CVE-2025-55132

A flaw in Node.js's permission model allows a file's access and modification timestamps to be changed via futimes even when the process has only read permissions. Unlike utimes, futimes does not apply the expected write-permission checks, which means file metadata can be modified in read-only...

CVE-2025-55130

A flaw in Node.js’s Permissions model allows attackers to bypass --allow-fs-read and --allow-fs-write restrictions using crafted relative symlink paths. By chaining directories and symlinks, a script granted access only to the current directory can escape the allowed path and read sensitive files...

CVE-2024-45710

SolarWinds Platform is susceptible to an Uncontrolled Search Path Element Local Privilege Escalation vulnerability. This requires a low privilege account and local access to the affected node machine...

CVE-2024-45710

CVE-2024-45710 affects SolarWinds Platform and is described as an Uncontrolled Search Path Element Local Privilege Escalation. The vulnerability arises from an improper handling of search path elements, enabling a low-privilege user with local access to escalate privileges on the affected node. T...

PT-2023-27909 · Cilium · Cilium

Name of the Vulnerable Software and Affected Versions: Cilium versions prior to 1.14.2 Cilium versions prior to 1.13.7 Cilium versions prior to 1.12.14 Description: In Cilium clusters where Cilium's Layer 7 proxy has been disabled, creating workloads with policy.cilium.io/proxy-visibility...