AXIS OS 安全漏洞

AXIS OS is an edge device operating system from Swedish company Axis AXIS. AXIS OS has a security vulnerability that stems from improper configuration file permissions and insufficient input validation, which could lead to elevated privileges...

Progress Flowmon 安全漏洞

Progress Flowmon is a real-time network traffic monitoring tool from Progress. A security vulnerability exists in versions of Progress Flowmon prior to 12.5.6, which stems from improperly set permissions in the system configuration file, which could result in elevated privileges...

EUVD-2019-11899

Malware in sbrugna...

EUVD-2000-1133

Malware in sbrugna...

EUVD-2005-0625

Malware in sbrugna...

CVE-2022-20732

A vulnerability in the configuration file protections of Cisco Virtualized Infrastructure Manager VIM could allow an authenticated, local attacker to access confidential information and elevate privileges on an affected device. This vulnerability is due to improper access permissions for certain...

CVE-2021-4104

JMSAppender in Log4j 1.2 is vulnerable to deserialization of untrusted data when the attacker has write access to the Log4j configuration. The attacker can provide TopicBindingName and TopicConnectionFactoryBindingName configurations causing JMSAppender to perform JNDI requests that result in...

Wowza Media Systems Streaming Engine 权限许可和访问控制问题漏洞

Wowza Media Systems Streaming Engine is a suite of streaming media server software from Wowza Media Systems in the United States. A privilege-granting and access-control issue vulnerability exists in Wowza Media Systems Streaming Engine 4.8.5 and earlier versions, which stems from a file-permissi...

The vulnerability of the /usr/lib/tmpfiles.d/tomcat.conf component of the Tomcat package on the SUSE Linux Enterprise operating system allows a hacker to gain increased privileges.

The vulnerability of the /usr/lib/tmpfiles.d/tomcat.conf component of the Tomcat package in the SUSE Linux Enterprise operating system is related to errors in the use of standard permissions. Exploiting this vulnerability can allow an attacker to increase their privileges...

Wing FTP Server Local Elevation of Privilege Vulnerability

Wing FTP Server is an easy-to-use, secure and reliable FTP server software for Windows, Linux, Mac OS and Solaris. A local elevation of privilege vulnerability exists in Wing FTP Server 6.2.3. The vulnerability stems from Wing FTP Server setting insecure permissions on the installation directory...

CVE-2015-3201

Thermostat before 2.0.0 uses world-readable permissions for the web.xml configuration file, which allows local users to obtain user credentials by reading the file...

MITKRB5-SA-2011-005 FTP daemon fails to set effective group ID [CVE-2011-1526]

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 MITKRB5-SA-2011-005 MIT krb5 Security Advisory 2011-005 Original release: 2011-07-05 Topic: FTP daemon fails to set effective group ID CVE-2011-1526 CVSSv2 Vector: AV:N/AC:L/Au:S/C:P/I:P/A:P/E:H/RL:O/RC:C CVSSv2 Base Score: 6.5 Access Vector: Network...

CVE-2011-1500

PreferencesPithosDialog.py in Pithos 0.3.7 does not properly restrict permissions for the .config/pithos.ini file in a user's home directory, which allows local users to obtain Pandora credentials by reading this file...

XWine WINE graphical interface multiple security vulnerabilities

Symbolic links problem on temporary files creation, weak configuration file permissions...

CVE-2000-1148

The installation of VolanoChatPro chat server sets world-readable permissions for its configuration file and stores the server administrator passwords in plaintext, which allows local users to gain privileges on the server...