Skip to main content

Automatic Bug Reporting Tool

8 CVEs product

Monthly

CVE-2015-3315 HIGH POC PATCH Act Now

Automatic Bug Reporting Tool (ABRT) allows local users to read, change the ownership of, or have other unspecified impact on arbitrary files via a symlink attack on (1) /var/tmp/abrt/*/maps, (2). Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Information Disclosure Automatic Bug Reporting Tool
NVD GitHub Exploit-DB
CVSS 3.0
7.8
EPSS
5.3%
CVE-2015-3142 MEDIUM This Month

The kernel-invoked coredump processor in Automatic Bug Reporting Tool (ABRT) does not properly check the ownership of files before writing core dumps to them, which allows local users to obtain. Rated medium severity (CVSS 4.7). No vendor patch available.

Information Disclosure Automatic Bug Reporting Tool
NVD
CVSS 3.0
4.7
EPSS
0.1%
CVE-2015-1870 MEDIUM PATCH This Month

The event scripts in Automatic Bug Reporting Tool (ABRT) uses world-readable permission on a copy of sosreport file in problem directories, which allows local users to obtain sensitive information. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Automatic Bug Reporting Tool
NVD GitHub
CVSS 3.0
5.5
EPSS
0.1%
CVE-2015-5287 MEDIUM POC THREAT This Month

The abrt-hook-ccpp help program in Automatic Bug Reporting Tool (ABRT) before 2.7.1 allows local users with certain permissions to gain privileges via a symlink attack on a file with a predictable. Rated medium severity (CVSS 6.9). Public exploit code available and EPSS exploitation probability 12.9%.

Information Disclosure Automatic Bug Reporting Tool Enterprise Linux Desktop Enterprise Linux Hpc Node Enterprise Linux Server +1
NVD GitHub Exploit-DB
CVSS 2.0
6.9
EPSS
12.9%
CVE-2015-5273 LOW POC Monitor

The abrt-action-install-debuginfo-to-abrt-cache help program in Automatic Bug Reporting Tool (ABRT) before 2.7.1 allows local users to write to arbitrary files via a symlink attack on unpacked.cpio. Rated low severity (CVSS 3.6), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Automatic Bug Reporting Tool Enterprise Linux Desktop Enterprise Linux Hpc Node Enterprise Linux Server +1
NVD GitHub Exploit-DB
CVSS 2.0
3.6
EPSS
0.3%
CVE-2012-5660 MEDIUM POC This Month

abrt-action-install-debuginfo in Automatic Bug Reporting Tool (ABRT) 2.0.9 and earlier allows local users to set world-writable permissions for arbitrary files and possibly gain privileges via a. Rated medium severity (CVSS 6.9). Public exploit code available and no vendor patch available.

Privilege Escalation Automatic Bug Reporting Tool
NVD
CVSS 2.0
6.9
EPSS
0.0%
CVE-2012-5659 LOW POC Monitor

Untrusted search path vulnerability in plugins/abrt-action-install-debuginfo-to-abrt-cache.c in Automatic Bug Reporting Tool (ABRT) 2.0.9 and earlier allows local users to load and execute arbitrary. Rated low severity (CVSS 3.7). Public exploit code available and no vendor patch available.

Python Information Disclosure Automatic Bug Reporting Tool
NVD
CVSS 2.0
3.7
EPSS
0.1%
CVE-2012-1106 LOW POC Monitor

The C handler plug-in in Automatic Bug Reporting Tool (ABRT), possibly 2.0.8 and earlier, does not properly set the group (GID) permissions on core dump files for setuid programs when the sysctl. Rated low severity (CVSS 1.9). Public exploit code available and no vendor patch available.

Privilege Escalation Automatic Bug Reporting Tool
NVD
CVSS 2.0
1.9
EPSS
0.0%
EPSS 5% CVSS 7.8
HIGH POC PATCH Act Now

Automatic Bug Reporting Tool (ABRT) allows local users to read, change the ownership of, or have other unspecified impact on arbitrary files via a symlink attack on (1) /var/tmp/abrt/*/maps, (2). Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. Public exploit code available.

Information Disclosure Automatic Bug Reporting Tool
NVD GitHub Exploit-DB
EPSS 0% CVSS 4.7
MEDIUM This Month

The kernel-invoked coredump processor in Automatic Bug Reporting Tool (ABRT) does not properly check the ownership of files before writing core dumps to them, which allows local users to obtain. Rated medium severity (CVSS 4.7). No vendor patch available.

Information Disclosure Automatic Bug Reporting Tool
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

The event scripts in Automatic Bug Reporting Tool (ABRT) uses world-readable permission on a copy of sosreport file in problem directories, which allows local users to obtain sensitive information. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Automatic Bug Reporting Tool
NVD GitHub
EPSS 13% CVSS 6.9
MEDIUM POC THREAT This Month

The abrt-hook-ccpp help program in Automatic Bug Reporting Tool (ABRT) before 2.7.1 allows local users with certain permissions to gain privileges via a symlink attack on a file with a predictable. Rated medium severity (CVSS 6.9). Public exploit code available and EPSS exploitation probability 12.9%.

Information Disclosure Automatic Bug Reporting Tool Enterprise Linux Desktop +3
NVD GitHub Exploit-DB
EPSS 0% CVSS 3.6
LOW POC Monitor

The abrt-action-install-debuginfo-to-abrt-cache help program in Automatic Bug Reporting Tool (ABRT) before 2.7.1 allows local users to write to arbitrary files via a symlink attack on unpacked.cpio. Rated low severity (CVSS 3.6), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Automatic Bug Reporting Tool Enterprise Linux Desktop +3
NVD GitHub Exploit-DB
EPSS 0% CVSS 6.9
MEDIUM POC This Month

abrt-action-install-debuginfo in Automatic Bug Reporting Tool (ABRT) 2.0.9 and earlier allows local users to set world-writable permissions for arbitrary files and possibly gain privileges via a. Rated medium severity (CVSS 6.9). Public exploit code available and no vendor patch available.

Privilege Escalation Automatic Bug Reporting Tool
NVD
EPSS 0% CVSS 3.7
LOW POC Monitor

Untrusted search path vulnerability in plugins/abrt-action-install-debuginfo-to-abrt-cache.c in Automatic Bug Reporting Tool (ABRT) 2.0.9 and earlier allows local users to load and execute arbitrary. Rated low severity (CVSS 3.7). Public exploit code available and no vendor patch available.

Python Information Disclosure Automatic Bug Reporting Tool
NVD
EPSS 0% CVSS 1.9
LOW POC Monitor

The C handler plug-in in Automatic Bug Reporting Tool (ABRT), possibly 2.0.8 and earlier, does not properly set the group (GID) permissions on core dump files for setuid programs when the sysctl. Rated low severity (CVSS 1.9). Public exploit code available and no vendor patch available.

Privilege Escalation Automatic Bug Reporting Tool
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy