21818 matches found
firewalld 安全漏洞
Firewalld is an open-source firewall software developed by Firewalld projects. There are security vulnerabilities in Firewalld, which stem from improper authorization. These vulnerabilities may allow local users to modify the firewall settings without proper authorization...
PT-2026-28268
Insertion of Sensitive Information into Log File vulnerability in the SCIM Driver module in OpenText IDM Driver and Extensions on Windows, Linux, 64 bit allows authenticated local users to obtain sensitive information via access to log files. This issue affects IDM SCIM Driver: 1.0.0.0000 through...
OpenText IDM Driver and Extensions 日志信息泄露漏洞
OpenText IDM Drivers and Extensions are a set of drivers and components provided by OpenText Corporation in Canada, offering capabilities for identity system integration and feature expansion. OpenText IDM Drivers and Extensions contain a vulnerability related to log information leakage, which...
CVE-2026-3113
A flaw was found in Mattermost. The system fails to properly set file permissions on downloaded bulk exports. This vulnerability allows other local users on the server to read the sensitive contents of these bulk export files, leading to unauthorized information disclosure...
EUVD-2026-16240
Mattermost versions 11.4.x = 11.4.0, 11.3.x = 11.3.1, 11.2.x = 11.2.3, 10.11.x = 10.11.11 fail to set permissions on downloaded bulk export which allows other local users on the server to be able to read contents of the bulk export.. Mattermost Advisory ID: MMSA-2026-00593...
GHSA-4765-V66X-RQX7 Mattermost doesn't set permissions on downloaded bulk export
Mattermost versions 11.4.x = 11.4.0, 11.3.x = 11.3.1, 11.2.x = 11.2.3, 10.11.x = 10.11.11 fail to set permissions on downloaded bulk export which allows other local users on the server to be able to read contents of the bulk export. Mattermost Advisory ID: MMSA-2026-00593...
Mattermost doesn't set permissions on downloaded bulk export
Mattermost versions 11.4.x = 11.4.0, 11.3.x = 11.3.1, 11.2.x = 11.2.3, 10.11.x = 10.11.11 fail to set permissions on downloaded bulk export which allows other local users on the server to be able to read contents of the bulk export. Mattermost Advisory ID: MMSA-2026-00593...
CVE-2026-3113
Mattermost versions 11.4.x = 11.4.0, 11.3.x = 11.3.1, 11.2.x = 11.2.3, 10.11.x = 10.11.11 fail to set permissions on downloaded bulk export which allows other local users on the server to be able to read contents of the bulk export.. Mattermost Advisory ID: MMSA-2026-00593...
CVE-2026-3113 mmctl export download command doesn’t restrict permissions to created file to file owner
Mattermost versions 11.4.x = 11.4.0, 11.3.x = 11.3.1, 11.2.x = 11.2.3, 10.11.x = 10.11.11 fail to set permissions on downloaded bulk export which allows other local users on the server to be able to read contents of the bulk export.. Mattermost Advisory ID: MMSA-2026-00593...
CVE-2026-3113 mmctl export download command doesn’t restrict permissions to created file to file owner
Mattermost versions 11.4.x = 11.4.0, 11.3.x = 11.3.1, 11.2.x = 11.2.3, 10.11.x = 10.11.11 fail to set permissions on downloaded bulk export which allows other local users on the server to be able to read contents of the bulk export.. Mattermost Advisory ID: MMSA-2026-00593...
CVE-2026-3113
Mattermost versions 11.4.x = 11.4.0, 11.3.x = 11.3.1, 11.2.x = 11.2.3, 10.11.x = 10.11.11 fail to set permissions on downloaded bulk export which allows other local users on the server to be able to read contents of the bulk export.. Mattermost Advisory ID: MMSA-2026-00593...
CVE-2025-36051
IBM QRadar SIEM 7.5.0 through 7.5.0 Update Package 14 stores potentially sensitive information in configuration files that could be read by a local user...
CVE-2026-32810
Halloy is an IRC application written in Rust. In versions on \nix and macOS prior to commit f180e41061db393acf65bc99f5c5e7397586d9cb, halloy creates its config directory and files using default umask permissions, which typically results in 0644 on files and 0755 on directories. This allows any...
CVE-2019-25483
Comtrend AR-5310 GE31-412SSG-C01R10.A2pG039u.d24k contains a restricted shell escape vulnerability that allows local users to bypass command restrictions by using the command substitution operator $ . Attackers can inject arbitrary commands through the $ syntax when passed as arguments to allowed...
EUVD-2025-209040
IBM Knowledge Catalog Standard Cartridge 5.0.0, 5.0.1, 5.0.2, 5.0.3, 5.1, 5.1.1, 5,1.2, 5.1.3, 5.2.0, 5.2.1 stores potentially sensitive information in log files that could be read by a local privileged user...
PT-2026-28422
Name of the Vulnerable Software and Affected Versions Mattermost versions 10.11.x through 10.11.11 Mattermost versions 11.2.x through 11.2.3 Mattermost versions 11.3.x through 11.3.1 Mattermost versions 11.4.x through 11.4.0 Description The software fails to properly set permissions on downloaded...
Mattermost 安全漏洞
Mattermost is an open-source collaboration platform developed by the American company Mattermost. There is a security vulnerability in Mattermost, which stems from the lack of permission settings for downloaded batch export files, potentially allowing other local users to read their contents. The...
EUVD-2025-209008
IBM Concert 1.0.0 through 2.2.0 contains hard-coded credentials that could be obtained by a local user...
CVE-2025-36440
CVE-2025-36440 affects IBM Concert versions 1.0.0 through 2.2.0. The vulnerability arises from missing function-level access control, enabling a local user to obtain sensitive information. The NVD entry and CVE records corroborate the vendor-reported impact and scope. The provided metrics indicat...
CVE-2025-12708
IBM Concert 1.0.0 through 2.2.0 contains hard-coded credentials that could be obtained by a local user...