5012 matches found
UBUNTU-CVE-2026-24413
Icinga 2 is an open source monitoring system. Starting in version 2.3.0 and prior to versions 2.13.14, 2.14.8, and 2.15.2, the Icinga 2 MSI did not set appropriate permissions for the %ProgramData%\icinga2\var folder on Windows. This resulted in the its contents - including the private key of the...
EUVD-2026-4959
Icinga 2 is an open source monitoring system. Starting in version 2.3.0 and prior to versions 2.13.14, 2.14.8, and 2.15.2, the Icinga 2 MSI did not set appropriate permissions for the %ProgramData%\icinga2\var folder on Windows. This resulted in the its contents - including the private key of the...
CVE-2026-24413
Icinga 2 is an open source monitoring system. Starting in version 2.3.0 and prior to versions 2.13.14, 2.14.8, and 2.15.2, the Icinga 2 MSI did not set appropriate permissions for the %ProgramData%\icinga2\var folder on Windows. This resulted in the its contents - including the private key of the...
CVE-2026-24413 Icinga has insecure permission of %ProgramData%\icinga2\var on Windows
Icinga 2 is an open source monitoring system. Starting in version 2.3.0 and prior to versions 2.13.14, 2.14.8, and 2.15.2, the Icinga 2 MSI did not set appropriate permissions for the %ProgramData%\icinga2\var folder on Windows. This resulted in the its contents - including the private key of the...
CVE-2025-13905
CWE-276: Incorrect Default Permissions vulnerability exists that could cause privilege escalation through the reverse shell when one or more executable service binaries are modified in the installation folder by a local user with normal privilege upon service restart...
CVE-2025-13905
CVE-2025-13905 maps to Schneider Electric EcoStruxure Process Expert (for AVEVA System Platform) with versions prior to 2025 affected. The issue is CWE-276: Incorrect Default Permissions, enabling privilege escalation via a reverse shell when one or more executable service binaries are modified i...
EUVD-2025-206546
CWE-276: Incorrect Default Permissions vulnerability exists that could cause privilege escalation through the reverse shell when one or more executable service binaries are modified in the installation folder by a local user with normal privilege upon service restart...
CVE-2026-0705
Local privilege escalation due to insecure folder permissions. The following products are affected: Acronis Cloud Manager Windows before build 6.4.25342.354...
CVE-2026-0705
Local privilege escalation due to insecure folder permissions. The following products are affected: Acronis Cloud Manager Windows before build 6.4.25342.354...
CVE-2026-0705
Local privilege escalation due to insecure folder permissions. The following products are affected: Acronis Cloud Manager Windows before build 6.4.25342.354...
EUVD-2026-4788
Local privilege escalation due to insecure folder permissions. The following products are affected: Acronis Cloud Manager Windows before build 6.4.25342.354...
CVE-2026-0705
CVE-2026-0705 is a local privilege escalation vulnerability caused by insecure folder permissions. The affected product is Acronis Cloud Manager (Windows) , with versions prior to build 6.4.25342.354 . Multiple sources (NVD, Red Hat, CIRCL, CVE list) corroborate the same issue and affected line, ...
CVE-2026-0705
Local privilege escalation due to insecure folder permissions. The following products are affected: Acronis Cloud Manager Windows before build 6.4.25342.354...
CVE-2026-0705
Local privilege escalation due to insecure folder permissions. The following products are affected: Acronis Cloud Manager Windows before build 6.4.25342.354...
CVE-2020-36938 WinAVR Version 20100110 - Insecure Folder Permissions
WinAVR version 20100110 contains an insecure permissions vulnerability that allows authenticated users to modify system files and executables. Attackers can leverage the overly permissive access controls to potentially modify critical DLLs and executable files in the WinAVR installation directory...
Directory Traversal
Swing Music is vulnerable to Directory Traversal. The vulnerability is due to insufficient path validation in the listfolders function of the /folder/dir-browser endpoint, which allows an authenticated attacker to traverse the filesystem and browse arbitrary directories on the server...
Acronis Cloud Manager security vulnerabilities
Acronis Cloud Manager is a cloud management tool developed by the Swiss company Acronis. It provides advanced monitoring, management, migration, and recovery for Microsoft cloud environments of various sizes. Versions of Acronis Cloud Manager Windows prior to version 6.4.25342.354 contained...
PT-2026-4968
Local privilege escalation due to insecure folder permissions. The following products are affected: Acronis Cloud Manager Windows before build 6.4.25342.354...
CVE-2026-23988 Rufus has Local Privilege Escalation via TOCTOU Race Condition in Fido Script Handling
Rufus is a utility that helps format and create bootable USB flash drives. Versions 4.11 and below contain a race condition TOCTOU in src/net.c during the creation, validation, and execution of the Fido PowerShell script. Since Rufus runs with elevated privileges Administrator but writes the scri...
Azure Linux 3.0 Security Update: junit (CVE-2020-15250)
The version of junit installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2020-15250 advisory. - In JUnit4 from version 4.7 and before 4.13.1, the test rule TemporaryFolder contains a local information...