Lucene search
+L

7310 matches found

ubuntucve
ubuntucve
added 2020/08/19 1:15 p.m.39 views

CVE-2020-24394

In the Linux kernel before 5.7.8, fs/nfsd/vfs.c in the NFS server can set incorrect permissions on new filesystem objects when the filesystem lacks ACL support, aka CID-22cf8419f131. This occurs because the current umask is not considered...

7.1CVSS6.7AI score0.00361EPSS
Exploits0References7
osv
osv
added 2020/08/13 3:15 a.m.4 views

CVE-2020-8731

Incorrect execution-assigned permissions in the file system for some IntelR Server Boards, Server Systems and Compute Modules before version 1.59 may allow an authenticated user to potentially enable escalation of privilege via local access...

8.8CVSS7.3AI score0.00348EPSS
Exploits0References2
nessus
nessus
added 2019/12/18 12:0 a.m.31 views

Cisco NX-OS Software Privilege Escalation Vulnerability

According to its self-reported version, Cisco NX-OS Software is affected by following vulnerability - A vulnerability in the filesystem permissions of Cisco NX-OS Software could allow an authenticated, local attacker to access sensitive data that could be used to elevate their privileges to...

7.8CVSS7.4AI score0.00372EPSS
Exploits0References4
osv
osv
added 2019/08/12 4:24 p.m.7 views

OPENSUSE-SU-2019:1849-1 Security update for chromium

This update for chromium to version 76.0.3809.87 fixes the following issues: - CVE-2019-5850: Use-after-free in offline page fetcher boo1143492 - CVE-2019-5860: Use-after-free in PDFium boo1143492 - CVE-2019-5853: Memory corruption in regexp length check boo1143492 - CVE-2019-5851: Use-after-pois...

9.6CVSS6.9AI score0.01076EPSS
Exploits0References19
cloudfoundry
cloudfoundry
added 2019/05/20 12:0 a.m.106 views

USN-3968-1: Sudo vulnerabilities | Cloud Foundry

Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 16.04 Description Florian Weimer discovered that Sudo incorrectly handled the noexec restriction when used with certain applications. A local attacker could possibly use this issue to bypass configured restrictions and...

8.2CVSS7.7AI score0.00573EPSS
Exploits0
nvd
nvd
added 2019/03/08 7:29 p.m.22 views

CVE-2019-1602

A vulnerability in the filesystem permissions of Cisco NX-OS Software could allow an authenticated, local attacker to access sensitive data that could be used to elevate their privileges to administrator. The vulnerability is due to improper implementation of filesystem permissions. An attacker...

7.8CVSS7.4AI score0.00372EPSS
Exploits0References2
prion
prion
added 2019/03/08 7:29 p.m.17 views

Input validation

A vulnerability in the filesystem permissions of Cisco NX-OS Software could allow an authenticated, local attacker to access sensitive data that could be used to elevate their privileges to administrator. The vulnerability is due to improper implementation of filesystem permissions. An attacker...

7.2CVSS7.3AI score0.00372EPSS
Exploits0References2Affected Software1
osv
osv
added 2019/03/08 7:29 p.m.7 views

CVE-2019-1602

A vulnerability in the filesystem permissions of Cisco NX-OS Software could allow an authenticated, local attacker to access sensitive data that could be used to elevate their privileges to administrator. The vulnerability is due to improper implementation of filesystem permissions. An attacker...

7.8CVSS7.1AI score0.00372EPSS
Exploits0References2
vulnrichment
vulnrichment
added 2019/03/08 7:0 p.m.12 views

CVE-2019-1602 Cisco NX-OS Software Privilege Escalation Vulnerability

A vulnerability in the filesystem permissions of Cisco NX-OS Software could allow an authenticated, local attacker to access sensitive data that could be used to elevate their privileges to administrator. The vulnerability is due to improper implementation of filesystem permissions. An attacker...

7.8CVSS6.2AI score0.00372EPSS
Exploits0References2
cvelist
cvelist
added 2019/03/08 7:0 p.m.22 views

CVE-2019-1602 Cisco NX-OS Software Privilege Escalation Vulnerability

A vulnerability in the filesystem permissions of Cisco NX-OS Software could allow an authenticated, local attacker to access sensitive data that could be used to elevate their privileges to administrator. The vulnerability is due to improper implementation of filesystem permissions. An attacker...

