CVE-2026-21743

A missing authorization vulnerability in Fortinet FortiAuthenticator 6.6.0 through 6.6.6, FortiAuthenticator 6.5 all versions, FortiAuthenticator 6.4 all versions, FortiAuthenticator 6.3 all versions may allow a read-only user to make modification to local users via a file upload to an unprotecte...

CVE-2026-21743

A missing authorization vulnerability in Fortinet FortiAuthenticator 6.6.0 through 6.6.6, FortiAuthenticator 6.5 all versions, FortiAuthenticator 6.4 all versions, FortiAuthenticator 6.3 all versions may allow a read-only user to make modification to local users via a file upload to an unprotecte...

CVE-2011-0729

dbusbackend/ls-dbus-backend in the D-Bus backend in language-selector before 0.6.7 does not restrict access on the basis of a PolicyKit check result, which allows local users to modify the /etc/default/locale and /etc/environment files via a 1 SetSystemDefaultLangEnv or 2...

EUVD-1999-0882

Malware in sbrugna...

EUVD-2013-0698

Malware in sbrugna...

EUVD-2013-1834

Malware in sbrugna...

EUVD-2001-1050

Malware in sbrugna...

EUVD-2013-6231

Malware in sbrugna...

EUVD-2012-5986

Malware in sbrugna...

Unspecified Vulnerability in Mattermost (CNVD-2024-35160)

Mattermost is an open source collaboration platform from Mattermost, Inc. in the United States. Mattermost suffers from a security vulnerability that stems from a failure to disable modification of local users when synchronizing users in a shared channel. An attacker could use the vulnerability t...

CVE-2023-27133

TSplus Remote Work 16.0.0.0 has weak permissions for .exe, .js, and .html files under the %PROGRAMFILESX86%\TSplus-RemoteWork\Clients\www folder. This may enable privilege escalation if a different local user modifies a file. NOTE: CVE-2023-31067 and CVE-2023-31068 are only about the TSplus Remot...

Securepoint SSL VPN Client Access Control Error Vulnerability

Securepoint SSL VPN Client is an open source SSL VPN client for Windows. An access control error vulnerability exists in Securepoint SSL VPN Client v2, which arises from a failure to secure the software's configuration features. An attacker can escalate local privileges to NT AUTHORITYSYSTEM to...

CVE-2014-1934

tag.py in eyeD3 aka python-eyed3 7.0.3, 0.6.18, and earlier for Python allows local users to modify arbitrary files via a symlink attack on a temporary file...

Blue Coat ProxySG Local User Modification Race Condition

The remote Blue Coat ProxySG device's SGOS self-reported version is prior to 6.5.4.0. It is, therefore, potentially affected by a race condition issue during the time before the new changes take effect after a local user account modification due to configuration caching. User account modification...

CVE-2013-6412

The transformsave function in transform.c in Augeas 1.0.0 through 1.1.0 does not properly calculate the permission values when the umask contains a "7," which causes world-writable permissions to be used for new files and allows local users to modify the files via unspecified vectors...

CVE-2013-1815

A flaw was found in PackStack. This vulnerability allows a local user to modify deployed systems by changing the answer file, which is created in insecure directories such as /tmp or the current working directory. This insecure file creation could lead to unauthorized system modifications...

CVE-2001-1069

libCoolType library as used in Adobe Acrobat acroread on Linux creates the AdobeFnt.lst file with world-writable permissions, which allows local users to modify the file and possibly modify acroread's behavior...

CVE-2000-0604

CVE-2000-0604 involves the gkermit component on Red Hat Linux installed with the setgid uucp bit, enabling local users to modify files owned by uucp. The underlying issue is an improper installation/permission setup of gkermit, which allows a local attacker to gain partial access to files owned b...

CVE-2000-0502

Mcafee VirusScan 4.03 does not properly restrict access to the alert text file before it is sent to the Central Alert Server, which allows local users to modify alerts in an arbitrary fashion...

Microsoft Windows NT 4.0 - DCOM Server

source: https://www.securityfocus.com/bid/624/info It is possible for a local user to modify how DCOM servers are run, thereby escalating his/her privilege level. The Interactive User has write permissions to the DCOM registry entries. By editing the registry keys associated with DCOM server...