Incorrect Execution-Assigned Permissions

Overview Affected versions of this package are vulnerable to Incorrect Execution-Assigned Permissions when initialising host directories with 711 and 755 permissions instead of 700. An attacker can gain unauthorized access to sensitive data and potentially escalate privileges by accessing...

Incorrect Execution-Assigned Permissions

Overview Affected versions of this package are vulnerable to Incorrect Execution-Assigned Permissions when initialising host directories with 711 and 755 permissions instead of 700. An attacker can gain unauthorized access to sensitive data and potentially escalate privileges by accessing...

Incorrect Execution-Assigned Permissions

Overview Affected versions of this package are vulnerable to Incorrect Execution-Assigned Permissions via the process responsible for executing system commands. An attacker can execute arbitrary commands on the server by sending crafted requests after authentication. Remediation A fix was pushed...

Incorrect Execution-Assigned Permissions

aws-cdk-lib is vulnerable to Incorrect Execution-Assigned Permissions. The vulnerability is due to unexpected Aspect execution order due to the introduction of a new priority system that overrides hierarchical aspect evaluation, potentially leading to incorrect permissions boundaries being assign...

CVE-2025-21607

The CVE-2025-21607 issue affects the Vyper Pythonic smart contract language compiler when using precompiles EcRecover (0x1) and Identity (0x4); the success flag of those calls isn’t checked, allowing an attacker to allocate gas to cause a precompile to fail while the rest of execution continues, ...

CVE-2023-4665

Incorrect Execution-Assigned Permissions vulnerability in Saphira Saphira Connect allows Privilege Escalation.This issue affects Saphira Connect: before 9...

Design/Logic Flaw

Incorrect Execution-Assigned Permissions vulnerability in Saphira Saphira Connect allows Privilege Escalation.This issue affects Saphira Connect: before 9...

SaltStack Salt Security Vulnerabilities

SaltStack Salt is a set of open source tools for managing infrastructure from SaltStack. The tool provides configuration management, remote execution, and other features. A security vulnerability exists in SaltStack Salt versions prior to 3005.2 or 3006.2, which stems from the Git provider progra...

If the controller for _data.projectId is not defined, it can lead to incorrect execution of _swap() and theft of funds by the beneficiary.

Lines of code Vulnerability details Impact If the controller is not defined in the swap function, then it becomes impossible to mint and burn tokens, which leads to incorrect execution of the function. IJBController controller = IJBControllerjbxTerminal.directory.controllerOfdata.projectId; Proof...

CVE-2020-8025

A Incorrect Execution-Assigned Permissions vulnerability in the permissions package of SUSE Linux Enterprise Server 12-SP4, SUSE Linux Enterprise Server 15-LTSS, SUSE Linux Enterprise Server for SAP 15; openSUSE Leap 15.1, openSUSE Tumbleweed sets the permissions for some of the directories of th...

CVE-2020-8731

Incorrect execution-assigned permissions in the file system for some IntelR Server Boards, Server Systems and Compute Modules before version 1.59 may allow an authenticated user to potentially enable escalation of privilege via local access...

Design/Logic Flaw

A Incorrect Execution-Assigned Permissions vulnerability in the permissions package of SUSE Linux Enterprise Server 12-SP4, SUSE Linux Enterprise Server 15-LTSS, SUSE Linux Enterprise Server for SAP 15; openSUSE Leap 15.1, openSUSE Tumbleweed sets the permissions for some of the directories of th...