Количество 14
Количество 14
CVE-2023-30630
Dmidecode before 3.5 allows -dump-bin to overwrite a local file. This has security relevance because, for example, execution of Dmidecode via Sudo is plausible. NOTE: Some third parties have indicated the fix in 3.5 does not adequately address the vulnerability. The argument is that the proposed patch prevents dmidecode from writing to an existing file. However, there are multiple attack vectors that would not require overwriting an existing file that would provide the same level of unauthorized privilege escalation (e.g. creating a new file in /etc/cron.hourly).
CVE-2023-30630
Dmidecode before 3.5 allows -dump-bin to overwrite a local file. This has security relevance because, for example, execution of Dmidecode via Sudo is plausible. NOTE: Some third parties have indicated the fix in 3.5 does not adequately address the vulnerability. The argument is that the proposed patch prevents dmidecode from writing to an existing file. However, there are multiple attack vectors that would not require overwriting an existing file that would provide the same level of unauthorized privilege escalation (e.g. creating a new file in /etc/cron.hourly).
CVE-2023-30630
Dmidecode before 3.5 allows -dump-bin to overwrite a local file. This has security relevance because, for example, execution of Dmidecode via Sudo is plausible. NOTE: Some third parties have indicated the fix in 3.5 does not adequately address the vulnerability. The argument is that the proposed patch prevents dmidecode from writing to an existing file. However, there are multiple attack vectors that would not require overwriting an existing file that would provide the same level of unauthorized privilege escalation (e.g. creating a new file in /etc/cron.hourly).
CVE-2023-30630
CVE-2023-30630
Dmidecode before 3.5 allows -dump-bin to overwrite a local file. This ...
SUSE-SU-2023:2215-1
Security update for dmidecode
SUSE-SU-2023:2044-1
Security update for dmidecode
SUSE-SU-2023:1947-1
Security update for dmidecode
RLSA-2023:5061
Moderate: dmidecode security update
GHSA-9r2p-xmm5-5ppg
Dmidecode before 3.5 allows -dump-bin to overwrite a local file. This has security relevance because, for example, execution of Dmidecode via Sudo is plausible.
ELSA-2023-5252
ELSA-2023-5252: dmidecode security update (MODERATE)
ELSA-2023-5061
ELSA-2023-5061: dmidecode security update (MODERATE)
BDU:2023-07470
Уязвимость утилиты dmidecode операционной системы Linux, позволяющая нарушителю повысить свои привилегий
ROS-20250303-03
Уязвимость dmidecode
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2023-30630 Dmidecode before 3.5 allows -dump-bin to overwrite a local file. This has security relevance because, for example, execution of Dmidecode via Sudo is plausible. NOTE: Some third parties have indicated the fix in 3.5 does not adequately address the vulnerability. The argument is that the proposed patch prevents dmidecode from writing to an existing file. However, there are multiple attack vectors that would not require overwriting an existing file that would provide the same level of unauthorized privilege escalation (e.g. creating a new file in /etc/cron.hourly). | CVSS3: 7.1 | 0% Низкий | почти 3 года назад |
 | CVE-2023-30630 Dmidecode before 3.5 allows -dump-bin to overwrite a local file. This has security relevance because, for example, execution of Dmidecode via Sudo is plausible. NOTE: Some third parties have indicated the fix in 3.5 does not adequately address the vulnerability. The argument is that the proposed patch prevents dmidecode from writing to an existing file. However, there are multiple attack vectors that would not require overwriting an existing file that would provide the same level of unauthorized privilege escalation (e.g. creating a new file in /etc/cron.hourly). | CVSS3: 7.1 | 0% Низкий | почти 3 года назад |
 | CVE-2023-30630 Dmidecode before 3.5 allows -dump-bin to overwrite a local file. This has security relevance because, for example, execution of Dmidecode via Sudo is plausible. NOTE: Some third parties have indicated the fix in 3.5 does not adequately address the vulnerability. The argument is that the proposed patch prevents dmidecode from writing to an existing file. However, there are multiple attack vectors that would not require overwriting an existing file that would provide the same level of unauthorized privilege escalation (e.g. creating a new file in /etc/cron.hourly). | CVSS3: 7.1 | 0% Низкий | почти 3 года назад |
 | CVSS3: 7.1 | 0% Низкий | почти 3 года назад | |
| CVE-2023-30630 Dmidecode before 3.5 allows -dump-bin to overwrite a local file. This ... | CVSS3: 7.1 | 0% Низкий | почти 3 года назад |
 | SUSE-SU-2023:2215-1 Security update for dmidecode | 0% Низкий | больше 2 лет назад | |
| SUSE-SU-2023:2044-1 Security update for dmidecode | 0% Низкий | почти 3 года назад | |
| SUSE-SU-2023:1947-1 Security update for dmidecode | 0% Низкий | почти 3 года назад | |
 | RLSA-2023:5061 Moderate: dmidecode security update | 0% Низкий | больше 2 лет назад | |
| GHSA-9r2p-xmm5-5ppg Dmidecode before 3.5 allows -dump-bin to overwrite a local file. This has security relevance because, for example, execution of Dmidecode via Sudo is plausible. | CVSS3: 7.8 | 0% Низкий | почти 3 года назад |
| ELSA-2023-5252 ELSA-2023-5252: dmidecode security update (MODERATE) | больше 2 лет назад | ||
| ELSA-2023-5061 ELSA-2023-5061: dmidecode security update (MODERATE) | больше 2 лет назад | ||
 | BDU:2023-07470 Уязвимость утилиты dmidecode операционной системы Linux, позволяющая нарушителю повысить свои привилегий | CVSS3: 7.1 | 0% Низкий | почти 3 года назад |
 | ROS-20250303-03 Уязвимость dmidecode | CVSS3: 7.1 | 0% Низкий | 11 месяцев назад |
Уязвимостей на страницу