Lucene search
K

10 matches found

Tenable Nessus
Tenable Nessus
added 2026/02/12 12:0 a.m.3 views

SUSE SLED15 / SLES15 Security Update : python313-wheel (SUSE-SU-2026:0425-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2026:0425-1 advisory. - CVE-2026-24049: Fixed absent path sanitization can cause arbitrary file permission modification bsc1257100. Tenable h...

7.1CVSS7.5AI score0.00311EPSS
Exploits2References4
OPENSUSE Linux
OPENSUSE Linux
added 2026/02/03 12:0 a.m.4 views

Security update for python-wheel (important)

openSUSE security update: security update for python-wheel ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20147-1 Rating: important References: bsc1257100 Cross-References: CVE-2026-24049 CVSS scores: CVE-2026-24049 SUSE : 7.7...

7.7CVSS5.5AI score0.00311EPSS
Exploits2References1
OSV
OSV
added 2026/01/26 9:29 p.m.8 views

GHSA-V253-RJ99-JWPQ pnpm has Path Traversal via arbitrary file permission modification

Summary When pnpm processes a package's directories.bin field, it uses path.join without validating the result stays within the package root. A malicious npm package can specify "directories": "bin": "../../../../tmp" to escape the package directory, causing pnpm to chmod 755 files at arbitrary...

6.7CVSS6AI score0.00244EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2024/11/27 12:0 a.m.6 views

CBL Mariner 2.0 Security Update: cups (CVE-2024-35235)

The version of cups installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-35235 advisory. - OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versio...

6.7CVSS6.2AI score0.02421EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2024/07/26 12:0 a.m.16 views

Samsung Magician for MacOS Privilege Escalation (CVE-2024-31952)

Samsung Magician versions 8.1.0 are vulnerable to a privilege escalation vulnerability due to issues with symbolic linking in the files used during the installation process allowing an attacker to escalate privileges through arbitrary file permission writes. Note that Nessus has not tested for th...

6.7CVSS5.5AI score0.00172EPSS
Exploits0References2
NVD
NVD
added 2024/05/14 3:26 p.m.14 views

CVE-2024-31952

An issue was discovered in Samsung Magician 8.0.0 on macOS. Because symlinks are used during the installation process, an attacker can escalate privileges via arbitrary file permission writes. The attacker must already have user privileges, and an administrator password must be entered during the...

6.7CVSS6.9AI score0.00172EPSS
Exploits0References1
CVE
CVE
added 2024/05/09 5:38 p.m.53 views

CVE-2024-31952

CVE-2024-31952 affects Samsung Magician 8.0.0 on macOS. The root cause is improper handling of symlinks during installation, allowing a local attacker with user privileges to escalate to higher privileges via arbitrary file permission writes. The attacker must be able to run the installer and ent...

6.7CVSS7.4AI score0.00172EPSS
Exploits0References1Affected Software1
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.17 views

FreeBSD 4.x,NetBSD 1.4.x/1.5.x/1.6,OpenBSD 3 pppd Arbitrary File Permission Modification Race Condition

No description provided by source. source: http://www.securityfocus.com/bid/5355/info A vulnerability has been reported in some versions of the pppd daemon included with multiple BSD distributions. A race condition error in the code may result in the pppd process changing the file permissions on ...

7.1AI score
Exploits0
NVD
NVD
added 2007/01/09 2:28 a.m.24 views

CVE-2007-0117

DiskManagementTool in the DiskManagement.framework 92.29 on Mac OS X 10.4.8 does not properly validate Bill of Materials BOM files, which allows attackers to gain privileges via a BOM file under /Library/Receipts/, which triggers arbitrary file permission changes upon execution of a diskutil...

10CVSS6.9AI score0.05347EPSS
Exploits1References5
Cvelist
Cvelist
added 2007/01/09 2:0 a.m.26 views

CVE-2007-0117

DiskManagementTool in the DiskManagement.framework 92.29 on Mac OS X 10.4.8 does not properly validate Bill of Materials BOM files, which allows attackers to gain privileges via a BOM file under /Library/Receipts/, which triggers arbitrary file permission changes upon execution of a diskutil...

6.9AI score0.05347EPSS
Exploits1References5
Rows per page
Query Builder