SUSE CVE-2023-43635

Vault Key Sealed With SHA1 PCRs The measured boot solution implemented in EVE OS leans on a PCR locking mechanism. Different parts of the system update different PCR values in the TPM, resulting in a unique value for each PCR entry. These PCRs are then used in order to seal/unseal a key from the...

uutils coreutils 路径遍历漏洞

uutils coreutils is a cross-platform core command-line toolset developed by Uutils. uutils coreutils has a path traversal vulnerability. This vulnerability arises from bypassing the security mechanism that protects the current directory, potentially leading to unexpected or malicious execution of...

GHSA-H5FG-JPGR-RV9C Vert.x-Web Access Control Flaw in StaticHandler’s Hidden File Protection for Files Under Hidden Directories

Description There is a flaw in the hidden file protection feature of Vert.x Web’s StaticHandler when setIncludeHiddenfalse is configured. In the current implementation, only files whose final path segment i.e., the file name begins with a dot . are treated as “hidden” and are blocked from being...

EUVD-2017-9592

Malware in sbrugna...

EUVD-2006-0704

Malware in sbrugna...

EUVD-2020-26914

Malware in sbrugna...

CVE-2023-6119

An Improper Privilege Management vulnerability in Trellix GetSusp prior to version 5.0.0.27 allows a local, low privilege attacker to gain access to files that usually require a higher privilege level. This is caused by GetSusp not correctly protecting a directory that it creates during execution...

CVE-2024-32861

CVE-2024-32861 affects Software House C•CURE 9000 Site Server (3.00.3 and earlier). Root cause: installer directories containing executables (C:\CouchDB\bin) are given unnecessarily wide permissions. Impact: potential exposure of credentials and other sensitive data; CVSS v3.1 base 7.8 (LOCAL, LO...

Tenable Network Security Nessus Agent Elevation of Privilege Vulnerability

The Tenable Network Security Nessus Agent is a component of the Nessus Vulnerability Scanning Tool developed by Tenable to extend scanning capabilities to other devices on the network. An elevation of privilege vulnerability exists in Tenable Network Security Nessus Agent that stems from a failur...

Tenable Network Security Nessus 安全漏洞

The Tenable Network Security Nessus Agent is a component of the Nessus Vulnerability Scanning Tool developed by Tenable to extend scanning capabilities to other devices on the network. An elevation of privilege vulnerability exists in Tenable Network Security Nessus Agent that stems from a failur...

Privilege escalation

An Improper Privilege Management vulnerability in Trellix GetSusp prior to version 5.0.0.27 allows a local, low privilege attacker to gain access to files that usually require a higher privilege level. This is caused by GetSusp not correctly protecting a directory that it creates during execution...

weak Password Policy Directory Protection

Hello, The strong Password Policy is everywhere in place. BUT The Directory Protection Part allows to bypass this strong Password Policy and setting a Password like 1. This is very easy to bruteforce. Lets see : ------ Password is set to 1 and it will get accepted. As you can see the Password got...

Github Git 代码问题漏洞

Github Git is a free, open source distributed version control system. A security vulnerability exists in Github Git that originates from the ability to bypass secure directory protection and affects the following products and versions: Git versions prior to 2.37.1, 2.36.2, 2.35.4, 2.34.4, 2.33.4,...

GHSA-2C28-7GWV-CPGF Mediawiki tarball is missing .htaccess files

Mediawiki 1.31 before 1.31.1 misses .htaccess files in the provided tarball used to protect some directories that shouldn't be web accessible...

CVE-2021-37704 Exposed phpinfo() in PhpFastCache

PhpFastCache is a high-performance backend cache system packagist package phpfastcache/phpfastcache. In versions before 6.1.5, 7.1.2, and 8.0.7 the phpinfo can be exposed if the /vendor is not protected from public access. This is a rare situation today since the vendor directory is often located...

openGauss: Restricting the Permission for the ${GAUSSHOME}/share Directory

The $GAUSSHOME /share directory stores the shared components of openGauss. To prevent them from being tampered or damaged, the directory must be protected and deny unauthorized user access. Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced source...

CVE-2017-18476

Leech Protect in cPanel before 62.0.4 does not protect certain directories SEC-205...

UBUNTU-CVE-2018-13258

Mediawiki 1.31 before 1.31.1 misses .htaccess files in the provided tarball used to protect some directories that shouldn't be web accessible...

Unable to Delete Credentials

Challenge When attempting to delete credentials from the credentials manager, a message box states: Unable to delete credentials because they are currently in use. See details for more info. Cause You cannot delete a record that is already used for any component in the backup infrastructure...

TippingPoint SMS Server Authentication Bypass Vulnerability

This vulnerability may allow attackers to access sensitive information from vulnerable TippingPoint SMS servers. The specific flaw exists within the web management interface. Due to insufficient protections on specific directories, an attacker with access to the web interface may be able to view...