Lucene search
K

20 matches found

Vulnrichment
Vulnrichment
added 2025/12/02 9:3 p.m.1 views

CVE-2025-64642 Mirion Medical EC2 Software NMIS BioDose Incorrect Permission Assignment for Critical Resource

NMIS/BioDose V22.02 and previous versions' installation directory paths by default have insecure file permissions, which in certain deployment scenarios can enable users on client workstations to modify the program executables and libraries...

8CVSS6.5AI score0.00103EPSS
Exploits0References1
NVD
NVD
added 2025/08/04 8:15 a.m.23 views

CVE-2025-41658

CODESYS Runtime Toolkit-based products may expose sensitive files to local low-privileged operating system users due to default file permissions...

5.5CVSS0.00115EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/08/04 12:0 a.m.2 views

CODESYS Runtime Toolkit 安全漏洞

CODESYS Runtime Toolkit is a comprehensive software development kit for programmable controllers from CODESYS, Germany. It is used to transform embedded platforms or industrial PCs into controllers and supports secondary development. A security vulnerability exists in CODESYS Runtime Toolkit, whi...

5.5CVSS6.6AI score0.00115EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/22 10:24 p.m.4 views

CVE-2022-21704

log4js-node is a port of log4js to node.js. In affected versions default file permissions for log files created by the file, fileSync and dateFile appenders are world-readable in unix. This could cause problems if log files contain sensitive information. This would affect any users that have not...

5.5CVSS6.7AI score0.00302EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/11/15 12:0 a.m.4 views

Cisco Industrial Network Director 安全漏洞

Cisco Industrial Network Director IND is an industrial automation management system from the American company Cisco. The system automates the management of industrial Ethernet infrastructure by visualizing its operation. Cisco Industrial Network Director has a security vulnerability that stems fr...

5.5CVSS6.5AI score0.00198EPSS
Exploits0References1
OSV
OSV
added 2024/09/12 8:15 p.m.4 views

CVE-2024-8533

A privilege escalation vulnerability exists in the Rockwell Automation affected products. The vulnerability occurs due to improper default file permissions allowing users to exfiltrate credentials and escalate privileges...

8.8CVSS5.8AI score0.01284EPSS
Exploits0References1
NVD
NVD
added 2024/09/12 8:15 p.m.22 views

CVE-2024-8533

A privilege escalation vulnerability exists in the Rockwell Automation affected products. The vulnerability occurs due to improper default file permissions allowing users to exfiltrate credentials and escalate privileges...

8.8CVSS0.01284EPSS
Exploits0References1
CVE
CVE
added 2024/09/12 8:6 p.m.54 views

CVE-2024-8533

The CVE-2024-8533 issue affects Rockwell Automation OptixPanel products (e.g., 2800C OptixPanel Compact, 2800S OptixPanel Standard, Embedded Edge Compute Module). The vulnerability stems from improper default file permissions in the affected software, enabling credential exfiltration and privileg...

8.8CVSS9AI score0.01284EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2024/09/12 12:0 a.m.2 views

Rockwell Automation多款产品 安全漏洞

Rockwell Automation 2800C OptixPanel Compact and others are products of Rockwell Automation, Inc.Rockwell Automation 2800C OptixPanel Compact is a compact operator panel. Rockwell Automation 2800S OptixPanel Standard is a standard operator panel.Rockwell Automation Embedded Edge Compute Module is...

8.8CVSS6.8AI score0.01284EPSS
Exploits0References2
OSV
OSV
added 2024/08/14 8:15 p.m.4 views

CVE-2024-7513

CVE-2024-7513 IMPACT A code execution vulnerability exists in the affected product. The vulnerability occurs due to improper default file permissions allowing any user to edit or replace files, which are executed by account with elevated permissions...

8.8CVSS6.2AI score0.01656EPSS
Exploits0References1
VulnCheck KEV
VulnCheck KEV
added 2024/06/18 12:0 a.m.8 views

VulnCheck KEV: CVE-2022-22948

VMware vCenter Server contains an incorrect default file permissions vulnerability that allows a remote, privileged attacker to gain access to sensitive information...

