Vulnerabilities > Cisofy > Lynis > 1.5.2

DATE CVE VULNERABILITY TITLE RISK
2020-06-18 CVE-2020-13882 Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in multiple products
CISOfy Lynis before 3.0.0 has Incorrect Access Control because of a TOCTOU race condition.
local
high complexity
cisofy fedoraproject CWE-367
4.2
4.2
2017-06-08 CVE-2017-8108 Link Following vulnerability in Cisofy Lynis
Unspecified tests in Lynis before 2.5.0 allow local users to write to arbitrary files or possibly gain privileges via a symlink attack on a temporary file.
local
low complexity
cisofy CWE-59
7.8
7.8
2014-06-08 CVE-2014-3986 Link Following vulnerability in Cisofy Lynis
include/tests_webservers in Lynis before 1.5.5 allows local users to overwrite arbitrary files via a symlink attack on a /tmp/lynis.*.unsorted file with an easily determined name.
local
cisofy CWE-59
3.3
3.3
2014-06-08 CVE-2014-3982 Link Following vulnerability in Cisofy Lynis
include/tests_webservers in Lynis before 1.5.5 on AIX allows local users to overwrite arbitrary files via a symlink attack on a /tmp/lynis.##### file.
local
cisofy CWE-59
3.3
3.3