3 matches found
CVE-2025-34436
AVideo is affected by an IDOR in the file upload feature: versions prior to 20.1 allow any authenticated user to upload files into directories owned by other users because ownership checks are not enforced, despite authentication being required. The issue stems from lack of authorization for the ...
Red Hat ceph-ansible Security Vulnerability
Red Hat ceph-ansible is an Ansible manual for deploying the distributed file system Ceph from Red Hat USA. A security vulnerability exists in ceph-ansible that stems from insecure ownership of the etc ceph iscsi-gateway.conf configuration file...
CVE-2016-8641
A privilege escalation vulnerability was found in nagios 4.2.x that occurs in daemon-init.in when creating necessary files and insecurely changing the ownership afterwards. It's possible for the local attacker to create symbolic links before the files are to be created and possibly escalating the...