26 matches found
CVE-2022-27049
Raidrive before v2021.12.35 allows attackers to arbitrarily move log files by pre-creating a mountpoint and log files before Raidrive is installed...
EUVD-2018-17983
Malware in sbrugna...
EUVD-2018-14244
Malware in sbrugna...
EUVD-2023-41847
Malicious code in bioql PyPI...
EUVD-2025-12666
Malicious code in bioql PyPI...
EUVD-2025-7767
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2020-13882
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - CISOfy Lynis before 3.0.0 has Incorrect Access Control because of a TOCTOU race condition. The routine to check the log and report file permissions was not...
CVE-2023-38020
IBM SOAR QRadar Plugin App 1.0 through 5.0.3 could allow an authenticated user to manipulate output written to log files. IBM X-Force ID: 260576...
CVE-2021-30494
Multiple system services installed alongside the Razer Synapse 3 software suite perform privileged operations on entries within the Razer Chroma SDK subkey. These privileged operations consist of file name concatenation of a runtime log file that is used to store runtime log information. In other...
CVE-2025-27397
A vulnerability has been identified in SCALANCE LPE9403 6GK5998-3GS00-2AC2 All versions V4.0. Affected devices do not properly limit user controlled paths to which logs are written and from where they are read. This could allow an authenticated highly-privileged remote attacker to read and write...
CVE-2024-20506
A vulnerability in the ClamD service module of Clam AntiVirus ClamAV versions 1.4.0, 1.3.2 and prior versions, all 1.2.x versions, 1.0.6 and prior versions, all 0.105.x versions, all 0.104.x versions, and 0.103.11 and all prior versions could allow an authenticated, local attacker to corrupt...
PT-2024-3045 · Oracle · Virtualbox
Name of the Vulnerable Software and Affected Versions: Oracle VM VirtualBox versions prior to 7.0.16 Description: The issue is related to errors in processing input data in the Core component of Oracle VM VirtualBox. This can be exploited by an attacker to elevate privileges or execute arbitrary...
CVE-2023-38020
IBM SOAR QRadar Plugin App 1.0 through 5.0.3 could allow an authenticated user to manipulate output written to log files. IBM X-Force ID: 260576...
CVE-2020-7311
Privilege Escalation vulnerability in the installer in McAfee Agent MA for Windows prior to 5.6.6 allows local users to assume SYSTEM rights during the installation of MA via manipulation of log files...
CVE-2020-7311
Privilege Escalation vulnerability in the installer in McAfee Agent MA for Windows prior to 5.6.6 allows local users to assume SYSTEM rights during the installation of MA via manipulation of log files...
CVE-2020-7311
Summary: CVE-2020-7311 is a privilege-escalation vulnerability affecting McAfee Agent (MA) for Windows, prior to version 5.6.6. The issue arises in the MA installer, where a local attacker can manipulate log files during installation to obtain SYSTEM-level rights. Affected component: McAfee Agent...
UBUNTU-CVE-2020-13882
CISOfy Lynis before 3.0.0 has Incorrect Access Control because of a TOCTOU race condition. The routine to check the log and report file permissions was not working as intended and could be bypassed locally. Because of the race, an unprivileged attacker can set up a log and report file, and contro...
CheckPoint Endpoint Security Client/ZoneAlarm 15.4.062.17802 - Privilege Escalation
Exploit Title: CheckPoint Endpoint Security Client/ZoneAlarm 15.4.062.17802 - Privilege Escalation Date: 2019-01-30 Exploit Author: Jakub Palaczynski Vendor Homepage: https://www.checkpoint.com/ Version: Check Point Endpoint Security VPN = E80.87 Build 986009514 Version: Check Point ZoneAlarm =...
Cisco Enterprise NFV Infrastructure Software Cross-Site Scripting Vulnerability
Cisco Enterprise NFV Infrastructure Software is a lightweight virtualization platform that integrates complete VM lifecycle management, monitoring, device programmability, and service chaining in one installable package. A cross-site scripting vulnerability exists in the Web portal framework of...
CVE-2019-8455
A hard-link created from the log file of Check Point ZoneAlarm up to 15.4.062 to any file on the system will get its permission changed so that all users can access that linked file. Doing this on files with limited access gains the local attacker higher privileges to the file...