Skip to main content
CVE-2014-3038 LOW Monitor

IBM SPSS Modeler 16.0 before 16.0.0.1 on UNIX does not properly drop group privileges, which allows local users to bypass intended file-access restrictions by leveraging (1) gid 0 or (2) root's group. Rated low severity (CVSS 3.6), this vulnerability is low attack complexity. No vendor patch available.

IBM Privilege Escalation Spss Modeler
NVD
CVSS 2.0
3.6
EPSS
0.1%
CVE-2014-3981 LOW PATCH Monitor

acinclude.m4, as used in the configure script in PHP 5.5.13 and earlier, allows local users to overwrite arbitrary files via a symlink attack on the /tmp/phpglibccheck file. Rated low severity (CVSS 3.3).

PHP Information Disclosure
NVD
CVSS 2.0
3.3
EPSS
0.3%
CVE-2014-3986 LOW Monitor

include/tests_webservers in Lynis before 1.5.5 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/lynis.*.unsorted file with an easily determined name. Rated low severity (CVSS 3.3). No vendor patch available.

Information Disclosure Lynis
NVD
CVSS 2.0
3.3
EPSS
0.1%
CVE-2014-3982 LOW PATCH Monitor

include/tests_webservers in Lynis before 1.5.5 on AIX allows local users to overwrite arbitrary files via a symlink attack on a /tmp/lynis.##### file. Rated low severity (CVSS 3.3).

Information Disclosure Lynis
NVD
CVSS 2.0
3.3
EPSS
0.1%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy