Lucene search
K

478 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 10:18 a.m.5 views

CVE-2024-29962

Brocade SANnav OVA before v2.3.1 and v2.3.0a have an insecure file permission setting that makes files world-readable. This could allow a local user without the required privileges to access sensitive information or a Java binary...

5.5CVSS6.4AI score0.00183EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 5:20 a.m.5 views

CVE-2023-21409

Due to insufficient file permissions, unprivileged users could gain access to unencrypted administrator credentials allowing the configuration of the application...

9.8CVSS7AI score0.00564EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 4:53 a.m.7 views

CVE-2023-20044

A vulnerability in Cisco CX Cloud Agent of could allow an authenticated, local attacker to elevate their privileges. This vulnerability is due to insecure file permissions. An attacker could exploit this vulnerability by persuading support to update settings which call the insecure script. A...

7.3CVSS6.7AI score0.00143EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 3:38 a.m.8 views

CVE-2023-28870

Insecure File Permissions in Support Assistant in NCP Secure Enterprise Client before 12.22 allow attackers to write to configuration files from low-privileged user accounts...

6.5CVSS6.9AI score0.00701EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 1:43 a.m.5 views

CVE-2023-20043

A vulnerability in Cisco CX Cloud Agent of could allow an authenticated, local attacker to elevate their privileges. This vulnerability is due to insecure file permissions. An attacker could exploit this vulnerability by calling the script with sudo. A successful exploit could allow the attacker ...

6.7CVSS6.7AI score0.0021EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 9:5 p.m.8 views

CVE-2021-42711

Barracuda Network Access Client before 5.2.2 creates a Temporary File in a Directory with Insecure Permissions. This file is executed with SYSTEM privileges when an unprivileged user performs a repair operation...

7.8CVSS6.9AI score0.00259EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 4:52 p.m.8 views

CVE-2020-8634

Wing FTP Server v6.2.3 for Linux, macOS, and Solaris sets insecure permissions on files modified within the HTTP file management interface, resulting in files being saved with world-readable and world-writable permissions. If a sensitive system file were edited this way, a low-privilege user may...

7.8CVSS7AI score0.00426EPSS
Exploits5References1
Cvelist
Cvelist
added 2025/05/22 4:49 p.m.12 views

CVE-2025-43596 MSP360 Backup (for Windows) insecure filesystem permissions

An insecure file system permissions vulnerability in MSP360 Backup 8.0 allows a low privileged user to execute commands with SYSTEM level privileges using a specially crafted file with an arbitrary file backup target. Upgrade to MSP360 Backup 8.1.1.19 released on 2025-05-15...

8.5CVSS0.00353EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/05/22 8:52 a.m.10 views

CVE-2019-8071

Adobe Download Manager versions 2.0.0.363 have an insecure file permissions vulnerability. Successful exploitation could lead to privilege escalation...

9.8CVSS6.8AI score0.03311EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/05/01 12:0 a.m.7 views

PT-2025-18716 · Msp360 · Msp360 Backup

Name of the Vulnerable Software and Affected Versions: MSP360 Backup version 4.3.1.115 Description: An insecure file system permissions vulnerability in MSP360 Backup allows a low privileged user to execute commands with root privileges in the 'Online Backup' folder. Recommendations: Upgrade to...

8.5CVSS6.8AI score0.00363EPSS
Exploits0References12
RedhatCVE
RedhatCVE
added 2025/04/10 8:23 a.m.21 views

CVE-2025-31332

Due to insecure file permissions in SAP BusinessObjects Business Intelligence Platform, an attacker who has local access to the system could modify files potentially disrupting operations or cause service downtime hence leading to a high impact on integrity and availability. However, this...

6.6CVSS6.6AI score0.00144EPSS
Exploits0References1
OSV
OSV
added 2025/04/08 8:15 a.m.3 views

CVE-2025-31332

Due to insecure file permissions in SAP BusinessObjects Business Intelligence Platform, an attacker who has local access to the system could modify files potentially disrupting operations or cause service downtime hence leading to a high impact on integrity and availability. However, this...

7.1CVSS5.8AI score0.00144EPSS
Exploits0References2
CVE
CVE
added 2025/04/08 7:15 a.m.65 views

CVE-2025-31332

CVE-2025-31332 concerns insecure file permissions in SAP BusinessObjects Business Intelligence Platform. A local attacker could modify files, potentially disrupting operations or causing service downtime, leading to high impact on integrity and availability . The vulnerability does not disclose s...

7.1CVSS6.8AI score0.00144EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2025/04/08 7:15 a.m.31 views

CVE-2025-31332 Insecure File permissions vulnerability in SAP BusinessObjects Business Intelligence Platform

Due to insecure file permissions in SAP BusinessObjects Business Intelligence Platform, an attacker who has local access to the system could modify files potentially disrupting operations or cause service downtime hence leading to a high impact on integrity and availability. However, this...

6.6CVSS0.00144EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/04/08 12:0 a.m.8 views

SAP BusinessObjects Business Intelligence Platform 安全漏洞

SAP BusinessObjects Business Intelligence Platform is a complete business analytics platform from SAP. The platform combines market-leading SAP data integration products, data management products, and business intelligence BI products to eliminate system integration challenges and quickly and...

7.1CVSS6.2AI score0.00144EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/02/05 12:3 p.m.12 views

CVE-2024-7358

A vulnerability was found in Point B Ltd Getscreen Agent 2.19.6 on Windows. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file getscreen.msi of the component Installation. The manipulation leads to creation of temporary file with insecure...

8.5CVSS6.7AI score0.00228EPSS
Exploits0References1
Veracode
Veracode
added 2025/02/03 5:18 a.m.14 views

Credentials Exposure

net.snowflake, snowflake-jdbc is vulnerable to credentials exposure. The vulnerability is due to insecure file permissions, where the Snowflake JDBC Driver caches temporary credentials in a world-readable file, allowing unauthorized users or attackers to access sensitive information...

5.5CVSS4.5AI score0.00188EPSS
Exploits0References4Affected Software1
Tenable Nessus
Tenable Nessus
added 2024/10/21 12:0 a.m.17 views

Adobe Creative Cloud < 5.2 Multiple Vulnerabilities (APSB20-33)

The version of Adobe Creative Cloud installed on the remote Windows host is prior to 5.2. It is, therefore, affected by multiple vulnerabilities as referenced in the APSB20-33 advisory. - Adobe Creative Cloud Desktop Application versions 5.1 and earlier have a symlink vulnerability vulnerability...

10CVSS7.7AI score0.04306EPSS
Exploits0References5
CVE
CVE
added 2024/09/03 12:0 a.m.44 views

CVE-2024-38456

CVE-2024-38456 describes an insecure file and folder permissions vulnerability in prunsrv.exe affecting HIGH-LEIT runtimes (V05.08.01.03 and V04.25.00.00 to 4.25.01.01) for Windows from Vivavis. The issue allows a non-admin user to exploit weak permissions to escalate to NT AUTHORITY\SYSTEM and e...

7.8CVSS7.9AI score0.00243EPSS
Exploits0References4
OSV
OSV
added 2024/05/27 4:15 p.m.29 views

UBUNTU-CVE-2024-32978

Kaminari is a paginator for web app frameworks and object relational mappings. A security vulnerability involving insecure file permissions has been identified in the Kaminari pagination library for Ruby on Rails, concerning insecure file permissions. This vulnerability is of moderate severity du...

6.6CVSS5.7AI score0.00595EPSS
Exploits0References3
Rows per page
Query Builder