Vulnerabilities > Cisofy
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-06-18 | CVE-2020-13882 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in multiple products CISOfy Lynis before 3.0.0 has Incorrect Access Control because of a TOCTOU race condition. | 4.2 |
2020-06-18 | CVE-2019-13033 | Information Exposure vulnerability in multiple products In CISOfy Lynis 2.x through 2.7.5, the license key can be obtained by looking at the process list when a data upload is being performed. | 3.3 |
2017-06-08 | CVE-2017-8108 | Link Following vulnerability in Cisofy Lynis Unspecified tests in Lynis before 2.5.0 allow local users to write to arbitrary files or possibly gain privileges via a symlink attack on a temporary file. | 7.8 |
2014-06-08 | CVE-2014-3986 | Link Following vulnerability in Cisofy Lynis include/tests_webservers in Lynis before 1.5.5 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/lynis.*.unsorted file with an easily determined name. | 3.3 |
2014-06-08 | CVE-2014-3982 | Link Following vulnerability in Cisofy Lynis include/tests_webservers in Lynis before 1.5.5 on AIX allows local users to overwrite arbitrary files via a symlink attack on a /tmp/lynis.##### file. | 3.3 |