Lucene search
K

1758 matches found

NVD
NVD
added 4 days ago9 views

CVE-2026-21051

Incorrect default permissions in WLAN security prior to SMR Jul-2026 Release 1 allows local attackers to configure TencentWifiSecurity settings...

5.1CVSS0.00105EPSS
Exploits0References1
CVE
CVE
added 4 days ago7 views

CVE-2026-21051

Technical details about CVE-2026-21051 are not publicly available in the provided documents. Monitor for updates from Samsung security advisories and NVD for affected products and fixes.

5.1CVSS5.9AI score0.00105EPSS
Exploits0References1
EUVD
EUVD
added 4 days ago7 views

EUVD-2026-42821

Incorrect default permissions in WLAN security prior to SMR Jul-2026 Release 1 allows local attackers to configure TencentWifiSecurity settings...

5.1CVSS5.9AI score0.00105EPSS
Exploits0References1
Cvelist
Cvelist
added 4 days ago33 views

CVE-2026-21051

Incorrect default permissions in WLAN security prior to SMR Jul-2026 Release 1 allows local attackers to configure TencentWifiSecurity settings...

5.1CVSS0.00105EPSS
Exploits0References1
NVD
NVD
added 6 days ago9 views

CVE-2026-57895

Incorrect default permissions issue exists in Pupsman versions prior to 3.9.0. An attacker can place a malicious executable in the installation folder, which results in arbitrary code execution with SYSTEM privilege...

8.5CVSS0.0011EPSS
Exploits0References2
Cvelist
Cvelist
added 6 days ago31 views

CVE-2026-57895

Incorrect default permissions issue exists in Pupsman versions prior to 3.9.0. An attacker can place a malicious executable in the installation folder, which results in arbitrary code execution with SYSTEM privilege...

8.5CVSS0.0011EPSS
Exploits0References2
EUVD
EUVD
added 6 days ago6 views

EUVD-2026-42166

Incorrect default permissions issue exists in Pupsman versions prior to 3.9.0. An attacker can place a malicious executable in the installation folder, which results in arbitrary code execution with SYSTEM privilege...

8.5CVSS6.5AI score0.0011EPSS
Exploits0References2
CVE
CVE
added 6 days ago15 views

CVE-2026-57895

Pupsman before 3.9.0 has an incorrect default-permissions issue that allows an attacker to drop a malicious executable into the installation folder, enabling arbitrary code execution with SYSTEM privileges. Affected software: Pupsman, versions prior to 3.9.0. Root cause: default permissions misco...

8.5CVSS7.6AI score0.0011EPSS
Exploits0References2
EUVD
EUVD
added 2026/07/06 9:53 p.m.5 views

EUVD-2026-24969

mkfifo: permissions of an existing file are changed after FIFO creation fails...

7.1CVSS5.9AI score0.00165EPSS
Exploits1References4
OSV
OSV
added 2026/07/02 8:32 p.m.4 views

GHSA-RXRH-4J9H-XGG9 Steeltoe: TLS private keys written to /tmp with default permissions, never deleted

Summary When MySQL or PostgreSQL service bindings from VCAPSERVICES include TLS client credentials, the Connectors library writes those credentials to temporary files in Path.GetTempPath using File.CreateText. On Linux, File.CreateText creates files with mode 0644 world-readable under the process...

4.7CVSS5.8AI score0.00065EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/06/26 4:21 p.m.9 views

CVE-2026-45407

Dokku is a docker-powered PaaS. Prior to 0.38.2, the git:auth command creates $DOKKUROOT/.netrc using bash's touch command, which applies the default umask of 0644. This pre-creation defeats the netrc binary's built-in 0600 permission setting, leaving git credentials readable by any local user wh...

5.5CVSS5.8AI score0.00089EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.5 views

PT-2026-52165

Name of the Vulnerable Software and Affected Versions Drupal Advanced Content Feedback versions 0.0.0 through 2.8.0 Description An incorrect authorization issue in the Advanced Content Feedback module allows forceful browsing. The module fails to sufficiently verify authorization over the targete...

6.1AI score0.00142EPSS
Exploits0References3
NVD
NVD
added 2026/06/22 2:16 p.m.12 views

CVE-2026-12602

Incorrect default permissions in ArubaSign, affecting versions prior to v4.6.6. The vulnerability is caused by the assignment of inappropriate permissions during the software’s default installation, whereby the main executable and other programme files located in C:\Program Files have excessive...

8.8CVSS0.00122EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/22 12:34 p.m.9 views

EUVD-2026-38230

Incorrect default permissions in ArubaSign, affecting versions prior to v4.6.6. The vulnerability is caused by the assignment of inappropriate permissions during the software’s default installation, whereby the main executable and other programme files located in C:\Program Files have excessive...

8.8CVSS6.3AI score0.00122EPSS
Exploits0References1
CVE
CVE
added 2026/06/22 12:34 p.m.12 views

CVE-2026-12602

ArubaSign is affected by an elevation of privilege via insecure default permissions. Affected: ArubaSign versions prior to 4.6.6. Root cause: during default installation, main executable and other program files under C:\Program Files have excessively permissive rights for the Everyone group, enab...

8.8CVSS6.3AI score0.00122EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/22 12:34 p.m.30 views

CVE-2026-12602 Incorrect permissions in ArubaSign by Aruba

Incorrect default permissions in ArubaSign, affecting versions prior to v4.6.6. The vulnerability is caused by the assignment of inappropriate permissions during the software’s default installation, whereby the main executable and other programme files located in C:\Program Files have excessive...

8.8CVSS0.00122EPSS
Exploits0References1
NVD
NVD
added 2026/06/22 12:16 a.m.10 views

CVE-2026-12823

A security flaw has been discovered in Browserbase Skills up to 20260526. This impacts an unknown function of the component Autobrowse Trace Artifact Handler. The manipulation results in incorrect default permissions. The attack requires a local approach. The exploit has been released to the publ...

4.8CVSS0.00115EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/06/22 12:0 a.m.16 views

PT-2026-51300

Name of the Vulnerable Software and Affected Versions ArubaSign versions prior to 4.6.6 Description Incorrect default permissions are assigned during the installation of the software. The main executable and other program files located in "C:Program Files" have excessive permissions for the...

8.8CVSS6.2AI score0.00122EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2026/06/21 11:45 p.m.5 views

CVE-2026-12823 Browserbase Skills Autobrowse Trace Artifact default permission

A security flaw has been discovered in Browserbase Skills up to 20260526. This impacts an unknown function of the component Autobrowse Trace Artifact Handler. The manipulation results in incorrect default permissions. The attack requires a local approach. The exploit has been released to the publ...

4.8CVSS5.4AI score0.00115EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/06/21 11:45 p.m.7 views

CVE-2026-12823

A security flaw has been discovered in Browserbase Skills up to 20260526. This impacts an unknown function of the component Autobrowse Trace Artifact Handler. The manipulation results in incorrect default permissions. The attack requires a local approach. The exploit has been released to the publ...

4.8CVSS5.4AI score0.00115EPSS
Exploits0References5Affected Software1
Rows per page
Query Builder