Lucene search
+L

17 matches found

redhatcve
redhatcve
added 2026/01/09 9:33 a.m.7 views

CVE-2024-39302

BigBlueButton is an open-source virtual classroom designed to help teachers teach and learners learn. An attacker may be able to exploit the overly elevated file permissions in the /usr/local/bigbluebutton/core/vendor/bundle/ruby/2.7.0/gems/resque-2.6.0 directory with the goal of privilege...

3.7CVSS4.1AI score0.00454EPSS
Exploits0References1
euvd
euvd
added 2025/10/07 12:30 a.m.6 views

EUVD-2020-25031

Malware in sbrugna...

7.8CVSS7.5AI score0.00944EPSS
Exploits0References3
euvd
euvd
added 2025/10/07 12:30 a.m.4 views

EUVD-2020-26553

Malware in sbrugna...

8.8CVSS8.6AI score0.01152EPSS
Exploits0References2
euvd
euvd
added 2025/10/07 12:30 a.m.5 views

EUVD-2014-4299

Malware in sbrugna...

3.6CVSS8AI score0.00357EPSS
Exploits0References9
osv
osv
added 2025/06/03 12:59 p.m.8 views

PSF-2025-5

Allows modifying some file metadata e.g. last modified with filter="data" or file permissions chmod with filter="tar" of files outside the extraction directory. You are affected by this vulnerability if using the tarfile module to extract untrusted tar archives using TarFile.extractall or...

5.3CVSS8.1AI score0.00637EPSS
Exploits1References13
redhatcve
redhatcve
added 2025/05/22 7:34 p.m.10 views

CVE-2021-28646

An insecure file permissions vulnerability in Trend Micro Apex One, Apex One as a Service and OfficeScan XG SP1 could allow a local attacker to take control of a specific log file on affected installations...

5.5CVSS6.8AI score0.00424EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/05/22 3:12 p.m.8 views

CVE-2020-14156

userchannel/passwdmgr.cpp in OpenBMC phosphor-host-ipmid before 2020-04-03 does not ensure that /etc/ipmi-pass has strong file permissions...

8.8CVSS6.8AI score0.01809EPSS
Exploits0
cve
cve
added 2025/01/29 4:59 p.m.75 views

CVE-2025-24791

CVE-2025-24791 affects snowflake-connector-nodejs (Snowflake NodeJS Driver) on Linux. The vulnerability allows bypassing file permissions checks for the temporary credential cache, exploitable by an attacker with write access to the local cache directory. Affected versions are 1.12.0 through 2.0....

5.5CVSS4.7AI score0.00143EPSS
Exploits0References2Affected Software1
jvn
jvn
added 2023/07/19 5:48 a.m.2 views

File and Directory Permissions Vulnerability in Hitachi Command Suite

Overview A File and Directory Permissions Vulnerability CVE-2020-36695 exists in Hitachi Command Suite. Impact Regarding the impact of the vulnerability, please refer to the vendor advisory. Solution Please refer to the 'Vendor Information' section for the official countermeasure and take...

7.8CVSS6.9AI score0.00148EPSS
Exploits0References4
nvd
nvd
added 2022/05/17 8:15 p.m.23 views

CVE-2022-0486

Improper file permissions in the CommandPost, Collector, Sensor, and Sandbox components of Fidelis Network and Deception enables an attacker with local, administrative access to the CLI to modify affected files and enable escalation of privileges equivalent to the root user. The vulnerability is...

7.8CVSS0.0038EPSS
Exploits1References1
redhatcve
redhatcve
added 2021/10/04 8:23 p.m.52 views

CVE-2021-41089

A file permissions vulnerability was found in Moby Docker Engine. Copying files by using docker cp into a specially-crafted container can result in Unix file permission changes for existing files in the host's filesystem, which might lead to permissions escalation and allow an attacker access to...

6.3CVSS1.3AI score0.0027EPSS
Exploits0References4
prion
prion
added 2020/11/17 10:15 p.m.29 views

Input validation

An improper file permissions vulnerability affects Kata Containers prior to 1.11.5. When using a Kubernetes hostPath volume and mounting either a file or directory into a container as readonly, the file/directory is mounted as readOnly inside the container, but is still writable inside the guest...

3.6CVSS6.8AI score0.00368EPSS
Exploits0References5Affected Software1
nvd
nvd
added 2018/12/21 3:29 p.m.21 views

CVE-2018-18332

A Trend Micro OfficeScan XG weak file permissions vulnerability may allow an attacker to potentially manipulate permissions on some key files to modify other files and folders on vulnerable installations...

7.5CVSS7.5AI score0.01366EPSS
Exploits0References1
freebsd
freebsd
added 2015/07/29 12:0 a.m.27 views

froxlor -- database password information leak

[email protected] reports: An unauthenticated remote attacker is able to get the database password via webaccess due to wrong file permissions of the /logs/ folder in froxlor version 0.9.33.1 and earlier. The plain SQL password and username may be stored in the /logs/sql-error.log file...

9.8CVSS9.3AI score0.03144EPSS
Exploits0References2
zdt
zdt
added 2015/06/17 12:0 a.m.1294 views

Ubuntu 12.04 / 14.04 / 14.10 / 15.04 overlayfs Local Root Exploit

The overlayfs filesystem does not correctly check file permissions when creating new files in the upper filesystem directory. This can be exploited by an unprivileged process in kernels with CONFIGUSERNS=y and where overlayfs has the FSUSERNSMOUNT flag, which allows the mounting of overlayfs insi...

7.2CVSS0.5AI score0.37679EPSS
Exploits22
openvas
openvas
added 2013/03/12 12:0 a.m.33 views

CentOS Update for infiniband-diags CESA-2013:0509 centos6

Check for the Version of infiniband-diags OpenVAS Vulnerability Test CentOS Update for infiniband-diags CESA-2013:0509 centos6 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/o...

5CVSS6.3AI score0.02821EPSS
Exploits0References2
exploitpack
exploitpack
added 1999/08/25 12:0 a.m.16 views

Microsoft Internet Explorer 5 - FTP Password Storage

Microsoft Internet Explorer 5 - FTP Password Storage Microsoft Internet Explorer 5.0 for Windows 2000/Windows NT 4 FTP Password Storage Vulnerability source: https://www.securityfocus.com/bid/610/info FTP usernames and passwords for sites accessed via Internet Explorer 5.X are stored cleartext in...

7.4AI score
Exploits0
Rows per page
Query Builder