EUVD-2025-204603

AspEmail 5.6.0.2 contains a binary permission vulnerability that allows local users to escalate privileges through the Persits Software EmailAgent service. Attackers can exploit full write permissions in the BIN directory to replace the service executable and gain elevated system access...

CVE-2023-53949 AspEmail 5.6.0.2 Local Privilege Escalation via Binary Permission Vulnerability

AspEmail 5.6.0.2 contains a binary permission vulnerability that allows local users to escalate privileges through the Persits Software EmailAgent service. Attackers can exploit full write permissions in the BIN directory to replace the service executable and gain elevated system access...

CVE-2023-53949

CVE-2023-53949 affects AspEmail 5.6.0.2. It describes a binary permission vulnerability in the BIN directory that allows local privilege escalation by replacing the Persits Software EmailAgent service executable, enabling elevated system access. The issue is rated high (local, low attack complexi...

CVE-2023-53949 AspEmail 5.6.0.2 Local Privilege Escalation via Binary Permission Vulnerability

AspEmail 5.6.0.2 contains a binary permission vulnerability that allows local users to escalate privileges through the Persits Software EmailAgent service. Attackers can exploit full write permissions in the BIN directory to replace the service executable and gain elevated system access...

PT-2025-52520

Name of the Vulnerable Software and Affected Versions AspEmail version 5.6.0.2 Description The software contains a binary permission issue that allows local users to gain higher system access. An attacker can replace the service executable within the BIN directory, due to full write permissions, ...

CVE-2024-32009

A vulnerability has been identified in Spectrum Power 4 All versions V4.70 SP12 Update 2. The affected application is vulnerable to a local privilege escalation due to wrongly set permissions to a binary which allows any local attacker to gain administrative privileges...

CVE-2024-32009

A vulnerability has been identified in Spectrum Power 4 All versions V4.70 SP12 Update 2. The affected application is vulnerable to a local privilege escalation due to wrongly set permissions to a binary which allows any local attacker to gain administrative privileges...

CVE-2024-32009

A vulnerability has been identified in Spectrum Power 4 All versions V4.70 SP12 Update 2. The affected application is vulnerable to a local privilege escalation due to wrongly set permissions to a binary which allows any local attacker to gain administrative privileges...

CVE-2024-32009

Summary: CVE-2024-32009 affects Siemens Spectrum Power 4 (all versions

CVE-2024-32009

A vulnerability has been identified in Spectrum Power 4 All versions V4.70 SP12 Update 2. The affected application is vulnerable to a local privilege escalation due to wrongly set permissions to a binary which allows any local attacker to gain administrative privileges...

EUVD-2024-29847

A vulnerability has been identified in Spectrum Power 4 All versions V4.70 SP12 Update 2. The affected application is vulnerable to a local privilege escalation due to wrongly set permissions to a binary which allows any local attacker to gain administrative privileges...

PT-2025-46534

Name of the Vulnerable Software and Affected Versions Spectrum Power versions prior to 4.70 SP12 Update 2 Description The application is susceptible to a local privilege escalation. Incorrectly configured permissions on a binary allow a local attacker to obtain administrative privileges...

CVE-2019-15119

lib/install/install.go in cnlh nps through 0.23.2 uses 0777 permissions for /usr/local/bin/nps and/or /usr/bin/nps, leading to a file overwrite by a local user...

Rancher Remote Code Execution via Cluster/Node Drivers

Impact A vulnerability has been identified within Rancher where a cluster or node driver can be used to escape the chroot jail and gain root access to the Rancher container itself. In production environments, further privilege escalation is possible based on living off the land within the Rancher...

Amazon Linux 2023 : ImageMagick, ImageMagick-c++, ImageMagick-c++-devel (ALAS2023-2023-121)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2023-121 advisory. ImageMagick 7.1.0-49 is vulnerable to Denial of Service. When it parses a PNG image e.g., for resize, the convert process could be left waiting for stdin input. CVE-2022-44267 ImageMagick...

SUSE CVE-2019-3688

The /usr/sbin/pinger binary packaged with squid in SUSE Linux Enterprise Server 15 before and including version 4.8-5.8.1 and in SUSE Linux Enterprise Server 12 before and including 3.5.21-26.17.1 had squid:root, 0750 permissions. This allowed an attacker that compromissed the squid user to gain...

CVE-2021-30490

upsMonitor in ViewPower aka ViewPowerHTML 1.04-21012 through 1.04-21353 has insecure permissions for the service binary that enable an Authenticated User to modify files, allowing for privilege escalation...

Cisco Mobility Services Engine Elevation of Privilege Vulnerability

Cisco Mobility Services Engine MSE is a platform Mobility Services Engine that provides Wi-Fi services from Cisco. The platform collects, stores and manages data from wireless clients, Cisco access points and controllers. A security vulnerability exists in Cisco MSE 8.0.120.7 and prior versions...