Lucene search
K

22 matches found

Cvelist
Cvelist
added 2026/03/09 10:28 p.m.42 views

CVE-2026-28267

Multiple i-フィルター products are configured with improper file access permission settings. Files may be created or overwritten in the system directory or backup directory by a non-administrative user...

6.8CVSS0.00105EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2026/01/09 12:16 p.m.11 views

CVE-2018-1000148

An exposure of sensitive information vulnerability exists in Jenkins Copy To Slave Plugin version 1.4.4 and older in CopyToSlaveBuildWrapper.java that allows attackers with permission to configure jobs to read arbitrary files from the Jenkins master file system...

6.5CVSS6.2AI score0.00988EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2002-0352

Malware in sbrugna...

2.1CVSS6.4AI score0.00341EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-1344

Malicious code in bioql PyPI...

9CVSS6.4AI score0.00368EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-3274

Malicious code in bioql PyPI...

9.8CVSS9.3AI score0.01721EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-8644

Malicious code in bioql PyPI...

7.8CVSS6.3AI score0.00072EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.10 views

EUVD-2022-5816

Malicious code in bioql PyPI...

8.8CVSS8.4AI score0.01423EPSS
Exploits0References5
NVD
NVD
added 2025/06/26 3:15 p.m.9 views

CVE-2025-52900

File Browser provides a file managing interface within a specified directory and it can be used to upload, delete, preview, rename and edit files. The file access permissions for files uploaded to or created from File Browser are never explicitly set by the application. The same is true for the...

5.5CVSS0.0019EPSS
Exploits1References2
CVE
CVE
added 2025/06/26 2:35 p.m.30 views

CVE-2025-52900

Summary: CVE-2025-52900 affects the File Browser project. On servers running versions prior to 2.33.7, the application does not explicitly set permissions for uploaded/created files and its database, so file access is governed by the system umask. This can allow all OS accounts on the server to r...

5.5CVSS7.1AI score0.0019EPSS
Exploits1References2Affected Software1
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2025/06/03 5:40 a.m.4 views

Improper file access permission settings in PC Time Tracer

Overview PC Time Tracer provided by Keiyo System Co., LTD contains a vulnerability listed below. Incorrect default permissions CWE-276 - CVE-2025-46355 Ruslan Sayfiev and Masahiro Kawada of GMO Cybersecurity by Ierae, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the develop...

7.3CVSS6.5AI score0.00139EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/03/30 4:47 p.m.21 views

CVE-2025-2713

Google gVisor's runsc component exhibited a local privilege escalation vulnerability due to incorrect handling of file access permissions, which allowed unprivileged users to access restricted files. This occurred because the process initially ran with root-like permissions until the first fork...

7.8CVSS7.2AI score0.00072EPSS
Exploits0References1
NVD
NVD
added 2025/03/28 4:15 p.m.24 views

CVE-2025-2713

Google gVisor's runsc component exhibited a local privilege escalation vulnerability due to incorrect handling of file access permissions, which allowed unprivileged users to access restricted files. This occurred because the process initially ran with root-like permissions until the first fork...

7.8CVSS0.00072EPSS
Exploits0References1
OSV
OSV
added 2025/03/28 3:27 p.m.11 views

CVE-2025-2713 Improper File Permission Handling in Google gVisor runsc

Google gVisor's runsc component exhibited a local privilege escalation vulnerability due to incorrect handling of file access permissions, which allowed unprivileged users to access restricted files. This occurred because the process initially ran with root-like permissions until the first fork...

6.8CVSS5.9AI score0.00072EPSS
Exploits0References4
NVD
NVD
added 2020/11/02 9:15 p.m.20 views

CVE-2020-28044

An attacker with physical access to a PAX Point Of Sale device with ProlinOS through 2.4.161.8859R can boot it in management mode, enable the XCB service, and then list, read, create, and overwrite files with MAINAPP permissions...

7.2CVSS6.4AI score0.00337EPSS
Exploits0References1
The Hacker News
The Hacker News
added 2018/10/30 2:30 p.m.531 views

Windows 10 Bug Let UWP Apps Access All Files Without Users' Consent

Microsoft silently patched a bug in its Windows 10 operating system with the October 2018 update version 1809 that allowed Microsoft Store apps with extensive file system permission to access all files on users' computers without their consent. With Windows 10, Microsoft introduced a common...

0.6AI score
Exploits0
Veracode
Veracode
added 2018/02/26 3:49 p.m.14 views

Incorrect Default Permissions

npm is vulnerable to authorization bypass. During installation, the file access permissions on the local system are bypassed due to a change in ownership of the /etc/ and /usr directories, allowing a malicious file system access...

7.8CVSS7.2AI score0.00327EPSS
Exploits0References3Affected Software1
myhack58
myhack58
added 2014/07/14 12:0 a.m.14 views

Upload the file of trap II pure alphanumeric. swf is a vulnerability?- Vulnerability warning-the black bar safety net

0x00 background In a previous uploaded file trap , the author mentioned for flash cross-domain data hijacking,sometimes does not need us to upload a file. Because we can simply use the JSONP interface,the flash content is assigned to the callback to be used. Just like in the comments@Sogili...

7.2AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2013/01/24 12:0 a.m.52 views

RHEL 4 : JBoss EAP (RHSA-2008:0831)

Updated JBoss Enterprise Application Platform JBEAP 4.3 packages that fix various security issues are now available for Red Hat Enterprise Linux 4 as JBEAP 4.3.0.CP02. This update has been rated as having low security impact by the Red Hat Security Response Team. JBoss Enterprise Application...

6.4CVSS6AI score0.05156EPSS
Exploits2References6
OpenVAS
OpenVAS
added 2012/06/06 12:0 a.m.29 views

RedHat Update for libvirt RHSA-2011:0479-01

Check for the Version of libvirt OpenVAS Vulnerability Test RedHat Update for libvirt RHSA-2011:0479-01 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

3.3CVSS7AI score0.01199EPSS
Exploits0References2
ThreatPost
ThreatPost
added 2010/04/30 8:16 p.m.7 views

MS Offers SharePoint Zero Day Workaround

Microsoft offered an interim work-around for a SharePoint bug that involved disabling access to the help system by running a pair of commands from the command prompt. The commands modify the access control list ACL, Windows’ list of file access permissions. Read the full article. Computerworld...

3.2AI score
Exploits0References1
Rows per page
Query Builder