7.8CVSS7.4AI score0.00372EPSS
Exploits0References2
cve
cve
added 2019/03/08 7:0 p.m.71 views

CVE-2019-1602

CVE-2019-1602 affects Cisco NX-OS Software where improper filesystem permissions grant authenticated local attackers the ability to access sensitive data and escalate to administrator privileges. Affected products include Nexus 3000, Nexus 3500, Nexus 3600 platforms, NX-OS on Nexus 9000 Series St...

7.8CVSS7.3AI score0.00372EPSS
Exploits0References2Affected Software1
osv
osv
added 2019/03/08 6:29 p.m.2 views

CVE-2019-1601

A vulnerability in the filesystem permissions of Cisco NX-OS Software could allow an authenticated, local attacker to gain read and write access to a critical configuration file. The vulnerability is due to a failure to impose strict filesystem permissions on the targeted device. An attacker coul...

7.8CVSS7.1AI score0.00392EPSS
Exploits0References2
prion
prion
added 2019/03/08 6:29 p.m.17 views

Authentication flaw

A vulnerability in the filesystem permissions of Cisco NX-OS Software could allow an authenticated, local attacker to gain read and write access to a critical configuration file. The vulnerability is due to a failure to impose strict filesystem permissions on the targeted device. An attacker coul...

7.2CVSS7.7AI score0.00392EPSS
Exploits0References2Affected Software1
nvd
nvd
added 2019/03/08 6:29 p.m.18 views

CVE-2019-1601

A vulnerability in the filesystem permissions of Cisco NX-OS Software could allow an authenticated, local attacker to gain read and write access to a critical configuration file. The vulnerability is due to a failure to impose strict filesystem permissions on the targeted device. An attacker coul...

7.8CVSS7.8AI score0.00392EPSS
Exploits0References2
vulnrichment
vulnrichment
added 2019/03/08 6:0 p.m.11 views

CVE-2019-1601 Cisco NX-OS Software Unauthorized Filesystem Access Vulnerability

A vulnerability in the filesystem permissions of Cisco NX-OS Software could allow an authenticated, local attacker to gain read and write access to a critical configuration file. The vulnerability is due to a failure to impose strict filesystem permissions on the targeted device. An attacker coul...

7.8CVSS6.9AI score0.00392EPSS
Exploits0References2
cve
cve
added 2019/03/08 6:0 p.m.70 views

CVE-2019-1601

Cisco NX-OS Software Unauthorized Filesystem Access (CVE-2019-1601) allows an authenticated, local attacker to read/write a restricted configuration file, enabling bypass of authentication and login as any user. Affected devices include MDS 9000 Series, Nexus 3000/3500/3600, Nexus 2000/5500/5600/...

7.8CVSS7.7AI score0.00392EPSS
Exploits0References2Affected Software1
cisco
cisco
added 2019/03/06 4:0 p.m.111 views

Cisco NX-OS Software Privilege Escalation Vulnerability

A vulnerability in the filesystem permissions of Cisco NX-OS Software could allow an authenticated, local attacker to access sensitive data that could be used to elevate their privileges to administrator. The vulnerability is due to improper implementation of filesystem permissions. An attacker...

7.8CVSS1.5AI score0.00372EPSS
Exploits0References1
nessus
nessus
added 2019/03/05 12:0 a.m.124 views

nginx <= 1.3.13 Insecure Log Permissions

According to its Server response header, the installed version of nginx is prior to or equal to 1.3.13. It is, therefore, affected by a flaw related to creating and handling log files that allows information disclosure due to insecure filesystem permissions. %NASLMINLEVEL 70300 C Tenable Network...

7.5CVSS5.4AI score0.01906EPSS
Exploits1References2
nessus
nessus
added 2018/04/26 12:0 a.m.18 views

Fedora 27 : composer (2018-9d1ff4b802)

Version 1.6.4 - 2018-04-13 - Security fixes in some edge case scenarios, recommended update for all users - Fixed regression in version guessing of path repositories - Fixed removing aliased packages from the repository, which might resolve some odd update bugs - Fixed updating of package URLs fo...

5.5AI score
Exploits0References1
nvd
nvd
added 2018/04/18 8:29 a.m.17 views

CVE-2018-5340

An issue was discovered in Zoho ManageEngine Desktop Central 10.0.124 and 10.0.184: database access using a superuser account specifically, an account with permission to write to the filesystem via SQL queries...

7.2CVSS7.2AI score0.05203EPSS
Exploits1References2
Rows per page
Query Builder