7 matches found
CVE-2026-20240 Denial of Service through coldToFrozen.sh Script in Splunk Enterprise
In Splunk Enterprise versions below 10.2.2, 10.0.5, 9.4.11, and 9.3.12, and Splunk Cloud Platform versions below 10.4.2603.1, 10.3.2512.9, 10.2.2510.11, 10.1.2507.21, 10.0.2503.13, and 9.3.2411.129, a low-privileged user that does not hold the ‘admin’ or ‘power’ Splunk roles could cause a Denial ...
containerd affected by a local privilege escalation via wide permissions on CRI directory
Impact An overly broad default permission vulnerability was found in containerd. - /var/lib/containerd was created with the permission bits 0o711, while it should be created with 0o700 - Allowed local users on the host to potentially access the metadata store and the content store -...
EUVD-2023-23762
Malicious code in bioql PyPI...
CVE-2025-0750 Cri-o: cri-o path traversal in log handling functions allows arbitrary unmounting
A vulnerability was found in CRI-O. A path traversal issue in the log management functions UnMountPodLogs and LinkContainerLogs may allow an attacker with permissions to create and delete Pods to unmount arbitrary host paths, leading to node-level denial of service by unmounting critical system...
PT-2023-17046 · Robodk · Robodk
Name of the Vulnerable Software and Affected Versions: RoboDK versions 5.5.3 and prior Description: The issue is related to an insecure permission assignment to critical directories, which could allow a local user to escalate privileges and write files to the RoboDK process, achieving code...
CVE-2022-23448
A vulnerability has been identified in SIMATIC Energy Manager Basic All versions V7.3 Update 1, SIMATIC Energy Manager PRO All versions V7.3 Update 1. Affected applications improperly assign permissions to critical directories and files used by the application processes. This could allow a local...
U.S. Dept Of Defense: [██████████] — Directory traversal via `/aerosol-bin/███████/display_directory_████_t.cgi`
Description On the domain https://█████████, there is a vulnerable endpoint that lets an attacker preview and browse the whole server including all the server's critical directories such as etc , var, cache etc. located in the root directory of this Linux web server. This vulnerable endpoint is...