EUVD-2026-34761

Inappropriate implementation in Permissions in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...

CVE-2026-11253

CVE-2026-11253 affects Google Chrome prior to 149.0.7827.53. Insecure Permissions handling allowed a remote attacker to leak cross-origin data via a crafted HTML page. CVSS 3.1: 4.3 (Medium); network attack vector, low complexity, no privileges, user interaction required. No exploitation details ...

TigerVNC: x0vncserver: TigerVNC x0vncserver: Information disclosure, data manipulation, and denial of service via incorrect permissions

A flaw was found in TigerVNC's x0vncserver component. Due to incorrect permissions in the Image.cxx file, other users on the system can observe or manipulate the screen contents of a running session. This vulnerability could also lead to an application crash, resulting in a Denial of Service DoS...

SUSE SLES15 Security Update : nodejs20 (SUSE-SU-2026:1371-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1371-1 advisory. Update to version 20.20.2. - CVE-2026-21717: trivially predictable hash collisions due to flaw in V8's string hashing mechanism...

CVE-2026-6315

CVE-2026-6315 affects Google Chrome on Android (before version 147.0.7727.101). It is a use-after-free in Permissions that could let a remote attacker who coerces a user into specific UI gestures execute arbitrary code via a crafted HTML page. The connected documents provide the same details and ...

Arturia Software Center 安全漏洞

Arturia Software Center is an application developed by the French company Arturia, used for managing, installing, and updating music production software and plugins. There is a security vulnerability in Arturia Software Center, which stems from improper permission settings in the uninstall.sh...

EulerOS 2.0 SP11 : containerd (EulerOS-SA-2026-1600)

According to the versions of the containerd packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : containerd is an open-source container runtime. Versions 0.1.0 through 1.7.28, 2.0.0-beta.0 through 2.0.6, 2.1.0-beta.0 through 2.1.4 and...

CVE-2025-15340

Tanium addressed an incorrect default permissions vulnerability in Comply...

CVE-2025-15339

Tanium addressed an incorrect default permissions vulnerability in Discover...

CVE-2025-15339 Tanium addressed an incorrect default permissions vulnerability in Discover.

Tanium addressed an incorrect default permissions vulnerability in Discover...

CVE-2025-15341 Tanium addressed an incorrect default permissions vulnerability in Benchmark.

Tanium addressed an incorrect default permissions vulnerability in Benchmark...

CVE-2025-15338

Tanium addressed an incorrect default permissions vulnerability in Partner Integration...

CVE-2024-39302

BigBlueButton is an open-source virtual classroom designed to help teachers teach and learners learn. An attacker may be able to exploit the overly elevated file permissions in the /usr/local/bigbluebutton/core/vendor/bundle/ruby/2.7.0/gems/resque-2.6.0 directory with the goal of privilege...

CVE-2022-33163

IBM Security Directory Suite VA 8.0.1 specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors. IBM X-Force ID: 228571...

Medium: containerd

Issue Overview: containerd is an open-source container runtime. Versions 0.1.0 through 1.7.28, 2.0.0-beta.0 through 2.0.6, 2.1.0-beta.0 through 2.1.4 and 2.2.0-beta.0 through 2.2.0-rc.1 have an overly broad default permission vulnerability. Directory paths /var/lib/containerd,...

Mirion Medical EC2 Software NMIS BioDose 安全漏洞

Mirion Medical EC2 Software NMIS BioDose is a software for managing and analyzing biological dosimetry data from Mirion Medical, Germany. A security vulnerability exists in Mirion Medical EC2 Software NMIS BioDose V22.02 and earlier versions, which stems from insecure installation directory...

Security update for containerd

This update for containerd fixes the following issues: Update to containerd v1.7.29 CVE-2024-25621: Fixed an overly broad default permission vulnerability. bsc1253126 CVE-2025-64329: Fixed a goroutine leaks which can lead to memory exhaustion on the host. bsc1253132 Patch Instructions: To install...

SUSE-SU-2025:4072-1 Security update for containerd

This update for containerd fixes the following issues: - Update to containerd v1.7.29 - CVE-2024-25621: Fixed an overly broad default permission vulnerability. bsc1253126 - CVE-2025-64329: Fixed a goroutine leaks which can lead to memory exhaustion on the host. bsc1253132...

EUVD-2025-38339

Inappropriate implementation in Permissions in Google Chrome prior to 140.0.7339.80 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...

Apple macOS 安全漏洞

Apple macOS Sequoia is an operating system announced by Apple on June 10, 2024 at the WWDC24 developer conference. Apple macOS Sequoia has a privilege issue vulnerability that can be exploited by attackers to cause an application to access sensitive user data...