11 matches found
EUVD-2020-6090
Malware in sbrugna...
CVE-2025-24791 snowflake-connector-nodejs has incorrect validation of temporary credential cache file permissions
snowflake-connector-nodejs is a NodeJS driver for Snowflake. Snowflake discovered and remediated a vulnerability in the Snowflake NodeJS Driver. File permissions checks of the temporary credential cache could be bypassed by an attacker with write access to the local cache directory. This...
Race condition
In update of MmsProvider.java, there is a possible way to bypass file permission checks due to a race condition. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2023-21290
In update of MmsProvider.java, there is a possible way to bypass file permission checks due to a race condition. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2023-21290
CVE-2023-21290 affects Google Android (MmsProvider.java) and is due to a race condition that can bypass file permission checks. This enables local denial of service with no additional execution privileges and requires no user interaction to exploit. Public references indicate Android security bul...
Authorization Bypass
kernel-rt is vulnerable to authorization bypass. A flaw was found in the way file permission checks for the /dev/cpu/x/msr files were performed in restricted root environments for example, when using a capability-based security model. A local user with the ability to write to these files could us...
Important: Red Hat Security Advisory: kernel security update
Updated kernel packages that fix two security issues are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
CVE-2010-0825
lib-src/movemail.c in movemail in emacs 22 and 23 allows local users to read, modify, or delete arbitrary mailbox files via a symlink attack, related to improper file-permission checks...
CVE-2010-0825
CVE-2010-0825 affects movemail in emacs 22 and 23. The vulnerability arises in lib-src/movemail.c, where a symlink attack combined with improper file-permission checks lets a local user read, modify, or delete arbitrary mailbox files. The issue is documented across multiple advisories (Mandriva M...
CVE-2010-0825
lib-src/movemail.c in movemail in emacs 22 and 23 allows local users to read, modify, or delete arbitrary mailbox files via a symlink attack, related to improper file-permission checks...
CVE-2010-0825
lib-src/movemail.c in movemail in emacs 22 and 23 allows local users to read, modify, or delete arbitrary mailbox files via a symlink attack, related to improper file-permission checks...