Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9 matches found

Positive Technologies
Positive Technologiesadded 2025/11/18 12:0 a.m.4 views

PT-2025-47328

Name of the Vulnerable Software and Affected Versions Checkmk versions prior to 2.4.0p16 Checkmk versions prior to 2.3.0p41 Checkmk versions 2.2.0 and older Description The mk inotify plugin creates files that are world-readable and writable. This allows any local user on the system to read the...

4.8CVSS6.2AI score0.00089EPSS
Exploits0References4
OSV
OSVadded 2023/08/03 12:0 p.m.3 views

UBUNTU-CVE-2023-38497

Cargo downloads the Rust project’s dependencies and compiles the project. Cargo prior to version 0.72.2, bundled with Rust prior to version 1.71.1, did not respect the umask when extracting crate archives on UNIX-like systems. If the user downloaded a crate containing files writeable by any local...

7.9CVSS7AI score0.00763EPSS
Exploits0References6
Positive Technologies
Positive Technologiesadded 2023/08/03 12:0 a.m.7 views

PT-2023-9267 · Rust +10 · Cargo +10

Name of the Vulnerable Software and Affected Versions: Cargo versions prior to 0.72.2 Rust versions prior to 1.71.1 Description: The issue is related to the Cargo package manager for the Rust programming language, which ignores umask when extracting archives created in UNIX-like systems. This cou...

7.9CVSS7.3AI score0.00846EPSS
Exploits0References61
Japan Vulnerability Notes
Japan Vulnerability Notesadded 2015/05/21 7:36 a.m.3 views

Problem with directory permissions in JP1/Automatic Operation

Overview There is a problem of permissions on file transfer directory in JP1/Automatic Operation. Impact Malicious local users might refer or modify transferred files. Solution Please refer to the 'Vendor Information' section for the official countermeasure and take appropriate action...

3.3CVSS6.5AI score
Exploits0References2
OSV
OSVadded 2008/11/21 2:30 a.m.2 views

DEBIAN-CVE-2008-5188

The 1 ecryptfs-setup-private, 2 ecryptfs-setup-confidential, and 3 ecryptfs-setup-pam-wrapped.sh scripts in ecryptfs-utils 45 through 61 in eCryptfs place cleartext passwords on command lines, which allows local users to obtain sensitive information by listing the process...

7.2CVSS6.4AI score0.00386EPSS
Exploits0References1
RedHat Linux
RedHat Linuxadded 2008/05/20 1:22 p.m.5 views

setroubleshoot insecure logging

sealert in setroubleshoot 2.0.5 allows local users to overwrite arbitrary files via a symlink attack on the sealert.log temporary file...

4.4CVSS5.8AI score0.00301EPSS
Exploits0References4
RedHat Linux
RedHat Linuxadded 2007/11/15 1:31 p.m.7 views

(mesg: error: tty device is not owned by group `tty')

xterm, including 192-7.el4 in Red Hat Enterprise Linux and 208-3.1 in Debian GNU/Linux, sets the wrong group ownership of tty devices, which allows local users to write data to other users' terminals...

2.1CVSS5.8AI score0.00399EPSS
Exploits0References4
OSV
OSVadded 2007/10/04 5:17 p.m.3 views

DEBIAN-CVE-2007-5201

The FTP backend for Duplicity before 0.4.9 sends the password as a command line argument when calling ncftp, which might allow local users to read the password by listing the process and its arguments...

4.6CVSS6.8AI score0.00371EPSS
Exploits0References1
OSV
OSVadded 2003/05/12 4:0 a.m.4 views

CVE-2003-0214

run-mailcap in mime-support 3.22 and earlier allows local users to overwrite arbitrary files via a symlink attack on temporary files...

6.1AI score
Exploits0References2
Rows per page
Query Builder