18 matches found
EUVD-2003-0638
Malware in sbrugna...
EUVD-2013-4363
Malware in sbrugna...
EUVD-2022-43041
Malicious code in bioql PyPI...
CVE-2022-36830
PendingIntent hijacking vulnerability in cancelAlarmManager in Charm by Samsung prior to version 1.2.3 allows local attackers to access files without permission via implicit intent...
CVE-2025-31182
CVE-2025-31182 : Apple addresses an issue where an app could delete files it should not access due to improper handling of symlinks. The vulnerability affects multiple Apple OS versions and is fixed in visionOS 2.4, macOS Ventura 13.7.5, tvOS 18.4, iOS 18.4, iPadOS 18.4, macOS Sequoia 15.4, and m...
CVE-2023-46870
extcap/nrfsnifferble.py, extcap/nrfsnifferble.sh, extcap/SnifferAPI/.py in Nordic Semiconductor nRF Sniffer for Bluetooth LE 3.0.0, 3.1.0, 4.0.0, 4.1.0, and 4.1.1 have set incorrect file permission, which allows attackers to do code execution via modified bash and python scripts...
Debian dla-4035 : flightgear - security update
The remote Debian 11 host has a package installed that is affected by a vulnerability as referenced in the dla-4035 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4035-1 [email protected] https://www.debian.org/lts/security/...
CVE-2016-10849
cPanel before 11.54.0.4 allows certain file-chmod operations in scripts/secureit SEC-82...
SUSE-SU-2019:1722-1 Security update for glib2
This update for glib2 provides the following fix: Security issues fixed: - CVE-2019-12450: Fixed an improper file permission when copy operation takes place bsc1137001. - CVE-2018-16428: Avoid a null pointer dereference that could crash glib2 users in markup processing bnc1107121. - CVE-2018-1642...
SUSE-SU-2019:14102-1 Security update for glib2
This update for glib2 fixes the following issues: Security issue fixed: - CVE-2019-12450: Fixed an improper file permission when copy operation takes place bsc1137001...
SUSE-SU-2019:1594-1 Security update for glib2
This update for glib2 fixes the following issues: Security issue fixed: - CVE-2019-12450: Fixed an improper file permission when copy operation takes place bsc1137001. Other issue addressed: - glib2 was handling an UNKNOWN connectivity state from NetworkManager as if there was a connection thus...
CVE-2010-0825
lib-src/movemail.c in movemail in emacs 22 and 23 allows local users to read, modify, or delete arbitrary mailbox files via a symlink attack, related to improper file-permission checks...
aeNovo Database Content Disclosure Vulnerability
Due to improper file permission settings on the database directory of aeNovo it is possible for a remote attacker to download the product SPDX-FileCopyrightText: 2005 Noam Rathaus Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right...
Low: Red Hat Security Advisory: cpio security update
An updated cpio package that fixes a umask bug is now available for Red Hat Enterprise Linux 4. This update has been rated as having low security impact by the Red Hat Security Response Team GNU cpio copies files into or out of a cpio or tar archive. It was discovered that cpio uses a 0 umask whe...
CVE-2000-1127
registrar in the HP resource monitor service allows local users to read and modify arbitrary files by renaming the original registrar.log log file and creating a symbolic link to the target file, to which registrar appends log information and sets the permissions to be world readable...
Netscape Communicator 4.5/4.51/4.6/4.61/4.7/4.72/4.73 - '/tmp' Symlink
source: https://www.securityfocus.com/bid/1201/info Netscape Communicator version 4.73 and prior may be susceptible to a /tmp file race condition when importing certificates. Netscape creates a /tmp file which is world readable and writable in /tmp, without calling stat or fstat on the file. As...
CVE-1999-1545
Joe's Own Editor joe 2.8 sets the world-readable permission on its crash-save file, DEADJOE, which could allow local users to read files that were being edited by other users...
CVE-1999-1229
Quake 2 server 3.13 on Linux does not properly check file permissions for the config.cfg configuration file, which allows local users to read arbitrary files via a symlink from config.cfg to the target file...