478 matches found
CVE-2024-29962
Brocade SANnav OVA before v2.3.1 and v2.3.0a have an insecure file permission setting that makes files world-readable. This could allow a local user without the required privileges to access sensitive information or a Java binary...
CVE-2023-21409
Due to insufficient file permissions, unprivileged users could gain access to unencrypted administrator credentials allowing the configuration of the application...
CVE-2023-20044
A vulnerability in Cisco CX Cloud Agent of could allow an authenticated, local attacker to elevate their privileges. This vulnerability is due to insecure file permissions. An attacker could exploit this vulnerability by persuading support to update settings which call the insecure script. A...
CVE-2023-28870
Insecure File Permissions in Support Assistant in NCP Secure Enterprise Client before 12.22 allow attackers to write to configuration files from low-privileged user accounts...
CVE-2023-20043
A vulnerability in Cisco CX Cloud Agent of could allow an authenticated, local attacker to elevate their privileges. This vulnerability is due to insecure file permissions. An attacker could exploit this vulnerability by calling the script with sudo. A successful exploit could allow the attacker ...
CVE-2021-42711
Barracuda Network Access Client before 5.2.2 creates a Temporary File in a Directory with Insecure Permissions. This file is executed with SYSTEM privileges when an unprivileged user performs a repair operation...
CVE-2020-8634
Wing FTP Server v6.2.3 for Linux, macOS, and Solaris sets insecure permissions on files modified within the HTTP file management interface, resulting in files being saved with world-readable and world-writable permissions. If a sensitive system file were edited this way, a low-privilege user may...
CVE-2025-43596 MSP360 Backup (for Windows) insecure filesystem permissions
An insecure file system permissions vulnerability in MSP360 Backup 8.0 allows a low privileged user to execute commands with SYSTEM level privileges using a specially crafted file with an arbitrary file backup target. Upgrade to MSP360 Backup 8.1.1.19 released on 2025-05-15...
CVE-2019-8071
Adobe Download Manager versions 2.0.0.363 have an insecure file permissions vulnerability. Successful exploitation could lead to privilege escalation...
PT-2025-18716 · Msp360 · Msp360 Backup
Name of the Vulnerable Software and Affected Versions: MSP360 Backup version 4.3.1.115 Description: An insecure file system permissions vulnerability in MSP360 Backup allows a low privileged user to execute commands with root privileges in the 'Online Backup' folder. Recommendations: Upgrade to...
CVE-2025-31332
Due to insecure file permissions in SAP BusinessObjects Business Intelligence Platform, an attacker who has local access to the system could modify files potentially disrupting operations or cause service downtime hence leading to a high impact on integrity and availability. However, this...
CVE-2025-31332
Due to insecure file permissions in SAP BusinessObjects Business Intelligence Platform, an attacker who has local access to the system could modify files potentially disrupting operations or cause service downtime hence leading to a high impact on integrity and availability. However, this...
CVE-2025-31332
CVE-2025-31332 concerns insecure file permissions in SAP BusinessObjects Business Intelligence Platform. A local attacker could modify files, potentially disrupting operations or causing service downtime, leading to high impact on integrity and availability . The vulnerability does not disclose s...
CVE-2025-31332 Insecure File permissions vulnerability in SAP BusinessObjects Business Intelligence Platform
Due to insecure file permissions in SAP BusinessObjects Business Intelligence Platform, an attacker who has local access to the system could modify files potentially disrupting operations or cause service downtime hence leading to a high impact on integrity and availability. However, this...
SAP BusinessObjects Business Intelligence Platform 安全漏洞
SAP BusinessObjects Business Intelligence Platform is a complete business analytics platform from SAP. The platform combines market-leading SAP data integration products, data management products, and business intelligence BI products to eliminate system integration challenges and quickly and...
CVE-2024-7358
A vulnerability was found in Point B Ltd Getscreen Agent 2.19.6 on Windows. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file getscreen.msi of the component Installation. The manipulation leads to creation of temporary file with insecure...
Credentials Exposure
net.snowflake, snowflake-jdbc is vulnerable to credentials exposure. The vulnerability is due to insecure file permissions, where the Snowflake JDBC Driver caches temporary credentials in a world-readable file, allowing unauthorized users or attackers to access sensitive information...
Adobe Creative Cloud < 5.2 Multiple Vulnerabilities (APSB20-33)
The version of Adobe Creative Cloud installed on the remote Windows host is prior to 5.2. It is, therefore, affected by multiple vulnerabilities as referenced in the APSB20-33 advisory. - Adobe Creative Cloud Desktop Application versions 5.1 and earlier have a symlink vulnerability vulnerability...
CVE-2024-38456
CVE-2024-38456 describes an insecure file and folder permissions vulnerability in prunsrv.exe affecting HIGH-LEIT runtimes (V05.08.01.03 and V04.25.00.00 to 4.25.01.01) for Windows from Vivavis. The issue allows a non-admin user to exploit weak permissions to escalate to NT AUTHORITY\SYSTEM and e...
UBUNTU-CVE-2024-32978
Kaminari is a paginator for web app frameworks and object relational mappings. A security vulnerability involving insecure file permissions has been identified in the Kaminari pagination library for Ruby on Rails, concerning insecure file permissions. This vulnerability is of moderate severity du...