386 matches found
Incorrect Default Permissions
Overview org.apache.activemq:activemq-all is a package that puts together an ActiveMQ jar bundle. Affected versions of this package are vulnerable to Incorrect Default Permissions due to the default authorization settings in Jolokia. An attacker can perform unauthorized broker management...
Incorrect Default Permissions
Overview Affected versions of this package are vulnerable to Incorrect Default Permissions due to insecure default permissions that grant regular users elevated privileges. An attacker can gain unauthorized access to host files and execute code with root-level privileges by leveraging authenticat...
Incorrect Default Permissions
Overview Affected versions of this package are vulnerable to Incorrect Default Permissions due to insecure default permissions that grant regular users elevated privileges. An attacker can gain unauthorized access to host files and execute code with root-level privileges by leveraging authenticat...
Incorrect Default Permissions
Overview Affected versions of this package are vulnerable to Incorrect Default Permissions due to insecure default permissions that grant regular users elevated privileges. An attacker can gain unauthorized access to host files and execute code with root-level privileges by leveraging authenticat...
Incorrect Default Permissions
Overview Affected versions of this package are vulnerable to Incorrect Default Permissions due to insecure default permissions that grant regular users elevated privileges. An attacker can gain unauthorized access to host files and execute code with root-level privileges by leveraging authenticat...
CVE-2026-44469
The CVE-2026-44469 entry concerns CODESYS Development System. During administrative installation, installation files are extracted to a temporary directory with incorrect default permissions. A low-privileged local attacker could exploit a TOCTOU race condition within a practical time window to r...
CVE-2026-44468 Incorrect Default Permissions in CODESYS Development System
The affected product creates a directory with insecure default permissions during administrative installation. This allows a low-privileged local attacker to modify a temporary file defining the components to be installed, enabling local privilege escalation by forcing the deployment of arbitrary...
AMD Chipset 安全漏洞
The AMD Chipset is a series of chips developed by American semiconductor company AMD. The AMD Chipset contains security vulnerabilities, which stem from incorrect default permissions. These vulnerabilities could allow attackers to gain elevated privileges and execute arbitrary code...
CVE-2026-21015
Incorrect default permissions in FactoryCamera prior to SMR May-2026 Release 1 allows local attacker to access unique identifier...
CVE-2026-0539
Summary: CVE-2026-0539 describes a local privilege escalation in the pcvisit Windows service. The issue arises from incorrect default permissions on the pcvisit service binary, allowing a low-privileged local attacker to replace the binary with arbitrary contents. The service binary runs with SYS...
CVE-2026-25203
Samsung MagicINFO 9 Server Incorrect Default Permissions Local Privilege Escalation Vulnerability This issue affects MagicINFO 9 Server: less than 21.1091.1...
EUVD-2026-21252
Samsung MagicINFO 9 Server Incorrect Default Permissions Local Privilege Escalation Vulnerability This issue affects MagicINFO 9 Server: less than 21.1091.1...
CVE-2026-25203
Samsung MagicINFO 9 Server Incorrect Default Permissions Local Privilege Escalation Vulnerability This issue affects MagicINFO 9 Server: less than 21.1091.1...
Incorrect Default Permissions
Amendment This was deemed not a vulnerability. Overview ansible is a simple IT automation system. Affected versions of this package are vulnerable to Incorrect Default Permissions via excessive group-writable permissions on the /etc/passwd file during the build process. An attacker can gain full...
Security Bulletin: EDB PGAI Databases is affected by Multiple Vulnerabilities.
Summary Multiple Vulnerabilities found in EDB PGAI Databases 18.0. It has been addressed in 18.2. Hence, IBM strongly recommends upgrading to 18.2. Vulnerability Details CVEID:CVE-2021-25317 DESCRIPTION: A Incorrect Default Permissions vulnerability in the packaging of cups of SUSE Linux Enterpri...
BIT-DOTNET-2026-26131 .NET Elevation of Privilege Vulnerability
Incorrect default permissions in .NET allows an authorized attacker to elevate privileges locally...
CVE-2025-7024 Local privilege escalation in Windows Server OS through installed Tetra Connectivity Server (TCS)
Incorrect Default Permissions vulnerability in AIRBUS PSS TETRA Connectivity Server on Windows Server OS allows Privilege Abuse. An attacker may execute arbitrary code with SYSTEM privileges if a user is tricked or directed to place a crafted file into the vulnerable directory. This issue affects...
Exploit for Incorrect Default Permissions in Amazon Amplify_Cli
skycenter Attack Chain Security Analysis Engine for AWS, Azure...
EUVD-2026-10487
Incorrect Default Permissions, : Execution with Unnecessary Privileges, : Incorrect Permission Assignment for Critical Resource vulnerability in ASSA ABLOY Visionline on Windows allows Configuration/Environment Manipulation.This issue affects Visionline: from 1.0 before 1.33...
Incorrect Default Permissions
Overview Affected versions of this package are vulnerable to Incorrect Default Permissions. An attacker can gain elevated privileges by exploiting these permissions locally. Remediation Upgrade Microsoft.NETCore.App.Runtime.linux-musl-arm to version 10.0.4 or higher. References - Vulnerability...