Lucene search
K

20 matches found

NVD
NVD
added 2026/04/22 8:16 a.m.6 views

CVE-2026-6842

A flaw was found in nano. In environments with permissive umask settings, a local attacker can exploit incorrect directory permissions 0777 instead of 0700 for the /.local directory. This allows the attacker to inject a malicious .desktop launcher, which could lead to unintended actions or...

2.5CVSS0.00085EPSS
Exploits0References2
NVD
NVD
added 2026/03/05 3:15 a.m.8 views

CVE-2026-29127

The IDC SFX2100 Satellite Receiver sets overly permissive file system permissions on the monitor user's home directory. The directory is configured with permissions 0777, granting read, write, and execute access to all local users on the system, which may cause local privilege escalation dependin...

9.2CVSS0.00169EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2025/09/17 12:0 a.m.3 views

PT-2025-38260

Name of the Vulnerable Software and Affected Versions Dragonfly versions prior to 2.1.0 Description Dragonfly2 uses the os.MkdirAll function to create directory paths with specific access permissions. This function does not perform permission checks if a directory path already exists, allowing a...

9.9CVSS8.9AI score0.02829EPSS
Exploits11References45
SUSE CVE
SUSE CVE
added 2023/02/15 6:1 a.m.5 views

SUSE CVE-2009-3897

Dovecot 1.2.x before 1.2.8 sets 0777 permissions during creation of certain directories at installation time, which allows local users to access arbitrary user accounts by replacing the auth socket, related to the parent directories of the basedir directory, and possibly the basedir directory...

5.5CVSS6.8AI score0.00375EPSS
Exploits0References4
OSV
OSV
added 2022/05/24 4:53 p.m.7 views

GHSA-2VP2-8M5J-4RJX cnlh nps vulnerable to file overwrite by local user

lib/install/install.go in cnlh nps prior to 0.23.2 uses 0777 permissions for /usr/local/bin/nps and/or /usr/bin/nps, leading to a file overwrite by a local user...

5.5CVSS5.3AI score0.00955EPSS
Exploits1References4
OSV
OSV
added 2021/02/10 7:15 p.m.1 views

CVE-2021-27142

An issue was discovered on FiberHome HG6245D devices through RP2613. The web management is done over HTTPS, using a hardcoded private key that has 0777 permissions...

7.5CVSS7.1AI score
Exploits0References1
NVD
NVD
added 2021/02/10 7:15 p.m.18 views

CVE-2021-27142

An issue was discovered on FiberHome HG6245D devices through RP2613. The web management is done over HTTPS, using a hardcoded private key that has 0777 permissions...

7.5CVSS0.15745EPSS
Exploits1References1
Prion
Prion
added 2021/02/10 7:15 p.m.22 views

Hardcoded credentials

An issue was discovered on FiberHome HG6245D devices through RP2613. The web management is done over HTTPS, using a hardcoded private key that has 0777 permissions...

5CVSS7.6AI score0.15745EPSS
Exploits1References1Affected Software1
NVD
NVD
added 2019/10/09 4:15 p.m.17 views

CVE-2019-17383

The netaddr gem before 2.0.4 for Ruby has misconfigured file permissions, such that a gem install may result in 0777 permissions in the target filesystem...

9.8CVSS9.5AI score0.02287EPSS
Exploits0References2
OSV
OSV
added 2017/04/13 2:59 p.m.2 views

DEBIAN-CVE-2016-10120

Firejail uses 0777 permissions when mounting 1 /dev, 2 /dev/shm, 3 /var/tmp, or 4 /var/lock, which allows local users to gain privileges...

7.8CVSS6.9AI score0.00394EPSS
Exploits0References1
OSV
OSV
added 2017/04/13 2:59 p.m.4 views

UBUNTU-CVE-2016-10120

Firejail uses 0777 permissions when mounting 1 /dev, 2 /dev/shm, 3 /var/tmp, or 4 /var/lock, which allows local users to gain privileges...

7.8CVSS7.1AI score0.00394EPSS
Exploits0References4
Prion
Prion
added 2017/04/13 2:59 p.m.13 views

Code injection

Firejail uses 0777 permissions when mounting /tmp, which allows local users to gain privileges...

7.2CVSS7AI score0.00394EPSS
Exploits0References2
CVE
CVE
added 2017/04/13 2:0 p.m.48 views

CVE-2016-10119

Firejail is affected by CVE-2016-10119: the vulnerability arises from Firejail mounting /tmp with 0777 permissions, enabling local privilege escalation. Affected component: Firejail; root cause: incorrect permissions on /tmp during mount. Impact: local users could gain privileges (as described). ...

7.8CVSS7.6AI score0.00394EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2017/04/13 2:0 p.m.21 views

CVE-2016-10120

Firejail uses 0777 permissions when mounting 1 /dev, 2 /dev/shm, 3 /var/tmp, or 4 /var/lock, which allows local users to gain privileges...

7.7AI score0.00394EPSS
Exploits0References2
Cvelist
Cvelist
added 2017/04/13 2:0 p.m.19 views

CVE-2016-10119

Firejail uses 0777 permissions when mounting /tmp, which allows local users to gain privileges...

7.7AI score0.00394EPSS
Exploits0References2
OSV
OSV
added 2013/11/23 11:55 a.m.2 views

UBUNTU-CVE-2013-1813

util-linux/mdev.c in BusyBox before 1.21.0 uses 0777 permissions for parent directories when creating nested directories under /dev/, which allows local users to have unknown impact and attack vectors...

7.2CVSS6AI score0.00623EPSS
Exploits5References3
CVE
CVE
added 2013/11/23 11:0 a.m.532 views

CVE-2013-1813

CVE-2013-1813 affects BusyBox where util-linux/mdev.c creates intermediate /dev/ directories with 0777 permissions when nesting (/dev/dir1/dir2/...), allowing local users to exploit the improper permission handling. The linked Nessus/OpenVAS entries (e.g., MiracleLinux AXSA advisory referencing B...

7.2CVSS8.6AI score0.00623EPSS
Exploits5References10Affected Software1
RedHat Linux
RedHat Linux
added 2013/11/20 4:49 p.m.3 views

busybox: insecure directory permissions in /dev

util-linux/mdev.c in BusyBox before 1.21.0 uses 0777 permissions for parent directories when creating nested directories under /dev/, which allows local users to have unknown impact and attack vectors...

7.2CVSS6.1AI score0.00623EPSS
Exploits5References4
RedHat Linux
RedHat Linux
added 2011/02/22 5:43 p.m.8 views

Server: insecure pid file directory permissions

The setup scripts in 389 Directory Server 1.2.x aka Red Hat Directory Server 8.2.x, when multiple unprivileged instances are configured, use 0777 permissions for the /var/run/dirsrv directory, which allows local users to cause a denial of service daemon outage or arbitrary process termination by...

4.7CVSS5.9AI score0.00294EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2009/11/24 12:0 a.m.4 views

PT-2009-6119 · Dovecot · Dovecot

Name of the Vulnerable Software and Affected Versions: Dovecot versions 1.2.x through 1.2.7 Description: The issue allows local users to access arbitrary user accounts by replacing the auth socket, related to the parent directories of the base dir directory, and possibly the base dir directory...

5.5CVSS5.3AI score0.00375EPSS
Exploits0References16
Rows per page
Query Builder