CVE-2026-6970 authd Denial of Service and Local Privilege Escalation

authd prior to version 0.6.4 contains a logic error in primary group ID assignment that can lead to local privilege escalation. When a user's primary group ID GID differs from their UID, either because the account was created with authd prior to version 0.5.4 or because the primary group was...

Incorrect Ownership Assignment

Overview Affected versions of this package are vulnerable to Incorrect Ownership Assignment through improper validation of the defaultGroup ID after group access revocation. An attacker can gain unauthorized access to group collections and perform full CRUD operations by omitting the X-Tenant...

EUVD-2019-3175

Malware in sbrugna...

EUVD-2017-9412

Malware in sbrugna...

EUVD-2013-1130

Malware in sbrugna...

CVE-2024-45426

Incorrect ownership assignment in some Zoom Workplace Apps may allow a privileged user to conduct an information disclosure via network access...

CVE-2024-45426

CVE-2024-45426 : Affected product is Zoom Workplace Apps. The root cause is an incorrect ownership assignment that can permit a privileged user to disclose information over the network. Reported impact is solely on confidentiality (high), with no integrity/availability effects per the sources. Th...

CVE-2024-45426 Zoom Workplace Apps - Incorrect Ownership Assignment

Incorrect ownership assignment in some Zoom Workplace Apps may allow a privileged user to conduct an information disclosure via network access...

CVE-2014-8421

Unify former Siemens OpenStage SIP and OpenScape Desk Phone IP V3 devices before R3.32.0 allow remote attackers to gain super-user privileges by leveraging SSH access and incorrect ownership of 1 ConfigureCoreFile.sh, 2 Traceroute.sh, 3 apps.sh, 4 conversionjava2native.sh, 5 coreCompression.sh, 6...

CVE-2014-8421

Unify former Siemens OpenStage SIP and OpenScape Desk Phone IP V3 devices before R3.32.0 allow remote attackers to gain super-user privileges by leveraging SSH access and incorrect ownership of 1 ConfigureCoreFile.sh, 2 Traceroute.sh, 3 apps.sh, 4 conversionjava2native.sh, 5 coreCompression.sh, 6...

Solarwinds LEM Privilege Escalation via Controlled Sudo Path

Vulnerability Details Affected Vendor: Solarwinds Affected Product: Log and Event Manager Virtual Appliance Affected Version: v6.3.1 Platform: Embedded Linux CWE Classification: CWE-281: Improper Preservation of Permissions, CWE-708: Incorrect Ownership Assignment Impact: Privileged Access...

CVE-2017-5468

An issue with incorrect ownership model of "privateBrowsing" information exposed through developer tools. This can result in a non-exploitable crash when manually triggered during debugging. This vulnerability affects Firefox 53...

CVE-2013-1090

The SUSE horde5 package before 5.0.2-2.4.1 sets incorrect ownership for certain configuration files and directories including /etc/apache2/vhosts.d, which allows local wwwrun users to gain privileges via unspecified vectors...

CVE-2013-1090

The SUSE horde5 package before 5.0.2-2.4.1 sets incorrect ownership for certain configuration files and directories including /etc/apache2/vhosts.d, which allows local wwwrun users to gain privileges via unspecified vectors...

CVE-2012-3317

IBM WebSphere Message Broker 6.1 before 6.1.0.11, 7.0 before 7.0.0.5, and 8.0 before 8.0.0.2 has incorrect ownership of certain uninstaller Java Runtime Environment JRE files, which might allow local users to gain privileges by leveraging access to uid 501 or gid 300...

CVE-2007-5101

ChironFS before 1.0 RC7 sets user/group ownership to the mounter account instead of the creator account when files are created, which allows local users to gain privileges...

Buffer overflow

Zend Platform 2.2.3 and earlier has incorrect ownership for scd.sh and certain other files, which allows local users to gain root privileges by modifying the files. NOTE: this only occurs when safemode and openbasedir are disabled; other settings require leverage for other vulnerabilities...

CVE-2007-1370

CVE-2007-1370 affects Zend Platform 2.2.3 and earlier, where incorrect file ownership (notably for scd.sh and related files) permits local users to gain root privileges by modifying those files. The issue occurs when safe_mode and open_basedir are disabled; other configurations may require differ...

CVE-2005-3148

StoreBackup before 1.19 does not properly set the uid and guid for symbolic links 1 that are backed up by storeBackup.pl, or 2 recovered by storeBackupRecover.pl, which could cause files to be restored with incorrect ownership...

CVE-2005-3148

StoreBackup before 1.19 does not properly set the uid and guid for symbolic links 1 that are backed up by storeBackup.pl, or 2 recovered by storeBackupRecover.pl, which could cause files to be restored with incorrect ownership...