13 matches found
CVE-2010-0180
Install/Filesystem.pm in Bugzilla 3.5.1 through 3.6 and 3.7, when usesuexec is enabled, uses world-readable permissions for the localconfig files, which allows local users to read sensitive configuration fields, as demonstrated by the database password field and the sitewidesecret field...
EUVD-2024-25912
Malicious code in bioql PyPI...
CVE-2025-27446 Apache APISIX Java Plugin Runner: Local listening file permissions in APISIX plugin runner allow a local attacker to elevate privileges
Incorrect Permission Assignment for Critical Resource vulnerability in Apache APISIXjava-plugin-runner. Local listening file permissions in APISIX plugin runner allow a local attacker to elevate privileges. This issue affects Apache APISIXjava-plugin-runner: from 0.2.0 through 0.5.0. Users are...
Apache Apisix 安全漏洞
Apache Apisix is a cloud-native microservices API gateway service of the U.S. Apache Apache Foundation. The software is based on OpenResty and etcd to realize , with dynamic routing and plug-in hot loading , suitable for microservice system under the API management . An elevation of privilege...
CVE-2024-37369 Rockwell Automation FactoryTalk® View SE Local Privilege Escalation Vulnerability via Local File Permissions
A privilege escalation vulnerability exists in the affected product. The vulnerability allows low-privilege users to edit scripts, bypassing Access Control Lists, and potentially gaining further access within the system...
CVE-2024-37369 Rockwell Automation FactoryTalk® View SE Local Privilege Escalation Vulnerability via Local File Permissions
A privilege escalation vulnerability exists in the affected product. The vulnerability allows low-privilege users to edit scripts, bypassing Access Control Lists, and potentially gaining further access within the system...
USN-5954-1 firefox vulnerabilities
Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. CVE-2023-25750, CVE-2023-25752,...
CVE-2018-11453
A vulnerability has been identified in SIMATIC STEP 7 TIA Portal and WinCC TIA Portal V10, V11, V12 All versions, SIMATIC STEP 7 TIA Portal and WinCC TIA Portal V13 All versions V13 SP2 Update 2, SIMATIC STEP 7 TIA Portal and WinCC TIA Portal V14 All versions V14 SP1 Update 6, SIMATIC STEP 7 TIA...
CVE-2018-11454
A vulnerability has been identified in SIMATIC STEP 7 TIA Portal and WinCC TIA Portal V10, V11, V12 All versions, SIMATIC STEP 7 TIA Portal and WinCC TIA Portal V13 All versions V13 SP2 Update 2, SIMATIC STEP 7 TIA Portal and WinCC TIA Portal V14 All versions V14 SP1 Update 6, SIMATIC STEP 7 TIA...
CVE-2012-3449
Open vSwitch 1.4.2 uses world writable permissions for 1 /var/lib/openvswitch/pki/controllerca/incoming/ and 2 /var/lib/openvswitch/pki/switchca/incoming/, which allows local users to delete and overwrite arbitrary files...
CVE-2012-0863
Mumble 1.2.3 and earlier uses world-readable permissions for .local/share/data/Mumble/.mumble.sqlite files in home directories, which might allow local users to obtain a cleartext password and configuration data by reading a file...
Samba < 3.0.22 Local File Permissions Credentials Disclosure
Binary data 3499.prm...
[BUGZILLA] Security Advisory - remote database password disclosure
Bugzilla Security Advisory January 2nd, 2002 Severity: major remote database password disclosure, bug 186383 minor local file permissions, bug 183188 Summary ======= All Bugzilla installations are advised to upgrade to the latest versions of Bugzilla, 2.14.5 and 2.16.2, both released today...