Lucene search
K

9 matches found

NVD
NVD
added 2026/04/23 5:16 a.m.8 views

CVE-2026-41232

Froxlor is open source server administration software. Prior to version 2.3.6, in EmailSender::add, the domain ownership validation for full email sender aliases uses the wrong array index when splitting the email address, passing the local part instead of the domain to...

5CVSS0.00231EPSS
Exploits1References3
EUVD
EUVD
added 2026/04/22 6:31 p.m.7 views

EUVD-2026-24984

The mv utility in uutils coreutils fails to preserve file ownership during moves across different filesystem boundaries. The utility falls back to a copy-and-delete routine that creates the destination file using the caller's UID/GID rather than the source's metadata. This flaw breaks backups and...

4.2CVSS5.8AI score0.00132EPSS
Exploits1References2
OSV
OSV
added 2025/11/03 4:15 p.m.4 views

CVE-2025-36091

IBM Cloud Pak For Business Automation 25.0.0, 24.0.1, and 24.0.0 could allow an authenticated user to cause dashboards to become inaccessible to legitimate users due to invalid ownership assignment...

4.3CVSS5.8AI score0.0031EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2023/02/15 4:11 a.m.4 views

SUSE CVE-2019-12447

An issue was discovered in GNOME gvfs 1.29.4 through 1.41.2. daemon/gvfsbackendadmin.c mishandles file ownership because setfsuid is not used...

7.3CVSS7AI score0.01832EPSS
Exploits0References6
Snyk
Snyk
added 2019/04/24 9:29 p.m.4 views

Symlink Attack

Overview Affected versions of this package are vulnerable to Symlink Attack snap-confine in snapd before 2.38 incorrectly set the ownership of a snap application to the uid and gid of the first calling user. Consequently, that user had unintended access to a private /tmp directory. Remediation...

7.5CVSS5.5AI score0.02486EPSS
Exploits1References2
OSV
OSV
added 2019/04/24 9:29 p.m.4 views

DEBIAN-CVE-2019-11502

snap-confine in snapd before 2.38 incorrectly set the ownership of a snap application to the uid and gid of the first calling user. Consequently, that user had unintended access to a private /tmp directory...

7.5CVSS7.4AI score0.02486EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2012/08/01 12:0 a.m.28 views

Scientific Linux Security Update : xterm on SL4.x i386/x86_64

A bug was found in the way xterm packages were built that caused the pseudo-terminal device files of the xterm emulated terminals to be owned by the incorrect group. This flaw did not affect Red Hat Enterprise Linux 4 Update 4 and earlier. CVE-2007-2797 %NASLMINLEVEL 70300 C Tenable Network...

2.1CVSS5.3AI score0.00399EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2007/11/15 1:31 p.m.12 views

(mesg: error: tty device is not owned by group `tty')

xterm, including 192-7.el4 in Red Hat Enterprise Linux and 208-3.1 in Debian GNU/Linux, sets the wrong group ownership of tty devices, which allows local users to write data to other users' terminals...

2.1CVSS5.8AI score0.00399EPSS
Exploits0References4
OSV
OSV
added 2007/09/05 1:17 a.m.2 views

DEBIAN-CVE-2007-4135

The NFSv4 ID mapper nfsidmap before 0.17 does not properly handle return values from the getpwnamr function when performing a username lookup, which can cause it to report a file as being owned by "root" instead of "nobody" if the file exists on the server but not on the client...

6.2CVSS6.5AI score0.00341EPSS
Exploits0References1
Rows per page
Query Builder