6.5CVSS7.3AI score0.13935EPSS
Exploits2References1
Vulnrichment
Vulnrichment
added 2023/10/16 4:20 p.m.19 views

CVE-2023-45690 Information leak via default file permissions on Titan MFT and Titan SFTP servers

Default file permissions on South River Technologies' Titan MFT and Titan SFTP servers on Linux allows a user that's authentication to the OS to read sensitive files on the filesystem...

6.9AI score0.01481EPSS
Exploits1References2
OSV
OSV
added 2023/05/03 3:15 p.m.2 views

CVE-2023-28724

NGINX Management Suite default file permissions are set such that an authenticated attacker may be able to modify sensitive files on NGINX Instance Manager and NGINX API Connectivity Manager. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

7.1CVSS7.1AI score0.00171EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2022/01/19 12:0 a.m.4 views

PT-2022-1771 · Unknown · Log4Js-Node

Name of the Vulnerable Software and Affected Versions: log4js-node versions prior to 6.4.0 Description: The issue is related to the default file permissions for log files created by the file, fileSync, and dateFile appenders in log4js-node, which are world-readable in Unix. This could cause...

5.5CVSS5.5AI score0.00302EPSS
Exploits0References21
CNNVD
CNNVD
added 2021/09/21 12:0 a.m.3 views

SonicWall Global VPN client 安全漏洞

Sonicwall SonicWall Global VPN client is a Vpn software from SonicWall USA that works with the SonicWALL firewall. The software enables remote employees and vendors to access the company's network. A security vulnerability exists in SonicWall Global VPN Client 4.10.5 that stems from incorrect...

7.8CVSS7.6AI score0.00403EPSS
Exploits0References3
OSV
OSV
added 2021/03/04 9:15 p.m.3 views

ALPINE-CVE-2021-24032

Beginning in v1.4.1 and prior to v1.4.9, due to an incomplete fix for CVE-2021-24031, the Zstandard command-line utility created output files with default permissions and restricted those permissions immediately afterwards. Output files could therefore momentarily be readable or writable to...

4.7CVSS6.9AI score0.00346EPSS
Exploits0References1
OSV
OSV
added 2021/02/08 9:17 p.m.3 views

GHSA-5MCR-GQ6C-3HQ2 Local Information Disclosure Vulnerability in Netty on Unix-Like systems

Impact When netty's multipart decoders are used local information disclosure can occur via the local system temporary directory if temporary storing uploads on the disk is enabled. The CVSSv3.1 score of this vulnerability is calculated to be a 6.2/10 Vulnerability Details On unix-like systems, th...

6.2CVSS6.7AI score0.01777EPSS
Exploits2References41
CNVD
CNVD
added 2017/07/25 12:0 a.m.2 views

IBM WebSphere Application Server Local Security Bypass Vulnerability

IBM WebSphere Application Server WAS is an application server product developed and distributed by IBM in the U.S. It is a platform for Java EE and Web services applications, and is the foundation of the IBM WebSphere software platform. A security vulnerability exists in IBM WAS that stems from t...

7.1CVSS7AI score0.00373EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2012/10/16 1:22 p.m.6 views

AMI: insecure default file permissions for /var/cache/jboss-ec2-eap

EC2 Amazon Machine Image AMI in JBoss Enterprise Application Platform EAP 5.1.2 uses 755 permissions for /var/cache/jboss-ec2-eap/, which allows local users to read sensitive information such as Amazon Web Services AWS credentials by reading files in the directory...

2.1CVSS5.8AI score0.00353EPSS
Exploits0References4
exploitpack
exploitpack
added 2007/08/30 12:0 a.m.21 views

Microworld eScan (Multiple Products) - Local Privilege Escalation

Microworld eScan Multiple Products - Local Privilege Escalation source: https://www.securityfocus.com/bid/25493/info Multiple MicroWorld eScan products are vulnerable to a local privilege-escalation vulnerability because of insecure default file permissions. Attackers can exploit this issue to...

0.3AI score
Exploits0
Rows per page
Query Builder