19 matches found
EUVD-2002-1903
Malware in sbrugna...
EUVD-2020-27443
Malware in sbrugna...
EUVD-1999-1461
Malware in sbrugna...
EUVD-2018-20449
Malware in sbrugna...
EUVD-2010-3898
Malware in sbrugna...
EUVD-2017-4238
Malware in sbrugna...
CVE-2025-53964
Removed by vendor...
Medium: perl-YAML-LibYAML
Issue Overview: YAML-LibYAML prior to 0.903.0 for Perl uses 2-args open, allowing existing files to be modified CVE-2025-40908 Affected Packages: perl-YAML-LibYAML Issue Correction: Run dnf update perl-YAML-LibYAML --releasever 2023.7.20250623 or dnf update --advisory ALAS2023-2025-1036...
Siemens Mendix Studio Pro
SUMMARY Mendix Studio Pro contains a vulnerability in the module installation process, that could allow an attacker to write or modify arbitrary files in directories outside a developer’s project directory. Siemens has released new versions for several affected products and recommends to update...
CVE-2024-39916
FOG is a free open-source cloning/imaging/rescue suite/inventory management system. There is a security issue with the NFS configuration in /etc/exports generated by the installer that allows an attacker to modify files outside the export in the default installation. The exports have the...
CVE-2020-7583
A vulnerability has been identified in Automation License Manager 5 All versions, Automation License Manager 6 All versions V6.0.8. The application does not properly validate the users' privileges when executing some operations, which could allow a user with low permissions to arbitrary modify...
CVE-2025-24406 Adobe Commerce | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') (CWE-22)
Adobe Commerce versions 2.4.8-beta1, 2.4.7-p3, 2.4.6-p8, 2.4.5-p10, 2.4.4-p11 and earlier are affected by an Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability that could lead to a security feature bypass. An unauthenticated attacker could exploit this...
Kata Containers Security Vulnerability
Kata Containers is an open source lightweight virtual machine builder from the Kata Containers community. A security vulnerability exists in Kata Containers versions prior to 1.11.5 that stems from an improper file permission vulnerability affecting Kata containers. When using a Kubernetes hostPa...
SAP ERP Client E-Bilanz Access Control Error Vulnerability
SAP ERP is a series of software for ERP management from SAP in Germany. An Access Control Error vulnerability exists in SAP ERP Client E-Bilanz version 1.0, which stems from an installation setting incorrectly setting the default file system permissions in its installation folder, allowing anyone...
Vulnerability of the 1C-Bitrix web project management system: Website management that allows malicious actors to bypass access restrictions
Vulnerability of the 1C-Bitrix web project management system: Website management related to errors in the integrity control mechanism of the control scripts. Exploiting this vulnerability allows a malicious actor to manipulate the integrity check mechanism and modify files within the system witho...
CVE-2002-1924
PowerChute plus 5.0.2 creates a "Pwrchute" directory during installation that is shared and world writeable, which could allow remote attackers to modify or create files in that directory...
Security bugs in interactions between IE 5.x, IIS 5.0 and Exchange 2000
Georgi Guninski security advisory 40, 2001 Security bugs in interactions between IE 5.x, IIS 5.0 and Exchange 2000 Systems affected: The bug is in IE 5.x Win2K, probably others but interaction with IIS 5.0 or Exchange web storage is required Risk: High Date: 28 March 2001 Legal Notice: This...
CVE-2000-0431
Cobalt RaQ2 and RaQ3 does not properly set the access permissions and ownership for files that are uploaded via FrontPage, which allows attackers to bypass cgiwrap and modify files...
Security Update for Microsoft Office 2016 (KB4475581) 64-Bit Edition
A security vulnerability exists in Microsoft Office 2016 64-Bit Edition that could allow arbitrary code to run when a maliciously modified file is opened. This update resolves that vulnerability...