbordamiento de buffer en la función readextension en gif2tiff.c en LibTIFF 4.0.6 permite a atacantes remotos provocar una denegación de servicio (caída de aplicación) a través de un archivo GIF manipulado. • http://lists.opensuse.org/opensuse-updates/2016-04/msg00064.html http://lists.opensuse.org/opensuse-updates/2016-04/msg00075.html http://www.securitytracker.com/id/1035442 https://access.redhat.com/errata/RHSA-2019:2053 https://bugzilla.redhat.com/show_bug.cgi?id=1319503 https://security.gentoo.org/glsa/201701-16 https://usn.ubuntu.com/3606-1 https://access.redhat.com/security/cve/CVE-2016-3186 https://bugzilla.redhat.com/show_bug.cgi?id=1319666 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-121: Stack-based Buffer Overflow •

CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0

CVE-2016-4036

https://notcve.org/view.php?id=CVE-2016-4036

The quagga package before 0.99.23-2.6.1 in openSUSE and SUSE Linux Enterprise Server 11 SP 1 uses weak permissions for /etc/quagga, which allows local users to obtain sensitive information by reading files in the directory. El paquete quagga en versiones anteriores a 0.99.23-2.6.1 en openSUSE y SUSE Linux Enterprise Server 11 SP 1 utiliza permisos débiles para /etc/quagga, lo que permite a usuarios locales obtener información sensible leyendo archivos en el directorio. • http://lists.opensuse.org/opensuse-updates/2016-04/msg00040.html http://www.debian.org/security/2016/dsa-3654 http://www.securityfocus.com/bid/87324 https://bugzilla.suse.com/show_bug.cgi?id=770619 • CWE-264: Permissions, Privileges, and Access Controls •