16 matches found
CVE-2026-29127
The IDC SFX2100 Satellite Receiver sets overly permissive file system permissions on the monitor user's home directory. The directory is configured with permissions 0777, granting read, write, and execute access to all local users on the system, which may cause local privilege escalation dependin...
EUVD-2026-9523
The IDC SFX2100 Satellite Receiver sets overly permissive file system permissions on the monitor user's home directory. The directory is configured with permissions 0777, granting read, write, and execute access to all local users on the system, which may cause local privilege escalation dependin...
CVE-2026-29127 Incorrect Permission Assignment(777) on `monitor` Users Home Directory Containing SUID Root Binaries in IDC SFX2100
The IDC SFX2100 Satellite Receiver sets overly permissive file system permissions on the monitor user's home directory. The directory is configured with permissions 0777, granting read, write, and execute access to all local users on the system, which may cause local privilege escalation dependin...
PT-2026-23128
Name of the Vulnerable Software and Affected Versions IDC SFX2100 versions affected versions not specified Description The IDC SFX2100 Satellite Receiver has overly permissive file system permissions set on the monitor user's home directory. The directory is configured with permissions 0777,...
Linux Distros Unpatched Vulnerability : CVE-2019-17383
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The netaddr gem before 2.0.4 for Ruby has misconfigured file permissions, such that a gem install may result in 0777 permissions in the target filesystem...
World Writable Directory in /var/log/below Allows Local Privilege Escalation
Below is a tool for recording and displaying system data like hardware utilization and cgroup information on Linux. Symlink Attack in /var/log/below/errorroot.log Below's systemd service runs with full root privileges. It attempts to create a world-writable directory in /var/log/below. Even if th...
CVE-2023-48648
Concrete CMS before 8.5.13 and 9.x before 9.2.2 allows unauthorized access because directories can be created with insecure permissions. File creation functions such as the Mkdir function gives universal access 0777 to created folders by default. Excessive permissions can be granted when creating...
PT-2023-4600 · Unknown +3 · Libarchive +3
Name of the Vulnerable Software and Affected Versions: Libarchive versions 3.6.2 and earlier Description: The issue is caused by a race condition with the umask call inside archive write disk posix.c, which can lead to a permanent umask 0 setting. This can result in implicit directory creation wi...
SUSE CVE-2008-7251
libraries/File.class.php in phpMyAdmin 2.11.x before 2.11.10 creates a temporary directory with 0777 permissions, which has unknown impact and attack vectors...
The keyfile settings backend in GNOME GLib (aka glib2.0) before 2.60.0 creates directories using g_file_make_directory_with_parents (kfsb->dir NULL NULL) and files using g_file_replace_contents (kfsb->file contents length NULL FALSE G_FILE_CREATE_REPLACE_DESTINATION NULL NULL NULL). Consequently it does not properly restrict directory (and file) permissions. Instead for directories 0777 permissions are used; for files default file permissions are used. This is similar to CVE-2019-12450.
...
UBUNTU-CVE-2019-17383
The netaddr gem before 2.0.4 for Ruby has misconfigured file permissions, such that a gem install may result in 0777 permissions in the target filesystem...
DEBIAN-CVE-2019-13012
The keyfile settings backend in GNOME GLib aka glib2.0 before 2.60.0 creates directories using gfilemakedirectorywithparents kfsb-dir, NULL, NULL and files using gfilereplacecontents kfsb-file, contents, length, NULL, FALSE, GFILECREATEREPLACEDESTINATION, NULL, NULL, NULL. Consequently, it does n...
CVE-2018-19072
An issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application Firmware 2.72.1.32, and Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. /mnt/mtd/app has 0777 permissions, allowing local users to replace an archive file within that...
UBUNTU-CVE-2016-10119
Firejail uses 0777 permissions when mounting /tmp, which allows local users to gain privileges...
DEBIAN-CVE-2008-7251
libraries/File.class.php in phpMyAdmin 2.11.x before 2.11.10 creates a temporary directory with 0777 permissions, which has unknown impact and attack vectors...
PT-2009-5888 · Unknown · Back In Time
Name of the Vulnerable Software and Affected Versions: Back In Time version 0.9.26 Description: The issue allows local users to obtain sensitive information or interfere with backup integrity. This is due to the common/snapshots.py file changing certain permissions to 0777 before deleting files i...