In Helix Sync versions prior to 2024.1, a local command injection was identified. Reported by Bryan...
7.8CVSS
7.8AI Score
0.0004EPSS
In Helix Core versions prior to 2023.2, an unauthenticated remote Denial of Service (DoS) via the shutdown function was identified. Reported by Jason...
7.5CVSS
8.7AI Score
0.001EPSS
An arbitrary code execution which results in privilege escalation was discovered in Helix Core versions prior to 2023.2. Reported by Jason...
9.8CVSS
9.9AI Score
0.001EPSS
In Helix Core versions prior to 2023.2, an unauthenticated remote Denial of Service (DoS) via the commit function was identified. Reported by Jason...
7.5CVSS
8.7AI Score
0.001EPSS
In Helix Core versions prior to 2023.2, an unauthenticated remote Denial of Service (DoS) via the buffer was identified. Reported by Jason...
7.5CVSS
8.8AI Score
0.001EPSS
Helix GNOME Updater helix-update 0.5 and earlier does not properly create /tmp directories, which allows local users to create empty system configuration files such as /etc/config.d/bashrc, /etc/config.d/csh.cshrc, and...
6.7AI Score
0.0004EPSS
Helix GNOME Updater helix-update 0.5 and earlier allows local users to install arbitrary RPM packages by creating the /tmp/helix-install installation directory before root has begun installing...
6.9AI Score
0.0004EPSS
The go-gnome Helix GNOME pre-installer allows local users to overwrite arbitrary files via a symlink attack on various files in /tmp, including uudecode, snarf, and some installer...
6.8AI Score
0.0004EPSS