1392 matches found
PT-2026-45860
Name of the Vulnerable Software and Affected Versions Dräger Protector Software versions prior to 6.4.2 Description Insecure file system permissions allow local attackers to execute arbitrary code with elevated privileges. This is achieved by replacing binaries or loaded modules on the host syste...
CVE-2026-49135 CodexBar < 0.32.0 Insecure Temporary File Handling in Notarization Workflow
CodexBar prior to 0.32.0 contains an insecure temporary file handling vulnerability that allows local attackers to access sensitive credentials or tamper with build artifacts by exploiting predictable file paths in the release notarization workflow. Attackers with access to the same host can read...
CVE-2018-25359
Splinterware System Scheduler Pro 5.12 contains an insecure file permissions vulnerability that allows low-privilege users to escalate privileges by modifying service executable files. Attackers can rename the WService.exe file in the installation directory and replace it with a malicious...
CVE-2018-25359
CVE-2018-25359 affects Splinterware System Scheduler Pro 5.12. The issue is insecure file permissions enabling low-privilege users to replace the service executable (WService.exe) in the installation directory, causing a malicious binary to run with LocalSystem privileges when the service starts....
CVE-2018-25359 Splinterware System Scheduler Pro 5.12 Privilege Escalation
Splinterware System Scheduler Pro 5.12 contains an insecure file permissions vulnerability that allows low-privilege users to escalate privileges by modifying service executable files. Attackers can rename the WService.exe file in the installation directory and replace it with a malicious...
Splinterware System Scheduler Pro 安全漏洞
Splinterware System Scheduler Pro is a task scheduling management software from Splinterware. A security vulnerability exists in Splinterware System Scheduler Pro version 5.12, which stems from insecure file permissions and could allow a low-privileged user to elevate privileges by modifying the...
EUVD-2026-30849
The Piotnet Addons for Elementor Pro plugin for WordPress is vulnerable to arbitrary file upload due to missing file type validation in the 'pafeajaxformbuilder' function in all versions up to, and including, 7.1.70. The plugin uses an incomplete extension blacklist that only blocks php, phpt,...
CVE-2026-45246
Summarize prior to 0.15.1 contains an insecure file permission vulnerability in the refresh-free configuration rewrite path that allows local users to read sensitive credentials by exploiting default filesystem permissions. When the refresh-free path rewrites the configuration file, it creates th...
CVE-2026-45246 Summarize < 0.15.1 Insecure File Permissions Information Disclosure
Summarize prior to 0.15.1 contains an insecure file permission vulnerability in the refresh-free configuration rewrite path that allows local users to read sensitive credentials by exploiting default filesystem permissions. When the refresh-free path rewrites the configuration file, it creates th...
CVE-2026-45246 Summarize < 0.15.1 Insecure File Permissions Information Disclosure
Summarize prior to 0.15.1 contains an insecure file permission vulnerability in the refresh-free configuration rewrite path that allows local users to read sensitive credentials by exploiting default filesystem permissions. When the refresh-free path rewrites the configuration file, it creates th...
CVE-2026-45246 Summarize < 0.15.1 Insecure File Permissions Information Disclosure
Summarize prior to 0.15.1 contains an insecure file permission vulnerability in the refresh-free configuration rewrite path that allows local users to read sensitive credentials by exploiting default filesystem permissions. When the refresh-free path rewrites the configuration file, it creates th...
Summarize 安全漏洞
Summarize is a multi-source rapid summarization tool developed by Peter Steinberger. Versions of Summarize prior to 0.15.1 contain security vulnerabilities. These vulnerabilities stem from insecure file permissions in the configuration rewritepath without refreshing, allowing local users to acces...
EUVD-2018-21853
GitBucket 4.23.1 contains an unauthenticated remote code execution vulnerability that allows attackers to execute arbitrary commands by exploiting weak secret token generation and insecure file upload functionality. Attackers can brute-force the Blowfish encryption key, upload a malicious JAR...
CVE-2018-25332
CVE-2018-25332 - GitBucket 4.23.1 Unauthenticated Remote Code Execution Affected software: GitBucket 4.23.1. Vulnerability: An unauthenticated remote code execution flaw exists due to weak secret token generation and insecure file upload functionality. Adversaries can brute-force the Blowfish enc...
CVE-2018-25332
GitBucket 4.23.1 contains an unauthenticated remote code execution vulnerability that allows attackers to execute arbitrary commands by exploiting weak secret token generation and insecure file upload functionality. Attackers can brute-force the Blowfish encryption key, upload a malicious JAR...
CVE-2018-25332 GitBucket 4.23.1 Unauthenticated Remote Code Execution
GitBucket 4.23.1 contains an unauthenticated remote code execution vulnerability that allows attackers to execute arbitrary commands by exploiting weak secret token generation and insecure file upload functionality. Attackers can brute-force the Blowfish encryption key, upload a malicious JAR...
GitBucket 访问控制错误漏洞
GitBucket is an open-source Git code hosting platform based on Scala. Version 4.23.1 of GitBucket contains a vulnerability related to access control. This vulnerability stems from the generation of weak secret tokens and the insecure file upload feature, which may allow unauthenticated attackers ...
📄 Cisco ISE 2.2 Remote Code Execution
This Metasploit module exploits an unauthorized file upload vulnerability in Cisco ISE. A ZIP file containing a JSP file with a manipulated path path traversal is uploaded. The webshell is then extracted to the webapps folder...
Insecure File Permissions
Claude SDK for TypeScript is vulnerable to insecure file permissions. The vulnerability is due to the BetaLocalFilesystemMemoryTool creating memory files and directories with world-readable and world-writable permissions, where a local attacker on a shared host could read persisted agent state, a...
RHCOS 3 : OpenShift Container Platform 3.11.394 (RHSA-2021:0637)
The remote Red Hat Enterprise Linux CoreOS 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:0637 advisory. - ant: insecure temporary file vulnerability CVE-2020-1945 - jenkins-2-plugins/subversion: XML parser is not preventing XML external...