54 matches found
CVE-2026-28267
Multiple i-フィルター products are configured with improper file access permission settings. Files may be created or overwritten in the system directory or backup directory by a non-administrative user...
Improper file access permission settings in multiple Digital Arts products
Overview Multiple products provided by Digital Arts Inc. contains the following vulnerability. Incorrect default permissions CWE-276 - CVE-2026-28267 Kazuma Matsumoto of GMO Cybersecurity by IERAE, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information...
IBM Concert 安全漏洞
IBM Concert is a new tool developed by the American international business company IBM. It utilizes generative AI to assist in managing complex cloud-native applications. Versions 1.0.0 to 2.1.0 of IBM Concert contain security vulnerabilities, which stem from improper file permission settings for...
CVE-2026-20092
A vulnerability in the read-only maintenance shell of Cisco Intersight Virtual Appliance could allow an authenticated, local attacker with administrative privileges to elevate privileges to root on the virtual appliance. This vulnerability is due to improper file permissions on configuration file...
EUVD-2026-3659
A vulnerability in the read-only maintenance shell of Cisco Intersight Virtual Appliance could allow an authenticated, local attacker with administrative privileges to elevate privileges to root on the virtual appliance. This vulnerability is due to improper file permissions on configuration file...
PT-2026-3788
Name of the Vulnerable Software and Affected Versions Cisco Intersight Virtual Appliance affected versions not specified Description A flaw exists in the read-only maintenance shell of the appliance that may allow a local attacker with administrative privileges to gain root access. This is caused...
Wondershare MirrorGo 安全漏洞
Wondershare MirrorGo is an Android screen casting and control software from China's Wanxing Technology Wondershare. A security vulnerability exists in Wondershare MirrorGo version 2.0.11.346, which stems from improper file permissions that could lead to local elevation of privileges...
Siemens Spectrum Power 安全漏洞
Siemens Spectrum Power is an energy management system from Siemens Germany. A security vulnerability exists in Siemens Spectrum Power versions prior to V4.70 SP12 Update 2, which stems from improperly set permissions on a binary file, which could result in elevated local privileges...
EUVD-2018-3124
Malware in sbrugna...
EUVD-2017-0193
Malware in sbrugna...
EUVD-2017-11876
Malware in sbrugna...
EUVD-2024-48421
Malicious code in bioql PyPI...
EUVD-2024-23258
Malicious code in bioql PyPI...
CVE-2025-36193 IBM Transformation Advisor incorrect permissions
IBM Transformation Advisor 2.0.1 through 4.3.1 incorrectly assigns privileges to security critical files which could allow a local root escalation inside a container running the IBM Transformation Advisor Operator Catalog image...
JVN#55678602: Improper file access permission settings in multiple i-フィルター products
Multiple i-フィルター products provided by Digital Arts Inc. contains the following vulnerability. Incorrect default permissions CWE-276 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N Base Score 8.5 CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Base Score 7.8 CVE-2025-57846 Impact A...
Improper File Permissions
chainguard.dev/melange is vulnerable to improper file permissions. The vulnerability is due to SBOM files in APKs being generated with file system permissions mode 666, which allows an attacker to tamper with the SBOMs...
Improper File Permissions
apko is vulnerable to Improper File Permissions. The vulnerability is due to critical files being inadvertently set with world-writable permissions 0666, which allows an attacker to likely escalate privileges to root...
MSP360 Backup 安全漏洞
MSP360 Backup is a cross-platform data backup and recovery solution from MSP360, which supports hybrid backup with local storage and cloud storage, and provides enterprise-level data protection. A security vulnerability exists in MSP360 Backup version 4.3.1.115, which stems from improper file...
DEBIAN-CVE-2025-2713
Google gVisor's runsc component exhibited a local privilege escalation vulnerability due to incorrect handling of file access permissions, which allowed unprivileged users to access restricted files. This occurred because the process initially ran with root-like permissions until the first fork...
PT-2025-13547
Name of the Vulnerable Software and Affected Versions: Google gVisor affected versions not specified Description: The issue is related to a local privilege escalation due to incorrect handling of file access permissions in Google gVisor's runsc component. This allowed unprivileged users to access...