17 matches found
USN-7983-1: containerd vulnerabilities
David Leadbeater discovered that containerd incorrectly set certain directory path permissions. An attacker could possibly use this issue to achieve unauthorised access to the files. CVE-2024-25621 It was discovered that containerd did not properly handle the execution of the goroutine of contain...
EUVD-2020-3344
Malware in sbrugna...
EUVD-2022-4758
Malicious code in bioql PyPI...
PT-2024-6246 · Microsoft · Windows
Name of the Vulnerable Software and Affected Versions: Windows affected versions not specified Description: The issue is related to a security feature bypass vulnerability in the Windows Security Zone Mapping component. This vulnerability is caused by incorrect path equivalence permissions...
CVE-2023-50236
A vulnerability has been identified in Polarion ALM All versions V2404.0. The affected product is vulnerable due to weak file and folder permissions in the installation path. An attacker with local access could exploit this vulnerability to escalate privileges to NT AUTHORITY\SYSTEM...
PT-2022-12371 · Sage · Sage 300 Erp
Name of the Vulnerable Software and Affected Versions: Sage 300 ERP versions through 6.8.x Description: The installer configures the C:SageSage300Runtime directory to be the first entry in the system-wide PATH environment variable. However, this directory is writable by unprivileged users because...
CVE-2020-10939
Insecure, default path permissions in PHOENIX CONTACT PC WORX SRT through 1.14 allow for local privilege escalation...
CVE-2020-10939
Insecure, default path permissions in PHOENIX CONTACT PC WORX SRT through 1.14 allow for local privilege escalation...
Privilege escalation
Insecure, default path permissions in PHOENIX CONTACT PC WORX SRT through 1.14 allow for local privilege escalation...
CVE-2020-10939
Insecure, default path permissions in PHOENIX CONTACT PC WORX SRT through 1.14 allow for local privilege escalation...
GOG Galaxy Local Elevation of Privilege Vulnerability
GOG Galaxy is a game client program. The program is used to install, launch and update games. A security vulnerability exists in the file system permissions of the installation path in GOG Galaxy version 1.2.45.61. An attacker can exploit this vulnerability by overwriting an executable file to...
AccuPOS Insecure Privilege Vulnerability
AccuPOS is a retail system from the American company AccuPOS. The system features order management, payment management and inventory management. An insecure privilege vulnerability exists in AccuPOS version 2017.8, which stems from the program assigning insecure 'Authenticated Users: Modify'...
Ubuntu Update for pam vulnerability USN-959-2
Ubuntu Update for Linux kernel vulnerabilities USN-959-2 OpenVAS Vulnerability Test $Id: gbubuntuUSN9592.nasl 7965 2017-12-01 07:38:25Z santu $ Ubuntu Update for pam vulnerability USN-959-2 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.n...
Ubuntu Update for pam vulnerability USN-959-1
Ubuntu Update for Linux kernel vulnerabilities USN-959-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN9591.nasl 7965 2017-12-01 07:38:25Z santu $ Ubuntu Update for pam vulnerability USN-959-1 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.n...
Ubuntu 9.10 / 10.04 LTS : pam vulnerability (USN-959-1)
Denis Excoffier discovered that the PAM MOTD module in Ubuntu did not correctly handle path permissions when creating user file stamps. A local attacker could exploit this to gain root privilieges. Note that Tenable Network Security has extracted the preceding description block directly from the...
USN-959-1: PAM vulnerability
Denis Excoffier discovered that the PAM MOTD module in Ubuntu did not correctly handle path permissions when creating user file stamps. A local attacker could exploit this to gain root privilieges...
Test both the JSP environment the following security vulnerabilities-vulnerability warning-the black bar safety net
Author: xy7BCT The first test JSP program vulnerabilities, to be exact is a server poor configuration leading to security risks, wrong place hope everyone noted it!!! Previously in some articles on the see on the JSP site storm any files of the original code of the vulnerability, and today finall...