14 matches found
EUVD-2008-3343
Malware in sbrugna...
EUVD-2020-21871
Malware in sbrugna...
EUVD-2021-7500
Malicious code in bioql PyPI...
CVE-2025-20119
A vulnerability in the system file permission handling of Cisco APIC could allow an authenticated, local attacker to overwrite critical system files, which could cause a DoS condition. To exploit this vulnerability, the attacker must have valid administrative credentials. This vulnerability is du...
CVE-2023-34042
A flaw was found in the Spring-security-config jar file. The spring-security.xsd file inside the spring-security-config jar is world-writable, which means that if it were extracted, it could be written by anyone with access to the file system. Mitigation Mitigation for this issue is either not...
CVE-2020-36611 File and Directory Permission Vulnerability in Hitachi Tuning Manager
Incorrect Default Permissions vulnerability in Hitachi Tuning Manager on Linux Hitachi Tuning Manager server, Hitachi Tuning Manager - Agent for RAID, Hitachi Tuning Manager - Agent for NAS, Hitachi Tuning Manager - Agent for SAN Switch components allows local users to read and write specific...
File Permission Vulnerability in Hitachi Automation Director, Hitachi Infrastructure Analytics Advisor and Hitachi Ops Center
Overview A file permission vulnerability was found in Hitachi Automation Director, Hitachi Infrastructure Analytics Advisor and Hitachi Ops Center. Impact Regarding the impact of the vulnerability, please refer to the vendor advisory. Solution Please refer to the 'Vendor Information' section for...
ownCloud 10.0.9 < 10.3.1 File Permission Vulnerability
ownCloud is prone to a vulnerability where it is possible to access all file versions of a user. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-onl...
[SECURITY] [DLA 1826-1] glib2.0 security update
Package : glib2.0 Version : 2.42.1-1+deb8u1 CVE ID : CVE-2019-12450 Debian Bug : 929753 It was discovered that GLib does not properly restrict some file permissions while a copy operation is in progress; instead, default permissions are used. For Debian 8 "Jessie", this problem has been fixed in...
AIX 6.1 TL 1 : swcons (IZ28943)
A file permission/ownership vulnerability exists in the 'bos.rte.console' fileset command listed below whereby a local attacker may create arbitrary contents within a file owned by root using the 'swcons' command. The local attacker must be a member of the 'system' group gid=0 to execute this...
AIX 6.1 TL 0 : swcons (IZ18341)
A file permission/ownership vulnerability exists in the 'bos.rte.console' fileset command listed below whereby a local attacker may create arbitrary contents within a file owned by root using the 'swcons' command. The local attacker must be a member of the 'system' group gid=0 to execute this...
AIX 5.3 TL 8 : swcons (IZ18334)
A file permission/ownership vulnerability exists in the 'bos.rte.console' fileset command listed below whereby a local attacker may create arbitrary contents within a file owned by root using the 'swcons' command. The local attacker must be a member of the 'system' group gid=0 to execute this...
CVE-2003-0644
Kdbg 1.1.0 through 1.2.8 does not check permissions of the .kdbgrc file, which allows local users to execute arbitrary commands...
HP-UX 10.20 resource monitor service
Problem: on HP-UX 10.20 you can change any file on the root partition to mode 644: $ uname -sr HP-UX B.10.20 $ cd /etc/opt/resmon/log $ mv registrar.log registrar.log.orig $ ls -l /.shhistory -rw------- 1 root sys 3316 Sep 20 15:22 /.shhistory $ ln /.shhistory registrar.log $ nc hpux.example.com...