.NET Elevation of Privilege Vulnerability

Microsoft Security Advisory CVE-2026-26131 – .NET Elevation of Privilege Vulnerability Executive summary Microsoft is releasing this security advisory to provide information about a vulnerability in .NET 10.0. This advisory also provides guidance on what developers can do to update their...

PT-2024-19163 · Apache +1 · Apache Tomcat +1

Name of the Vulnerable Software and Affected Versions: Apache Tomcat affected versions not specified Description: The issue is related to insecure permissions in the packaging of Apache Tomcat, allowing local users to escalate to root if they win a race during package installation. This is a loca...

PT-2023-23971 · Nfpm · Nfpm

Name of the Vulnerable Software and Affected Versions: nfpm affected versions not specified Description: The issue arises when nfpm packages files without maintaining the original file permissions from the source control. This can result in files being packaged with incorrect permissions, such as...

SUSE CVE-2020-8024

A Incorrect Default Permissions vulnerability in the packaging of hylafax+ of openSUSE Leap 15.2, openSUSE Leap 15.1, openSUSE Factory allows local attackers to escalate from user uucp to users calling hylafax binaries. This issue affects: openSUSE Leap 15.2 hylafax+ versions prior to...