281 matches found
CLSA-2026-1776941944 tigervnc: Fix of CVE-2026-34352
CVE-2026-34352: fix world-accessible SHM segment in x0vncserver by changing shmget mode from 0777 to 0600 in ShmImage::Init...
CVE-2026-6842
A flaw was found in nano. In environments with permissive umask settings, a local attacker can exploit incorrect directory permissions 0777 instead of 0700 for the /.local directory. This allows the attacker to inject a malicious .desktop launcher, which could lead to unintended actions or...
CVE-2026-29127
The IDC SFX2100 Satellite Receiver sets overly permissive file system permissions on the monitor user's home directory. The directory is configured with permissions 0777, granting read, write, and execute access to all local users on the system, which may cause local privilege escalation dependin...
EUVD-2026-9523
The IDC SFX2100 Satellite Receiver sets overly permissive file system permissions on the monitor user's home directory. The directory is configured with permissions 0777, granting read, write, and execute access to all local users on the system, which may cause local privilege escalation dependin...
CVE-2026-29127
The IDC SFX2100 Satellite Receiver sets overly permissive file system permissions on the monitor user's home directory. The directory is configured with permissions 0777, granting read, write, and execute access to all local users on the system, which may cause local privilege escalation dependin...
CVE-2026-29127
The IDC SFX2100 Satellite Receiver sets overly permissive file system permissions on the monitor user's home directory. The directory is configured with permissions 0777, granting read, write, and execute access to all local users on the system, which may cause local privilege escalation dependin...
CVE-2026-29127 Incorrect Permission Assignment(777) on `monitor` Users Home Directory Containing SUID Root Binaries in IDC SFX2100
The IDC SFX2100 Satellite Receiver sets overly permissive file system permissions on the monitor user's home directory. The directory is configured with permissions 0777, granting read, write, and execute access to all local users on the system, which may cause local privilege escalation dependin...
PT-2026-23128
Name of the Vulnerable Software and Affected Versions IDC SFX2100 versions affected versions not specified Description The IDC SFX2100 Satellite Receiver has overly permissive file system permissions set on the monitor user's home directory. The directory is configured with permissions 0777,...
CVE-2026-0777
creationtimestamp| type| source ---|---|--- 2026-02-06 05:00:00+00:00| seen| http://www.zerodayinitiative.com/advisories/ZDI-26-069/ 2026-02-21 00:17:50+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mfddvwhury2s 2026-02-21 00:20:36+00:00| seen|...
GHSA-8425-8R2F-MRV6 Dragonfly's directories created via os.MkdirAll are not checked for permissions
Impact DragonFly2 uses the os.MkdirAll function to create certain directory paths with specific access permissions. This function does not perform any permission checks when a given directory path already exists. This allows a local attacker to create a directory to be used later by DragonFly2 wi...
PT-2025-38260
Name of the Vulnerable Software and Affected Versions Dragonfly versions prior to 2.1.0 Description Dragonfly2 uses the os.MkdirAll function to create directory paths with specific access permissions. This function does not perform permission checks if a directory path already exists, allowing a...
Linux Distros Unpatched Vulnerability : CVE-2019-17383
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The netaddr gem before 2.0.4 for Ruby has misconfigured file permissions, such that a gem install may result in 0777 permissions in the target filesystem...
TencentOS Server 3: python27:2.7 (TSSA-2024:0777)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0777 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...
CVE-2020-0777
An elevation of privilege vulnerability exists when the Windows Work Folder Service improperly handles file operations, aka 'Windows Work Folder Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0797, CVE-2020-0800, CVE-2020-0864, CVE-2020-0865, CVE-2020-0866,...
CVE-2008-0777
The sendfile system call in FreeBSD 5.5 through 7.0 does not check the access flags of the file descriptor used for sending a file, which allows local users to read the contents of write-only files...
CVE-2023-0777
creationtimestamp| type| source ---|---|--- 2025-03-24 16:22:51+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/8462...
Siemens SCALANCE X-200RNA Switch Devices Exposure of Sensitive Information to an Unauthorized Actor (CVE-2016-0777)
The resendbytes function in roamingcommon.c in the client in OpenSSH 5.x, 6.x, and 7.x before 7.1p2 allows remote servers to obtain sensitive information from process memory by requesting transmission of an entire buffer, as demonstrated by reading a private key. This plugin only works with...
World Writable Directory in /var/log/below Allows Local Privilege Escalation
Below is a tool for recording and displaying system data like hardware utilization and cgroup information on Linux. Symlink Attack in /var/log/below/errorroot.log Below's systemd service runs with full root privileges. It attempts to create a world-writable directory in /var/log/below. Even if th...
CVE-2022-0777
Weak Password Recovery Mechanism for Forgotten Password in GitHub repository microweber/microweber prior to 1.3...
RHEL 8 : OpenShift Container Platform 4.9.56 (RHSA-2023:0777)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:0777 advisory. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or privat...