10 matches found
SUSE-SU-2026:1091-1 Security update for kea
This update for kea fixes the following issues: Update to release 2.6.3 bsc1243240: - CVE-2025-32801: Fixed loading a malicious hook library can lead to local privilege escalation. - CVE-2025-32802: Fixed insecure handling of file paths allows multiple local attacks. - CVE-2025-32803: Fixed...
Security Bulletin: File permission modification, improper access control, and other vulnerabilities might affect IBM Storage Defender - Resiliency Service
Summary IBM Storage Defender - Resiliency Service is vulnerable to file permission modification, improper access control, and others. The vulnerabilities have been addressed. Vulnerability Details CVEID:CVE-2026-24049 DESCRIPTION: wheel is a command line tool for manipulating Python wheel files, ...
EUVD-2022-55752
Wondershare MirrorGo 2.0.11.346 contains a local privilege escalation vulnerability due to incorrect file permissions on executable files. Unprivileged local users can replace the ElevationService.exe with a malicious file to execute arbitrary code with LocalSystem privileges...
CVE-2024-27456
An insecure file permission flaw was found in rack-cors. The permissions for .rb files distributed with rack-cors ruby gem are set to 0666 by default, which may allow users with low privileges to edit files. This issue impacts integrity, confidentiality, and availability...
SDM600 代码问题漏洞
ABB SDM600 is a system data manager from ABB Switzerland. A security vulnerability exists in SDM600 versions prior to 1.2.23000.291, which stems from the presence of a file permission validation vulnerability that could be exploited by an attacker to cause arbitrary code execution...
CVE-2022-0486
Improper file permissions in the CommandPost, Collector, Sensor, and Sandbox components of Fidelis Network and Deception enables an attacker with local, administrative access to the CLI to modify affected files and enable escalation of privileges equivalent to the root user. The vulnerability is...
CVE-2020-29503
Dell EMC PowerStore versions prior to 1.0.3.0.5.xxx contain a file permission Vulnerability. A locally authenticated attacker could potentially exploit this vulnerability, leading to the information disclosure of certain system directory...
CVE-2021-20188
A flaw was found in podman before 1.7.0. File permissions for non-root users running in a privileged container are not correctly checked. This flaw can be abused by a low-privileged user inside the container to access any other file in the container, even if owned by the root user inside the...
CVE-2020-1817
Huawei PCManager with versions earlier than 10.0.1.36 has a privilege escalation vulnerability. Due to improper permission management of specific files, local attackers with low permissions can inject commands to exploit this vulnerability. Successful exploit may cause privilege escalation...
Denial Of Service (DoS)
kernel-rt is vulnerable to denial of service. A flaw was found in the way file permission checks for the /dev/kmsg file were performed in restricted root environments for example, when using a capability-based security model. A local user able to write to this file could cause a denial of service...