Every CVE whose affected-product data names Cisofy Lynis, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (5)
CVE-2017-8108 — CVSS 7.8 (high): Unspecified tests in Lynis before 2.5.0 allow local users to write to arbitrary files or possibly gain privileges via a symlink attack on a…
CVE-2020-13882 — CVSS 4.2 (medium): CISOfy Lynis before 3.0.0 has Incorrect Access Control because of a TOCTOU race condition. The routine to check the log and report file…
CVE-2014-3982 — CVSS 3.3 (low): include/tests_webservers in Lynis before 1.5.5 on AIX allows local users to overwrite arbitrary files via a symlink attack on a…
CVE-2014-3986 — CVSS 3.3 (low): include/tests_webservers in Lynis before 1.5.5 allows local users to overwrite arbitrary files via a symlink attack on a…
CVE-2019-13033 — CVSS 3.3 (low): In CISOfy Lynis 2.x through 2.7.5, the license key can be obtained by looking at the process list when a data upload is being performed…