Lucene search
K

72 matches found

RedHat Linux
RedHat Linux
added 2026/05/20 5:7 p.m.10 views

golang: internal/syscall/unix: Root.Chmod can follow symlinks out of the root

A flaw was found in the internal/syscall/unix package in the Go standard library. If the target of the Root.Chmod function is replaced with a symbolic link during execution, specifically after Root.Chmod checks the target but before acting, the chmod operation will be performed on the file the...

6.4CVSS7.2AI score0.00292EPSS
Exploits0References8
RedhatCVE
RedhatCVE
added 2026/04/29 10:8 a.m.7 views

CVE-2026-35341

A flaw was found in uutils coreutils mkfifo. This vulnerability allows a local user to inadvertently change the permissions of an existing file when attempting to create a named pipe FIFO at the same location. The mkfifo utility, instead of failing, proceeds to set the existing file's permissions...

7.1CVSS5.2AI score0.00165EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2026/04/22 4:7 p.m.3 views

CVE-2026-35341

A vulnerability in uutils coreutils mkfifo allows for the unauthorized modification of permissions on existing files. When mkfifo fails to create a FIFO because a file already exists at the target path, it fails to terminate the operation for that path and continues to execute a follow-up...

7.1CVSS5.9AI score0.00165EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2026/04/22 4:7 p.m.4 views

CVE-2026-35341 uutils coreutils mkfifo Unauthorized Permission Change on Existing Files

A vulnerability in uutils coreutils mkfifo allows for the unauthorized modification of permissions on existing files. When mkfifo fails to create a FIFO because a file already exists at the target path, it fails to terminate the operation for that path and continues to execute a follow-up...

7.1CVSS5.9AI score0.00165EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2026/04/22 12:0 a.m.6 views

PT-2026-34477

A vulnerability in uutils coreutils mkfifo allows for the unauthorized modification of permissions on existing files. When mkfifo fails to create a FIFO because a file already exists at the target path, it fails to terminate the operation for that path and continues to execute a follow-up set...

7.1CVSS5.9AI score0.00165EPSS
Exploits1References2
NVD
NVD
added 2026/04/16 1:16 a.m.4 views

CVE-2026-40502

OpenHarness prior to commit dd1d235 contains a command injection vulnerability that allows remote gateway users with chat access to invoke sensitive administrative commands by exploiting insufficient distinction between local-only and remote-safe commands in the gateway handler. Attackers can...

8.8CVSS0.01687EPSS
Exploits1References3
Snyk
Snyk
added 2026/04/14 11:39 p.m.5 views

Insufficient Session Expiration

Overview pyload-ng is a The free and open-source Download Manager written in pure Python Affected versions of this package are vulnerable to Insufficient Session Expiration due to improper session management when user permissions are changed. An attacker can retain unauthorized access to resource...

6.3CVSS5.8AI score
Exploits0References2
NVD
NVD
added 2026/03/23 7:16 p.m.8 views

CVE-2026-33649

WWBN AVideo is an open source video platform. In versions up to and including 26.0, the plugin/Permissions/setPermission.json.php endpoint accepts GET parameters for a state-changing operation that modifies user group permissions. The endpoint has no CSRF token validation, and the application...

8.8CVSS0.00172EPSS
Exploits1References1
OSV
OSV
added 2026/03/20 8:16 a.m.4 views

DEBIAN-CVE-2026-33056

tar-rs is a tar archive reading/writing library for Rust. In versions 0.4.44 and below, when unpacking a tar archive, the tar crate's unpackdir function uses fs::metadata to check whether a path that already exists is a directory. Because fs::metadata follows symbolic links, a crafted tarball...

6.5CVSS5.5AI score0.00379EPSS
Exploits1References1
AlpineLinux
AlpineLinux
added 2026/01/22 4:2 a.m.2 views

CVE-2026-24049

wheel is a command line tool for manipulating Python wheel files, as defined in PEP 427. In versions 0.40.0 through 0.46.1, the unpack function is vulnerable to file permission modification through mishandling of file permissions after extraction. The logic blindly trusts the filename from the...

7.1CVSS6.5AI score0.00311EPSS
Exploits2References48
RedhatCVE
RedhatCVE
added 2026/01/07 9:39 a.m.8 views

CVE-1999-0473

The rsync command before rsync 2.3.1 may inadvertently change the permissions of the client's working directory to the permissions of the directory being transferred...

2.1CVSS7AI score0.00323EPSS
Exploits0References1
EUVD
EUVD
added 2025/12/08 3:30 p.m.3 views

EUVD-2025-26353

TOCTOU in linenoiseHistorySave in linenoise allows local attackers to overwrite arbitrary files and change permissions via a symlink race between fopen"w" on the history path and subsequent chmod on the same path...

6.8CVSS5.8AI score0.00099EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2007-1224

Malware in sbrugna...

6.6CVSS6.4AI score0.00758EPSS
Exploits1References10
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2000-0851

Malware in sbrugna...

6.2CVSS6.4AI score0.00694EPSS
Exploits1References11
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2014-2395

Malware in sbrugna...

6.8CVSS6.4AI score0.00574EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2019-18950

Malware in sbrugna...

8.1CVSS7.2AI score0.00504EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.2 views

EUVD-2023-54460

Malicious code in bioql PyPI...

8.8CVSS8.7AI score0.00427EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-34393

Malicious code in bioql PyPI...

9.4CVSS9.2AI score0.01004EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-29722

Malicious code in bioql PyPI...

5.4CVSS5.8AI score0.00323EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/06/26 10:54 p.m.4 views

CVE-2025-52555

A vulnerability in Ceph was discovered whereby an unprivileged user could change the permissions of a directory owned by the root user, gaining access to the targeted directory. The non-privileged user can escalate privileges to root in a CephFS mounted with ceph-fuse by applying chmod 777 read,...

6.5CVSS7AI score0.00166EPSS
Exploits0References5
Rows per page
Query Builder