Lucene search
K

29 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2004-1925

Malware in sbrugna...

2.1CVSS6.4AI score0.00353EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-1999-1319

Malware in sbrugna...

5CVSS6.4AI score0.00985EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2014-1129

Malware in sbrugna...

10CVSS9.5AI score0.01252EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-28223

Malicious code in bioql PyPI...

7.5CVSS6.1AI score0.00796EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/01/17 12:0 a.m.13 views

Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS : Audacity vulnerability (USN-7211-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-7211-1 advisory. Mike Salvatore discovered that Audacity incorrectly handled default permissions of temporary files created by the application. An attacker...

3.3CVSS5AI score0.00469EPSS
Exploits0References2
NVD
NVD
added 2024/04/19 5:15 a.m.15 views

CVE-2024-29964

Brocade SANnav versions before v2.3.0a do not correctly set permissions on files, including docker files. An unprivileged attacker who gains access to the server can read sensitive information from these files...

6.5CVSS5.3AI score0.0052EPSS
Exploits0References1
Prion
Prion
added 2022/11/09 9:15 p.m.20 views

Security feature bypass

The SmartTrimProcessEvent module has a vulnerability of obtaining the read and write permissions on arbitrary system files. Successful exploitation of this vulnerability may affect data confidentiality...

5CVSS7.6AI score0.004EPSS
Exploits0References2Affected Software2
Positive Technologies
Positive Technologies
added 2022/08/23 12:0 a.m.4 views

PT-2022-10609 · Unknown · Ansible-Runner

Name of the Vulnerable Software and Affected Versions: ansible-runner version 2.0.0 Description: A flaw was found in ansible-runner where the default temporary files configuration is written to world R/W locations. This flaw allows an attacker to pre-create the directory, resulting in reading...

6.8CVSS6.3AI score0.00264EPSS
Exploits0References14
OSV
OSV
added 2022/07/18 3:15 p.m.5 views

CVE-2022-34891

This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop Parallels Desktop 17.1.1. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists...

7.8CVSS6.2AI score0.00277EPSS
Exploits0References2
OSV
OSV
added 2021/09/08 3:15 p.m.4 views

CVE-2021-1832

Copied files may not have the expected file permissions. This issue is fixed in Security Update 2021-002 Catalina, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5, macOS Big Sur 11.3. The issue was addressed with improved permissions logic...

5.5CVSS5.8AI score0.00911EPSS
Exploits0References5
CNVD
CNVD
added 2021/06/09 12:0 a.m.6 views

Adobe Premiere Elements Elevation of Privilege Vulnerability

Adobe Premiere Elements is a video editing software. An elevation of privilege vulnerability exists in Adobe Premiere Elements 5.2 and earlier versions. The vulnerability originates from the creation of temporary files in a directory with incorrect permissions. An attacker can exploit the...

6.2CVSS6.7AI score0.00476EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2021/05/19 12:0 a.m.5 views

The vulnerability of the Cisco AnyConnect Secure Mobility Client’s encryption protection removal process allows a perpetrator to execute arbitrary code with SYSTEM privileges.

The vulnerability of the Cisco AnyConnect Secure Mobility Client’s encryption protection removal process for Windows involves the creation of temporary files with insecure permissions. Exploiting this vulnerability allows a hacker to execute arbitrary code with SYSTEM privileges...

7CVSS7.6AI score0.00249EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/05/19 12:0 a.m.8 views

The vulnerability of the Cisco AnyConnect Secure Mobility Client’s encryption protection removal process allows a perpetrator to execute arbitrary code with SYSTEM privileges.

The vulnerability of the Cisco AnyConnect Secure Mobility Client’s encryption protection removal process for Windows involves the creation of temporary files with insecure permissions. Exploiting this vulnerability allows a hacker to execute arbitrary code with SYSTEM privileges...

7CVSS7.6AI score0.00249EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2021/03/04 9:15 p.m.6 views

AZL-39352 CVE-2021-24032 affecting package ceph for versions less than 16.2.10-3

Beginning in v1.4.1 and prior to v1.4.9, due to an incomplete fix for CVE-2021-24031, the Zstandard command-line utility created output files with default permissions and restricted those permissions immediately afterwards. Output files could therefore momentarily be readable or writable to...

4.7CVSS6.2AI score0.00346EPSS
Exploits0References1
OSV
OSV
added 2021/02/03 6:15 p.m.3 views

CVE-2021-23331

This affects all versions of package com.squareup:connect. The method prepareDownloadFilecreates creates a temporary file with the permissions bits of -rw-r--r-- on unix-like systems. On unix-like systems, the system temporary directory is shared between users. As such, the contents of the file...

3.3CVSS5.8AI score0.00341EPSS
Exploits0References2
OSV
OSV
added 2020/06/16 1:15 p.m.2 views

CVE-2020-13431

I2P before 0.9.46 allows local users to gain privileges via a Trojan horse I2PSvc.exe file because of weak permissions on a certain %PROGRAMFILES% subdirectory...

7.8CVSS7.1AI score0.00309EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2020/02/21 12:0 a.m.94 views

PHP 7.3.x < 7.3.15, 7.4.x < 7.4.3 Multiple Vulnerabilities (Feb 2020) - Windows

PHP is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:php:php"; if description...

9.1CVSS8.5AI score0.03976EPSS
Exploits3References2
OpenVAS
OpenVAS
added 2020/02/21 12:0 a.m.123 views

PHP < 7.2.28 Multiple Vulnerabilities (Feb 2020) - Windows

PHP is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:php:php"; if description...

7.5CVSS8.5AI score0.0351EPSS
Exploits2References1
OSV
OSV
added 2019/03/12 5:46 p.m.2 views

USN-3907-1 walinuxagent vulnerability

It was discovered that WALinuxAgent created swap files with incorrect permissions. A local attacker could possibly use this issue to obtain sensitive information from the swap file...

6.5CVSS6.4AI score0.05255EPSS
Exploits0References2
FreeBSD
FreeBSD
added 2016/07/30 12:0 a.m.9 views

lives -- insecure files permissions

Debian reports: smogrify script creates insecure temporary files. lives creates and uses world-writable directory...

1.6AI score
Exploits0References2
Rows per page
Query Builder