Max CVSS | 7.2 | Min CVSS | 1.9 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2012-5660 | 6.9 |
abrt-action-install-debuginfo in Automatic Bug Reporting Tool (ABRT) 2.0.9 and earlier allows local users to set world-writable permissions for arbitrary files and possibly gain privileges via a symlink attack on "the directories used to store inform
|
13-02-2023 - 04:37 | 12-03-2013 - 23:55 | |
CVE-2015-5302 | 5.0 |
libreport 2.0.7 before 2.6.3 only saves changes to the first file when editing a crash report, which allows remote attackers to obtain sensitive information via unspecified vectors related to the (1) backtrace, (2) cmdline, (3) environ, (4) open_fds,
|
13-02-2023 - 00:53 | 07-12-2015 - 18:59 | |
CVE-2019-8324 | 6.8 |
An issue was discovered in RubyGems 2.6 and later through 3.0.2. A crafted gem with a multi-line name is not handled correctly. Therefore, an attacker could inject arbitrary code to the stub line of gemspec, which is eval-ed by code in ensure_loadabl
|
24-08-2020 - 17:37 | 17-06-2019 - 19:15 | |
CVE-2019-8325 | 5.0 |
An issue was discovered in RubyGems 2.6 and later through 3.0.2. Since Gem::CommandManager#run calls alert_error without escaping, escape sequence injection is possible. (There are many ways to cause an error.)
|
19-08-2020 - 19:01 | 17-06-2019 - 19:15 | |
CVE-2015-3315 | 7.2 |
Automatic Bug Reporting Tool (ABRT) allows local users to read, change the ownership of, or have other unspecified impact on arbitrary files via a symlink attack on (1) /var/tmp/abrt/*/maps, (2) /tmp/jvm-*/hs_error.log, (3) /proc/*/exe, (4) /etc/os-r
|
19-02-2018 - 02:29 | 26-06-2017 - 15:29 | |
CVE-2012-1106 | 1.9 |
The C handler plug-in in Automatic Bug Reporting Tool (ABRT), possibly 2.0.8 and earlier, does not properly set the group (GID) permissions on core dump files for setuid programs when the sysctl fs.suid_dumpable option is set to 2, which allows local
|
29-08-2017 - 01:31 | 03-07-2012 - 16:40 |