21818 matches found
CVE-2025-49642
Library loading on AIX Zabbix Agent builds can be hijacked by local users with write access to the /home/cecuser directory...
EUVD-2025-199982
Use After Free vulnerability in Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user process to perform improper GPU processing operations to gain access to already freed memory.This issue affects Valhall GPU Kernel Driver: from...
CVE-2025-6349
Use After Free vulnerability in Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user process to perform improper GPU memory processing operations to gain access to already freed memory.This issue affects Valhall GPU Kernel Driver...
EUVD-2025-199981
Use After Free vulnerability in Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user process to perform improper GPU memory processing operations to gain access to already freed memory.This issue affects Valhall GPU Kernel Driver...
CVE-2025-6349 Mali GPU Kernel Driver allows improper GPU memory processing operations
Use After Free vulnerability in Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user process to perform improper GPU memory processing operations to gain access to already freed memory.This issue affects Valhall GPU Kernel Driver...
kernel: e1000e: fix heap overflow in e1000_set_eeprom
A heap‑overflow vulnerability was discovered in the linux kernel e1000e driver’s e1000seteeprom function, insufficient validation of the requested length for an EEPROM change could allow a local, low‑privilege user to trigger memory corruption heap overflow. A local unprivileged user with access ...
JLSEC-2025-238 Libarchive through 3.6.2 can cause directories to have world-writable permissions
Libarchive through 3.6.2 can cause directories to have world-writable permissions. The umask call inside archivewritediskposix.c changes the umask of the whole process for a very short period of time; a race condition with another thread can lead to a permanent umask 0 setting. Such a race...
CVE-2025-62875
An Improper Check for Unusual or Exceptional Conditions vulnerability in OpenSMTPD allows local users to crash OpenSMTPD. This issue affects openSUSE Tumbleweed: from ? before 7.8.0p0-1.1...
CVE-2025-34333
AudioCodes Fax Server and Auto-Attendant IVR appliances versions up to and including 2.6.23 configure the web document root at C:\F2MAdmin\F2E with overly permissive file system permissions. Authenticated local users have modify rights on this directory, while the associated web server process...
CVE-2025-34333 AudioCodes Fax/IVR Appliance <= 2.6.23 World-Writable Webroot LPE
AudioCodes Fax Server and Auto-Attendant IVR appliances versions up to and including 2.6.23 configure the web document root at C:\F2MAdmin\F2E with overly permissive file system permissions. Authenticated local users have modify rights on this directory, while the associated web server process...
CVE-2025-34333 AudioCodes Fax/IVR Appliance <= 2.6.23 World-Writable Webroot LPE
AudioCodes Fax Server and Auto-Attendant IVR appliances versions up to and including 2.6.23 configure the web document root at C:\F2MAdmin\F2E with overly permissive file system permissions. Authenticated local users have modify rights on this directory, while the associated web server process...
Linux Distros Unpatched Vulnerability : CVE-2025-64996
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Checkmk versions prior to 2.4.0p16, 2.3.0p41, and all versions of 2.2.0 and older, the mkinotify plugin creates world-readable and writable files, allowing a...
PT-2025-47482
AudioCodes Fax Server and Auto-Attendant IVR appliances versions up to and including 2.6.23 configure the web document root at C:F2MAdminF2E with overly permissive file system permissions. Authenticated local users have modify rights on this directory, while the associated web server process runs...
CVE-2025-64996
In Checkmk versions prior to 2.4.0p16, 2.3.0p41, and all versions of 2.2.0 and older, the mkinotify plugin creates world-readable and writable files, allowing any local user on the system to read the plugin's output and manipulate it, potentially leading to unauthorized access to or modification ...
CVE-2025-64996
In Checkmk versions prior to 2.4.0p16, 2.3.0p41, and all versions of 2.2.0 and older, the mkinotify plugin creates world-readable and writable files, allowing any local user on the system to read the plugin's output and manipulate it, potentially leading to unauthorized access to or modification ...
UBUNTU-CVE-2025-64996
In Checkmk versions prior to 2.4.0p16, 2.3.0p41, and all versions of 2.2.0 and older, the mkinotify plugin creates world-readable and writable files, allowing any local user on the system to read the plugin's output and manipulate it, potentially leading to unauthorized access to or modification ...
PT-2025-47328
Name of the Vulnerable Software and Affected Versions Checkmk versions prior to 2.4.0p16 Checkmk versions prior to 2.3.0p41 Checkmk versions 2.2.0 and older Description The mk inotify plugin creates files that are world-readable and writable. This allows any local user on the system to read the...
dotnet: .NET Denial of Service Vulnerability
A flaw was found in MSBuild’s temporary directory handling on Linux where predictable, non-randomized temporary paths are used. Local users can create or manipulate those paths before MSBuild runs, causing build failures or unexpected behavior and resulting in denial of service for build operatio...
dotnet: .NET Denial of Service Vulnerability
A flaw was found in MSBuild’s temporary directory handling on Linux where predictable, non-randomized temporary paths are used. Local users can create or manipulate those paths before MSBuild runs, causing build failures or unexpected behavior and resulting in denial of service for build operatio...
EUVD-2025-74033
An improper access restriction to a folder in Bitdefender Endpoint Security Tools for Mac BEST before 7.20.52.200087 allows local users with administrative privileges to bypass the configured uninstall password protection. An unauthorized user with sudo privileges can manually remove the...