Lucene search
K

54 matches found

Vulnrichment
Vulnrichment
added 2026/03/09 10:28 p.m.2 views

CVE-2026-28267

Multiple i-フィルター products are configured with improper file access permission settings. Files may be created or overwritten in the system directory or backup directory by a non-administrative user...

6.8CVSS5.7AI score0.00105EPSS
Exploits0References6
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2026/03/09 5:57 a.m.9 views

Improper file access permission settings in multiple Digital Arts products

Overview Multiple products provided by Digital Arts Inc. contains the following vulnerability. Incorrect default permissions CWE-276 - CVE-2026-28267 Kazuma Matsumoto of GMO Cybersecurity by IERAE, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information...

6.8CVSS6AI score0.00105EPSS
Exploits0References8
CNNVD
CNNVD
added 2026/02/17 12:0 a.m.10 views

IBM Concert 安全漏洞

IBM Concert is a new tool developed by the American international business company IBM. It utilizes generative AI to assist in managing complex cloud-native applications. Versions 1.0.0 to 2.1.0 of IBM Concert contain security vulnerabilities, which stem from improper file permission settings for...

7.4CVSS5.8AI score0.00099EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/22 5:34 p.m.5 views

CVE-2026-20092

A vulnerability in the read-only maintenance shell of Cisco Intersight Virtual Appliance could allow an authenticated, local attacker with administrative privileges to elevate privileges to root on the virtual appliance. This vulnerability is due to improper file permissions on configuration file...

6CVSS5.6AI score0.00104EPSS
Exploits0References1
EUVD
EUVD
added 2026/01/21 4:26 p.m.6 views

EUVD-2026-3659

A vulnerability in the read-only maintenance shell of Cisco Intersight Virtual Appliance could allow an authenticated, local attacker with administrative privileges to elevate privileges to root on the virtual appliance. This vulnerability is due to improper file permissions on configuration file...

6CVSS5.7AI score0.00104EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/01/21 12:0 a.m.7 views

PT-2026-3788

Name of the Vulnerable Software and Affected Versions Cisco Intersight Virtual Appliance affected versions not specified Description A flaw exists in the read-only maintenance shell of the appliance that may allow a local attacker with administrative privileges to gain root access. This is caused...

6CVSS5.4AI score0.00104EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/12/22 12:0 a.m.3 views

Wondershare MirrorGo 安全漏洞

Wondershare MirrorGo is an Android screen casting and control software from China's Wanxing Technology Wondershare. A security vulnerability exists in Wondershare MirrorGo version 2.0.11.346, which stems from improper file permissions that could lead to local elevation of privileges...

8.5CVSS6.4AI score0.00112EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/11/11 12:0 a.m.3 views

Siemens Spectrum Power 安全漏洞

Siemens Spectrum Power is an energy management system from Siemens Germany. A security vulnerability exists in Siemens Spectrum Power versions prior to V4.70 SP12 Update 2, which stems from improperly set permissions on a binary file, which could result in elevated local privileges...

8.5CVSS6.2AI score0.00099EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2018-3124

Malware in sbrugna...

7.8CVSS7.5AI score0.00368EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2017-0193

Malware in sbrugna...

2.1CVSS6AI score0.00481EPSS
Exploits1References16
EUVD
EUVD
added 2025/10/07 12:30 a.m.10 views

EUVD-2017-11876

Malware in sbrugna...

5.5CVSS5.5AI score0.00664EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-48421

Malicious code in bioql PyPI...

8.8CVSS8.6AI score0.01656EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2024-23258

Malicious code in bioql PyPI...

5.5CVSS6.6AI score0.00156EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/09/03 7:0 p.m.3 views

CVE-2025-36193 IBM Transformation Advisor incorrect permissions

IBM Transformation Advisor 2.0.1 through 4.3.1 incorrectly assigns privileges to security critical files which could allow a local root escalation inside a container running the IBM Transformation Advisor Operator Catalog image...

8.4CVSS6.2AI score0.00133EPSS
Exploits0References1
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2025/08/27 12:0 a.m.5 views

JVN#55678602: Improper file access permission settings in multiple i-フィルター products

Multiple i-フィルター products provided by Digital Arts Inc. contains the following vulnerability. Incorrect default permissions CWE-276 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N Base Score 8.5 CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Base Score 7.8 CVE-2025-57846 Impact A...

8.5CVSS7.5AI score0.00138EPSS
Exploits0
Veracode
Veracode
added 2025/07/22 5:30 a.m.7 views

Improper File Permissions

chainguard.dev/melange is vulnerable to improper file permissions. The vulnerability is due to SBOM files in APKs being generated with file system permissions mode 666, which allows an attacker to tamper with the SBOMs...

4.4CVSS7AI score0.00125EPSS
Exploits0References8Affected Software1
Veracode
Veracode
added 2025/07/22 5:11 a.m.4 views

Improper File Permissions

apko is vulnerable to Improper File Permissions. The vulnerability is due to critical files being inadvertently set with world-writable permissions 0666, which allows an attacker to likely escalate privileges to root...

7CVSS7.3AI score0.00118EPSS
Exploits0References6Affected Software1
CNNVD
CNNVD
added 2025/05/01 12:0 a.m.4 views

MSP360 Backup 安全漏洞

MSP360 Backup is a cross-platform data backup and recovery solution from MSP360, which supports hybrid backup with local storage and cloud storage, and provides enterprise-level data protection. A security vulnerability exists in MSP360 Backup version 4.3.1.115, which stems from improper file...

9.8CVSS6.3AI score0.00363EPSS
Exploits0References1
OSV
OSV
added 2025/03/28 4:15 p.m.3 views

DEBIAN-CVE-2025-2713

Google gVisor's runsc component exhibited a local privilege escalation vulnerability due to incorrect handling of file access permissions, which allowed unprivileged users to access restricted files. This occurred because the process initially ran with root-like permissions until the first fork...

7.8CVSS5.2AI score0.00072EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/03/28 12:0 a.m.5 views

PT-2025-13547

Name of the Vulnerable Software and Affected Versions: Google gVisor affected versions not specified Description: The issue is related to a local privilege escalation due to incorrect handling of file access permissions in Google gVisor's runsc component. This allowed unprivileged users to access...

7.8CVSS6.1AI score0.00072EPSS
Exploits0References15
Rows per page
Query Builder