Lucene search
K

17 matches found

OSV
OSV
added 2026/04/22 6:31 p.m.6 views

GHSA-W8M4-4V35-V6X3 uutils coreutils allows unauthorized modification of permissions on existing files

A vulnerability in uutils coreutils mkfifo allows for the unauthorized modification of permissions on existing files. When mkfifo fails to create a FIFO because a file already exists at the target path, it fails to terminate the operation for that path and continues to execute a follow-up...

7.1CVSS5.9AI score0.00165EPSS
Exploits1References3
CNNVD
CNNVD
added 2025/01/28 12:0 a.m.5 views

Apache Hive 安全漏洞

Apache Hive is a set of data warehouse software based on Hadoop Distributed Systems Infrastructure from the Apache Apache Foundation in the United States. The software provides a data integration approach and a high-level query language to support large-scale data analysis on Hadoop. An...

5.5CVSS6.5AI score0.00274EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2024/06/24 12:0 a.m.23 views

Amazon Linux 2023 : ansible-core, ansible-test (ALAS2023-2024-644)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2024-644 advisory. Jinja is an extensible templating engine. The xmlattr filter in affected versions of Jinja accepts keys containing non-attribute characters. XML/HTML attributes cannot contain spaces, /, , or =, as each...

6.1CVSS7.1AI score0.00979EPSS
Exploits0References4
Snyk
Snyk
added 2024/05/27 4:40 p.m.3 views

Improper Access Control

Overview kaminari is a Scope & Engine based, clean, powerful, agnostic, customizable and sophisticated paginator for Rails 4+. Affected versions of this package are vulnerable to Improper Access Control due to improper handling of file permissions. An attacker can modify application behavior or...

6.6CVSS6.6AI score0.006EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/05/27 12:0 a.m.8 views

PT-2024-25025 · Kaminari · Kaminari

Name of the Vulnerable Software and Affected Versions: Kaminari versions prior to 0.16.2 Description: A security issue involving insecure file permissions has been identified in the Kaminari pagination library for Ruby on Rails. This issue is of moderate severity due to the potential for...

6.6CVSS7AI score0.006EPSS
Exploits0References10
Positive Technologies
Positive Technologies
added 2024/03/20 12:0 a.m.3 views

PT-2025-2399 · Hive · Hive

Name of the Vulnerable Software and Affected Versions: Hive versions prior to 4.0.1 Description: The issue arises when Hive creates a credentials file in a temporary directory with default permissions of 644, allowing any unauthorized user with access to the directory to read sensitive informatio...

5.5CVSS7.6AI score0.00274EPSS
Exploits0References20
NVD
NVD
added 2021/06/01 1:15 p.m.25 views

CVE-2021-23021

The Nginx Controller 3.x before 3.7.0 agent configuration file /etc/controller-agent/agent.conf is world readable with current permission bits set to 644...

5.5CVSS0.00229EPSS
Exploits0References1
OSV
OSV
added 2021/06/01 1:15 p.m.4 views

CVE-2021-23021

The Nginx Controller 3.x before 3.7.0 agent configuration file /etc/controller-agent/agent.conf is world readable with current permission bits set to 644...

5.5CVSS5.8AI score0.00229EPSS
Exploits0References1
0day.today
0day.today
added 2020/04/21 12:0 a.m.333 views

Windows/x86 - MSVCRT System + Add RDP Admin + Disable Firewall + Enable RDP Shellcode (644 Bytes)

644 bytes small Microsoft Windows x86 shellcode that disables the Windows firewall, adds the user MajinBuu with password TurnU2C@ndy!! to the system, adds the user MajinBuu to the local groups Administrators and Remote Desktop Users, and then enables the RDP Service. Exploit Title: Windows/x86 -...

7AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2016/10/05 12:0 a.m.46 views

Debian DLA-644-1 : libav security update

Multiple vulnerabilities have been found in libav : CVE-2015-1872 The ffmjpegdecodesof function in libavcodec/mjpegdec.c in Libav before 0.8.18 does not validate the number of components in a JPEG-LS Start Of Frame segment, which allows remote attackers to cause a denial of service out-of-bounds...

6.8CVSS6.9AI score0.02125EPSS
Exploits0References5
Vulnerability Lab
Vulnerability Lab
added 2013/01/23 12:0 a.m.49 views

Paypal Bug Bounty #8 - CSRF DEV Web Vulnerability

Document Title: =============== Paypal Bug Bounty 8 - CSRF DEV Web Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=644 Paypal UID: ydw159yyb Release Date: ============= 2013-01-23 Vulnerability Laboratory ID VL-ID:...

7.1AI score
Exploits0
Vulnerability Lab
Vulnerability Lab
added 2013/01/23 12:0 a.m.19 views

Paypal Bug Bounty #8 - CSRF DEV Web Vulnerability

Document Title: =============== Paypal Bug Bounty 8 - CSRF DEV Web Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=644 Paypal UID: ydw159yyb Release Date: ============= 2013-01-23 Vulnerability Laboratory ID VL-ID:...

0.1AI score
Exploits0
Oracle linux
Oracle linux
added 2012/06/13 12:0 a.m.60 views

java-1.6.0-openjdk security update

1:1.6.0.0-1.48.1.11.3 - Access gnome bridge jar is forced to have 644 permissions - Resolves: rhbz828751 1:1.6.0.0-1.47.1.11.3 - Modified patch3, java-1.6.0-openjdk-java-access-bridge-security.patch: - com.sun.org.apache.xerces.internal.utils.,com.sun.org.apache.xalan.internal.utils. - packages...

10CVSS2.1AI score0.93688EPSS
Exploits9
Tenable Nessus
Tenable Nessus
added 2009/08/12 12:0 a.m.26 views

Ubuntu 6.06 LTS / 8.04 LTS / 8.10 / 9.04 : libxml2 vulnerabilities (USN-815-1)

It was discovered that libxml2 did not correctly handle root XML document element DTD definitions. If a user were tricked into processing a specially crafted XML document, a remote attacker could cause the application linked against libxml2 to crash, leading to a denial of service. CVE-2009-2414 ...

10CVSS6.8AI score0.23373EPSS
Exploits11References4
OpenVAS
OpenVAS
added 2009/03/23 12:0 a.m.21 views

Ubuntu: Security Advisory (USN-644-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS6.8AI score0.23373EPSS
Exploits10References2
OpenVAS
OpenVAS
added 2009/02/27 12:0 a.m.41 views

Fedora Update for cups FEDORA-2007-644

Check for the Version of cups OpenVAS Vulnerability Test Fedora Update for cups FEDORA-2007-644 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms of...

6.8CVSS9AI score0.08565EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2008/01/17 12:0 a.m.16 views

Debian Security Advisory DSA 644-1 (chbg)

The remote host is missing an update to chbg announced via advisory DSA 644-1. OpenVAS Vulnerability Test $Id: deb6441.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 644-1 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...

10CVSS0.5AI score0.09107EPSS
Exploits1
Rows per page
Query Builder