36 matches found
CVE-2025-3086
CVE-2025-3086 affects M-Files Server prior to 25.3.14549. The issue is improper isolation of users, enabling an anonymous user to affect other anonymous users’ views and potentially cause a denial of service. Affected product: M-Files Server. Root cause: improper user isolation between anonymous ...
M-Files Server 安全漏洞
M-Files Server is a server for the M-Files system from M-Files, Inc. A security vulnerability exists in M-Files Server versions prior to 25.3.14549 that stems from improper user isolation and could result in a denial of service...
PT-2024-33484 · Sandboxie · Sandboxie
Name of the Vulnerable Software and Affected Versions: Sandboxie affected versions not specified Description: Sandboxie is a sandbox-based isolation software for 32-bit and 64-bit Windows NT-based operating systems. An authenticated user UserA without privileges can read files created in a sandbo...
Apache Tomcat 安全漏洞
Apache Tomcat is a lightweight Web application server from the American Apache Apache Foundation. The program implements support for Servlets and JavaServer Page JSP. A security vulnerability exists in Apache Tomcat that stems from an incorrect object recovery and reuse vulnerability that could...
The vulnerability of monitoring software and Performance Co-Pilot (PCP) systems, which involves creating temporary files with insecure permissions, allows attackers to carry out attacks using symbolic links and to circumvent user isolation measures provided by PCP.
The vulnerability of the Performance Co-Pilot PCP monitoring and performance visualization software is related to the mixed levels of privileges used by systemd services associated with PCP. Exploiting this vulnerability allows an attacker to carry out attacks using symbolic links and to circumve...
RHEL 9 : pcp (RHSA-2024:2213)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:2213 advisory. Performance Co-Pilot PCP is a suite of tools, services, and libraries for acquisition, archiving, and analysis of system-level performance...
CVE-2023-6917
performancecopilot/pcp is vulnerable to Creation of Temporary File With Insecure Permissions. The vulnerability is due to the mixed privilege levels utilized by systemd services associated with the package. While certain services operate within the confines of limited user/group privileges, other...
CVE-2023-6917
A vulnerability has been identified in the Performance Co-Pilot PCP package, stemming from the mixed privilege levels utilized by systemd services associated with PCP. While certain services operate within the confines of limited PCP user/group privileges, others are granted full root privileges...
CVE-2023-6917
A vulnerability has been identified in the Performance Co-Pilot PCP package, stemming from the mixed privilege levels utilized by systemd services associated with PCP. While certain services operate within the confines of limited PCP user/group privileges, others are granted full root privileges...
Privilege escalation
A vulnerability has been identified in the Performance Co-Pilot PCP package, stemming from the mixed privilege levels utilized by systemd services associated with PCP. While certain services operate within the confines of limited PCP user/group privileges, others are granted full root privileges...
UBUNTU-CVE-2023-6917
A vulnerability has been identified in the Performance Co-Pilot PCP package, stemming from the mixed privilege levels utilized by systemd services associated with PCP. While certain services operate within the confines of limited PCP user/group privileges, others are granted full root privileges...
CVE-2023-6917
A vulnerability has been identified in the Performance Co-Pilot PCP package, stemming from the mixed privilege levels utilized by systemd services associated with PCP. While certain services operate within the confines of limited PCP user/group privileges, others are granted full root privileges...
CVE-2023-6917
A vulnerability has been identified in the Performance Co-Pilot PCP package, stemming from the mixed privilege levels utilized by systemd services associated with PCP. While certain services operate within the confines of limited PCP user/group privileges, others are granted full root privileges...
CVE-2023-6917 Pcp: unsafe use of directories allows pcp to root privilege escalation
A vulnerability has been identified in the Performance Co-Pilot PCP package, stemming from the mixed privilege levels utilized by systemd services associated with PCP. While certain services operate within the confines of limited PCP user/group privileges, others are granted full root privileges...
PT-2024-6049 · Unknown +5 · Performance Co-Pilot +5
Name of the Vulnerable Software and Affected Versions: Performance Co-Pilot PCP affected versions not specified Description: A vulnerability has been identified in the Performance Co-Pilot PCP package, stemming from the mixed privilege levels utilized by systemd services associated with PCP. This...
CVE-2023-28876
A Broken Access Control issue in comments to uploaded files in Filerun through Update 20220202 allows attackers to delete comments on files uploaded by other users...