Asterisk 安全漏洞

Asterisk is a software for PBX systems developed by Asterisk OpenSource. It runs on Linux systems and supports IP calls using SIP, IAX, and H323 protocols. Versions prior to 20.7-cert9, 20.18.2, 21.12.1, 22.8.2, and 23.2.2 have security vulnerabilities. These vulnerabilities stem from astcoredump...

Anaconda Miniconda3 安全漏洞

Anaconda Miniconda3 is a free conda minimal installer from Anaconda USA. A security vulnerability exists in Anaconda Miniconda3 versions prior to 23.11.0-1, which stems from a global writable file that is created during installation and executed with root privileges, potentially resulting in...

Anaconda3 安全漏洞

Anaconda3 is a distribution of the Python and R programming languages for scientific computing data science, machine learning applications, large-scale data processing, predictive analytics, etc. from the US-based Anaconda Inc. Dedicated to simplifying package management systems and deployment. A...

EUVD-2025-113159

Malicious code in global-writable-hugo-yonder npm...

PT-2025-3947 · G Data · G Data Management Server

Name of the Vulnerable Software and Affected Versions: G DATA Management Server versions are not explicitly specified in the provided sources. Description: The issue is related to incorrect assignment of privileges of temporary files in the update mechanism, allowing a local, unprivileged attacke...

PT-2025-3948 · G Data · G Data Security Client

Name of the Vulnerable Software and Affected Versions: G DATA Security Client versions are not explicitly specified in the provided descriptions. Description: The issue is related to incorrect assignment of privileges to directories in G DATA Security Client, allowing a local, unprivileged attack...

CVE-2021-46912

A flaw was found in the network sub-component in the Linux Kernel. The tcpallowedcongestioncontrol is global and writable, and writing to it in any net namespace will leak into all other net namespaces...

LG Mobile Security Breach

LG mobile is a series of mobile device products from South Korea's Luckin LG. A security vulnerability exists in LG Mobile. An attacker could use this vulnerability to change the file access mode to globally readable and globally writable...

Cloudflare cloudflared 后置链接漏洞

Cloudflare cloudflared is a cloud server security management platform from American company Cloudflare. The platform provides firewall analysis, cache control, role-based access, and more. A security vulnerability exists in Cloudflare cloudflared Windows 32-bit version 2023.3.0 and earlier, which...

Red Hat openshift node-utils 安全漏洞

Red Hat openshift node-utils is a cloud application Platform-as-a-Service PaaS package from Red Hat, Inc. A security vulnerability exists in Red Hat openshift node-utils, which originates when watchman creates /var/run/watchman.pid and /var/log/watchman.ouput with global writable privileges...

Dell EMC iDRAC Insecure File Permissions Vulnerability

The Dell EMC iDRAC Service Module iSM is a suite of lightweight software from Dell Inc. that runs on servers. The software extends the Integrated Dell EMC Remote Access Controller iDRAC to the host operating system. A security vulnerability exists in the Dell EMC iSM for Linux and XenServer based...

Juniper JSNAPy Global Writable Default Profile Permissions Vulnerability

JSNAPy is Juniper developed Junos Snapshot Administrator open source python version. Juniper JSNAPy is vulnerable to a global writable default configuration file permissions vulnerability. An unprivileged local user could use this insecure file and directory permissions to change files in this...

Puppet Agent Global Writable Module Vulnerability

Puppet is a set of Puppet Labs configuration management tools based on the client/server C/S architecture.Puppet Agent is one of the agents. A security vulnerability exists in Puppet Agent versions prior to 5.3.4 and prior to 1.10.10. An attacker could exploit this vulnerability to assign global...

Foxit Reader Arbitrary Code Execution Vulnerability (CNVD-2016-10596)

Foxit Reader is China's Foxit Foxit Software Corporation, a PDF document reader. An arbitrary code execution vulnerability exists in Foxit Reader for Mac 2.1.0.0804 and earlier and Foxit Reader for Linux 2.1.0.0805 and earlier, which stems from the program's use of default global writable...

Symantec pcAnywhere 12.x不安全文件权限漏洞

BUGTRAQ ID: 51593 CVE ID: CVE-2011-3479 Symantec PCAnywhere是全球最畅销的用于管理服务器和提供管理人员支持的远程控制解决方案。 pcAnywhere对产品安装文件采用全局可写权限，可使本地用户通过修改文件获取权限。 0 Symantec pcAnywhere 12.x 厂商补丁： Symantec -------- 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载： http://www.symantec.com/business/securityresponse/...