17 matches found
CVE-2017-18450
cPanel before 64.0.21 allows certain file-chmod operations via /scripts/convertroundcubemysql2sqlite SEC-255...
EUVD-2004-0904
Malware in sbrugna...
EUVD-2013-3369
Malware in sbrugna...
EUVD-2000-0764
Malware in sbrugna...
EUVD-2020-29482
Malware in sbrugna...
CVE-2025-2713 Improper File Permission Handling in Google gVisor runsc
Google gVisor's runsc component exhibited a local privilege escalation vulnerability due to incorrect handling of file access permissions, which allowed unprivileged users to access restricted files. This occurred because the process initially ran with root-like permissions until the first fork...
Cisco APIC Multiple Vulnerabilities (cisco-sa-apic-multi-vulns-9ummtg5)
According to its self-reported version, Cisco Application Policy Infrastructure Controller is affected by multiple vulnerabilities. - A vulnerability in the system file permission handling of Cisco APIC could allow an authenticated, local attacker to overwrite critical system files, which could...
CVE-2024-51448
IBM Robotic Process Automation 21.0.0 through 21.0.7.17 and 23.0.0 through 23.0.18 could allow a local user to escalate their privileges. All files in the install inherit the file permissions of the parent directory and therefore a non-privileged user can substitute any executable for the nssm.ex...
USN-7059-2: OATH Toolkit vulnerability
USN-7059-1 fixed a vulnerability in OATH Toolkit library. This update provides the corresponding update for Ubuntu 24.10. Original advisory details: Fabian Vogt discovered that OATH Toolkit incorrectly handled file permissions. A remote attacker could possibly use this issue to overwrite root own...
Medium: libtiff
Issue Overview: A NULL pointer dereference in TIFFClose is caused by a failure to open an output file non-existent path or a path that requires permissions like /dev/null while specifying zones. CVE-2023-3316 Affected Packages: libtiff Issue Correction: Run dnf update libtiff --releasever...
EulerOS Virtualization 2.10.0 : curl (EulerOS-SA-2022-2872)
According to the versions of the curl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - libcurl provides the CURLOPTCERTINFO option to allow applications torequest details to be returned about a server's certificate...
CVE-2011-3349
lightdm before 0.9.6 writes in .dmrc and Xauthority files using root permissions while the files are in user controlled folders. A local user can overwrite root-owned files via a symlink, which can allow possible privilege escalation...
Scientific Linux Security Update : ghostscript on SL7.x x86_64 (20181127)
Security Fixes : - ghostscript: .tempfile file permission issues 699657 CVE-2018-15908 - ghostscript: shadingparam incomplete type checking 699660 CVE-2018-15909 - ghostscript: missing type check in type checker 699659 CVE-2018-16511 - ghostscript: incorrect access checking in temp file handling ...
RHEL 7 : ghostscript (RHSA-2018:3650)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:3650 advisory. The Ghostscript suite contains utilities for rendering PostScript and PDF documents. Ghostscript translates PostScript code to common bitmap...
Design/Logic Flaw
Multiple untrusted search path vulnerabilities in Cisco Unified Communications Manager CUCM 7.1x through 9.11a allow local users to gain privileges by leveraging unspecified file-permission and environment-variable issues for privileged programs, aka Bug ID CSCuh73454...
BlackBook - Multiple Vunerabilities
------------------------------------------------------------------ - EXPL-A-2003-015 exploitlabs.com Advisory 015 ------------------------------------------------------------------ -= BlackBook =- Donnie Werner July 11, 2003 Vunerabilitys: ---------------- 1. XSS executes JS in PHP remotely 2...
[Full-Disclosure] BlackBook - Multiple Vunerabilities
------------------------------------------------------------------ - EXPL-A-2003-015 exploitlabs.com Advisory 015 ------------------------------------------------------------------ -= BlackBook =- Donnie Werner July 11, 2003 Vunerabilitys: ---------------- 1. XSS executes JS in PHP remotely 2...