PT-2026-35345

An improper ownership management vulnerability has been identified in Moxa’s Secure Router. Because of improper ownership management, a low-privileged authenticated user may access a configuration file containing the hashed password of the administrative account. Successful exploitation of this...

Incorrect Ownership Assignment

Overview Affected versions of this package are vulnerable to Incorrect Ownership Assignment in the secrets management process. An attacker can gain unauthorized access to sensitive information by exploiting a race condition between the generation of a secret ID and the creation of the secret's...

CVE-2025-14740

Docker Desktop for Windows contains multiple incorrect permission assignment vulnerabilities in the installer's handling of the C:\ProgramData\DockerDesktop directory. The installer creates this directory without proper ownership verification, creating two exploitation scenarios: Scenario 1...

CVE-2025-14740

Docker Desktop for Windows contains permission-assignment vulnerabilities in the installer for C:\ProgramData\DockerDesktop. The issue arises when the installer creates the directory without proper ownership verification, allowing a local attacker to exploit two scenarios: (1) Persistent Attack —...

CVE-2025-68492

Chainlit versions prior to 2.8.5 contain an authorization bypass through user-controlled key vulnerability. If this vulnerability is exploited, threads may be viewed or thread ownership may be obtained by an attacker who can log in to the product...

EUVD-2019-4056

Malware in sbrugna...

EUVD-2000-0694

Malware in sbrugna...

EUVD-2018-11505

Malware in sbrugna...

EUVD-2022-4474

Malicious code in bioql PyPI...

GitLab 17.10 < 18.2.7 / 18.3 < 18.3.3 / 18.4 < 18.4.1 (CVE-2025-5069)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - Incorrect Ownership Assignment in GitLab CVE-2025-5069 Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. %NASLMINLEVEL 80900...

PT-2025-34869

Name of the Vulnerable Software and Affected Versions: Dell ThinOS versions prior to 2508 10.0127 Description: Dell ThinOS 10 contains an Unverified Ownership issue. A local low-privileged attacker could potentially exploit this issue leading to Unauthorized Access. Recommendations: Update Dell...

CVE-2025-52993

A race condition in the Nix, Lix, and Guix package managers enables changing the ownership of arbitrary files to the UID and GID of the build user e.g., nixbld or guixbuild. This affects Nix before 2.24.15, 2.26.4, 2.28.4, and 2.29.1; Lix before 2.91.2, 2.92.2, and 2.93.1; and Guix before...

CVE-2022-28152

A cross-site request forgery CSRF vulnerability in Jenkins Job and Node ownership Plugin 0.13.0 and earlier allows attackers to restore the default ownership of a job...

Improper Authorization

Apache Superset is vulnerable to Improper Authorization. The vulnerability is due to insufficient permission checks that allow authenticated users with read access to take ownership of dashboards, charts, or datasets...

Improper Ownership Management

Overview Affected versions of this package are vulnerable to Improper Ownership Management for projects, whose namespace defaults to being the project name, regardless of cluster. A user with permission to create a project can escalate privileges to those of a user who owns a project by the same...

[SECURITY] [DLA 3963-1] ansible security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-3963-1 [email protected] https://www.debian.org/lts/security/ Bastien Roucariès November 23, 2024 https://wiki.debian.org/LTS -...

CVE-2024-38446

NATO NCI ANET 3.4.1 mishandles report ownership. A user can create a report and, despite the restrictions imposed by the UI, change the author of that report to an arbitrary user without their consent or knowledge via a modified UUID in a POST request...

RHEL 5 : vim (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - vim: Integer overflow at an unserializeuep memory allocation site CVE-2017-6350 - vim before patch 8.0.00...

CVE-2022-22189

An Incorrect Ownership Assignment vulnerability in Juniper Networks Contrail Service Orchestration CSO allows a locally authenticated user to have their permissions elevated without authentication thereby taking control of the local system they are currently authenticated to. This issue affects:...

Juniper Networks Contrail Service Orchestration 安全漏洞

Juniper Networks Contrail Service Orchestration is a powerful software platform from Juniper Networks, Inc. for connecting many enterprise and multi-tenant service provider solutions. A security vulnerability exists in Juniper Networks Contrail Service Orchestration CSO versions prior to 6.0.0 th...