Lucene search
K

8 matches found

NVD
NVD
added 2025/05/26 4:15 p.m.14 views

CVE-2025-23395

Screen 5.0.0 when it runs with setuid-root privileges does not drop privileges while operating on a user supplied path. This allows unprivileged users to create files in arbitrary locations with root ownership, the invoking user's real group ownership and file mode 0644. All data written to the...

7.8CVSS0.00201EPSS
Exploits0References2
Patchstack
Patchstack
added 2023/11/14 12:0 a.m.8 views

WordPress miniorange otp verification Plugin <= 4.2.1 is vulnerable to Broken Access Control

Software miniorange otp verification Type Plugin Vulnerable versions = 4.2.1 Fixed in 4.2.2 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2023-47776 Patch priority Medium CVSS severity Medium 4.3 Developer Claim ownership PSID 60649c9bd1ee Credits Abdi Pranat...

6.6AI score0.00322EPSS
Exploits0References2Affected Software1
SUSE CVE
SUSE CVE
added 2023/02/15 5:47 a.m.2 views

SUSE CVE-2012-2111

The 1 CreateAccount, 2 OpenAccount, 3 AddAccountRights, and 4 RemoveAccountRights LSA RPC procedures in smbd in Samba 3.4.x before 3.4.17, 3.5.x before 3.5.15, and 3.6.x before 3.6.5 do not properly restrict modifications to the privileges database, which allows remote authenticated users to obta...

6.5CVSS6.9AI score0.04803EPSS
Exploits0References8
Cvelist
Cvelist
added 2018/07/09 6:0 a.m.16 views

CVE-2018-13606

The mintToken function of a smart contract implementation for ARChain, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value...

7.7AI score0.01024EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2012/04/30 5:35 p.m.6 views

samba: Incorrect permission checks when granting/removing privileges

The 1 CreateAccount, 2 OpenAccount, 3 AddAccountRights, and 4 RemoveAccountRights LSA RPC procedures in smbd in Samba 3.4.x before 3.4.17, 3.5.x before 3.5.15, and 3.6.x before 3.6.5 do not properly restrict modifications to the privileges database, which allows remote authenticated users to obta...

6.5CVSS7.4AI score0.04803EPSS
Exploits0References4
OSV
OSV
added 2012/04/30 2:55 p.m.1 views

DEBIAN-CVE-2012-2111

The 1 CreateAccount, 2 OpenAccount, 3 AddAccountRights, and 4 RemoveAccountRights LSA RPC procedures in smbd in Samba 3.4.x before 3.4.17, 3.5.x before 3.5.15, and 3.6.x before 3.6.5 do not properly restrict modifications to the privileges database, which allows remote authenticated users to obta...

6.5CVSS8.1AI score0.04803EPSS
Exploits0References1
Debian
Debian
added 2009/07/26 3:28 p.m.21 views

[Backports-security-announce] Security Update for git-core

Sebastian Harl uploaded new packages for git-core which fixed the following security problems: DSA 1777-1, Debian bug 516669 Peter Palfrader discovered that on some architectures files under /usr/share/git-core/templates/ were owned by a non-root user. This allows a user with that uid on the loca...

5CVSS5.9AI score0.05819EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2005/04/14 12:0 a.m.21 views

GLSA-200504-12 : rsnapshot: Local privilege escalation

The remote host is affected by the vulnerability described in GLSA-200504-12 rsnapshot: Local privilege escalation The copysymlink subroutine in rsnapshot follows symlinks when changing file ownership, instead of changing the ownership of the symlink itself. Impact : Under certain circumstances,...

4.6CVSS5.7AI score0.0036EPSS
Exploits0References3
Rows per page
Query Builder