Skip to main content

Lynis

4 CVEs product

Monthly

CVE-2020-13882 MEDIUM This Month

CISOfy Lynis before 3.0.0 has Incorrect Access Control because of a TOCTOU race condition. Rated medium severity (CVSS 4.2). No vendor patch available.

Authentication Bypass Lynis Fedora
NVD
CVSS 3.1
4.2
EPSS
0.3%
CVE-2017-8108 HIGH This Week

Unspecified tests in Lynis before 2.5.0 allow local users to write to arbitrary files or possibly gain privileges via a symlink attack on a temporary file. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Lynis
NVD GitHub
CVSS 3.0
7.8
EPSS
0.1%
CVE-2014-3986 LOW Monitor

include/tests_webservers in Lynis before 1.5.5 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/lynis.*.unsorted file with an easily determined name. Rated low severity (CVSS 3.3). No vendor patch available.

Information Disclosure Lynis
NVD
CVSS 2.0
3.3
EPSS
0.1%
CVE-2014-3982 LOW PATCH Monitor

include/tests_webservers in Lynis before 1.5.5 on AIX allows local users to overwrite arbitrary files via a symlink attack on a /tmp/lynis.##### file. Rated low severity (CVSS 3.3).

Information Disclosure Lynis
NVD
CVSS 2.0
3.3
EPSS
0.1%
EPSS 0% CVSS 4.2
MEDIUM This Month

CISOfy Lynis before 3.0.0 has Incorrect Access Control because of a TOCTOU race condition. Rated medium severity (CVSS 4.2). No vendor patch available.

Authentication Bypass Lynis Fedora
NVD
EPSS 0% CVSS 7.8
HIGH This Week

Unspecified tests in Lynis before 2.5.0 allow local users to write to arbitrary files or possibly gain privileges via a symlink attack on a temporary file. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Lynis
NVD GitHub
EPSS 0% CVSS 3.3
LOW Monitor

include/tests_webservers in Lynis before 1.5.5 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/lynis.*.unsorted file with an easily determined name. Rated low severity (CVSS 3.3). No vendor patch available.

Information Disclosure Lynis
NVD
EPSS 0% CVSS 3.3
LOW PATCH Monitor

include/tests_webservers in Lynis before 1.5.5 on AIX allows local users to overwrite arbitrary files via a symlink attack on a /tmp/lynis.##### file. Rated low severity (CVSS 3.3).

Information Disclosure Lynis
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy