PT-2025-32871 · Fortinet · Fortindr +4

Name of the Vulnerable Software and Affected Versions: Fortinet FortiMail versions 7.6.0 through 7.6.1 and prior to 7.4.3 Fortinet FortiVoice versions 7.0.0 through 7.0.5 and prior to 7.4.9 Fortinet FortiRecorder versions 7.2.0 through 7.2.1 and prior to 7.0.4 Fortinet FortiCamera versions 7.6.0...

SUSE CVE-2024-2746

Incomplete fix for CVE-2024-1929 The problem with CVE-2024-1929 was that the dnf5 D-Bus daemon accepted arbitrary configuration parameters from unprivileged users, which allowed a local root exploit by tricking the daemon into loading a user controlled "plugin". All of this happened before Polkit...

AZL-37301 CVE-2023-29403 affecting package golang for versions less than 1.21.6-1

On Unix platforms, the Go runtime does not behave differently when a binary is run with the setuid/setgid bits. This can be dangerous in certain cases, such as when dumping memory state, or assuming the status of standard i/o file descriptors. If a setuid/setgid binary is executed with standard I...

SUSE CVE-2023-29403

On Unix platforms, the Go runtime does not behave differently when a binary is run with the setuid/setgid bits. This can be dangerous in certain cases, such as when dumping memory state, or assuming the status of standard i/o file descriptors. If a setuid/setgid binary is executed with standard I...

CVE-2021-25399

Improper configuration in Smart Manager prior to version 11.0.05.0 allows attacker to access the file with system privilege...

Apple iOS 安全漏洞

Apple iOS is an operating system developed by Apple Inc. for mobile devices. A security vulnerability exists in Apple iOS, where a local user may be able to create or modify privileged files. The following products and versions are affected: iPhone 6s and later, iPad Pro all models, iPad Air 2 an...

CVE-2019-13528

A specific utility may allow an attacker to gain read access to privileged files in the Niagara AX 3.8u4 JACE 3e, JACE 6e, JACE 7, JACE-8000, Niagara 4.4u3 JACE 3e, JACE 6e, JACE 7, JACE-8000, and Niagara 4.7u1 JACE-8000, Edge 10...

Microsoft Windows NTFS Privileged File Access Enumeration Exploit

Microsoft Windows suffers from an NTFS privileged file access enumeration vulnerability. Attackers possessing user-only rights can gather intelligence or profile other user account activities by brute forcing a correct file name due to inconsistent error messaging. + Credits: John Page aka...

Windows NTFS - Privileged File Access Enumeration

Windows NTFS - Privileged File Access Enumeration + Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/MICROSOFT-WINDOWS-NTFS-PRIVILEGED-FILE-ACCESS-ENUMERATION.txt + ISR: ApparitionSec Vendor www.microsoft.com Product Windows...

Microsoft Windows NTFS - Privileged File Access Enumeration

Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/MICROSOFT-WINDOWS-NTFS-PRIVILEGED-FILE-ACCESS-ENUMERATION.txt + ISR: ApparitionSec Vendor www.microsoft.com Product Windows NTFS NTFS is a proprietary journaling file system...

Microsoft Windows Kernel Security Feature Bypass (MS15-115: CVE-2015-6113)

A kernel security feature bypass vulnerability has been reported in Microsoft Windows. A remote attacker may exploit this vulnerability by calling a procedure which bypasses access check and allows privileged file access...

Apache 2.0.4x mod_php Module File Descriptor Leakage Vulnerability (2)

No description provided by source. source: http://www.securityfocus.com/bid/9302/info Reportedly, the Apache modphp module may be prone to a vulnerability that may allow a local attacker to gain access to privileged file descriptors. As a result, the attacker may pose as a legitimate server and...

CVE-2010-0790

sutil/ncpumount.c in ncpumount in ncpfs 2.2.6 produces certain detailed error messages about the results of privileged file-access attempts, which allows local users to determine the existence of arbitrary files via the mountpoint name...

ePolicy Orchestrator Symlink Arbitrary Privileged File Access

The remote host is running ePolicy Orchestrator / ProtectionPilot, a system security management solution from McAfee. According to its banner, the Common Management Agent CMA associated with ePolicy Orchestrator / ProtectionPilot on the remote host can be used by local users to view files residin...

Multiple Abuse game vulnerabilities

Buffer overflow, privileged file access...

CVE-2002-1134

Unknown vulnerability in Compaq WEBES Service Tools 2.0 through WEBES 4.0 Service Pack 5 allows local users to read privileged files...

FreeBSD 4.34.4 - Login Capabilities Privileged File Reading

FreeBSD 4.34.4 - Login Capabilities Privileged File Reading source: https://www.securityfocus.com/bid/3344/info FreeBSD is a freely available, open source implementation of the BSD UNIX Operating System. It is developed and maintained by the FreeBSD Project. It is possible for a user with access ...