Lucene search
K

16 matches found

RedhatCVE
RedhatCVE
added 2026/03/06 7:51 a.m.5 views

CVE-2026-29127

The IDC SFX2100 Satellite Receiver sets overly permissive file system permissions on the monitor user's home directory. The directory is configured with permissions 0777, granting read, write, and execute access to all local users on the system, which may cause local privilege escalation dependin...

9.2CVSS5.8AI score0.00169EPSS
Exploits1References1
EUVD
EUVD
added 2026/03/05 3:31 a.m.4 views

EUVD-2026-9523

The IDC SFX2100 Satellite Receiver sets overly permissive file system permissions on the monitor user's home directory. The directory is configured with permissions 0777, granting read, write, and execute access to all local users on the system, which may cause local privilege escalation dependin...

9.2CVSS6AI score0.00169EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2026/03/05 2:36 a.m.5 views

CVE-2026-29127 Incorrect Permission Assignment(777) on `monitor` Users Home Directory Containing SUID Root Binaries in IDC SFX2100

The IDC SFX2100 Satellite Receiver sets overly permissive file system permissions on the monitor user's home directory. The directory is configured with permissions 0777, granting read, write, and execute access to all local users on the system, which may cause local privilege escalation dependin...

9.2CVSS6AI score0.00169EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2026/03/05 12:0 a.m.8 views

PT-2026-23128

Name of the Vulnerable Software and Affected Versions IDC SFX2100 versions affected versions not specified Description The IDC SFX2100 Satellite Receiver has overly permissive file system permissions set on the monitor user's home directory. The directory is configured with permissions 0777,...

9.2CVSS5.8AI score0.00169EPSS
Exploits1References7
Tenable Nessus
Tenable Nessus
added 2025/08/18 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2019-17383

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The netaddr gem before 2.0.4 for Ruby has misconfigured file permissions, such that a gem install may result in 0777 permissions in the target filesystem...

9.8CVSS7.2AI score0.02287EPSS
Exploits0References2
RustSec
RustSec
added 2025/03/12 12:0 p.m.7 views

World Writable Directory in /var/log/below Allows Local Privilege Escalation

Below is a tool for recording and displaying system data like hardware utilization and cgroup information on Linux. Symlink Attack in /var/log/below/errorroot.log Below's systemd service runs with full root privileges. It attempts to create a world-writable directory in /var/log/below. Even if th...

6.8CVSS7.3AI score0.0036EPSS
Exploits22Affected Software1
ATTACKERKB
ATTACKERKB
added 2023/11/17 4:15 a.m.3 views

CVE-2023-48648

Concrete CMS before 8.5.13 and 9.x before 9.2.2 allows unauthorized access because directories can be created with insecure permissions. File creation functions such as the Mkdir function gives universal access 0777 to created folders by default. Excessive permissions can be granted when creating...

9.8CVSS5.8AI score0.01233EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2023/05/29 12:0 a.m.4 views

PT-2023-4600 · Unknown +3 · Libarchive +3

Name of the Vulnerable Software and Affected Versions: Libarchive versions 3.6.2 and earlier Description: The issue is caused by a race condition with the umask call inside archive write disk posix.c, which can lead to a permanent umask 0 setting. This can result in implicit directory creation wi...

9.1CVSS5.8AI score0.87896EPSS
Exploits1References30
SUSE CVE
SUSE CVE
added 2023/02/15 6:5 a.m.4 views

SUSE CVE-2008-7251

libraries/File.class.php in phpMyAdmin 2.11.x before 2.11.10 creates a temporary directory with 0777 permissions, which has unknown impact and attack vectors...

10CVSS7AI score0.02662EPSS
Exploits1References4
Microsoft CVE
Microsoft CVE
added 2020/08/18 12:0 a.m.7 views

The keyfile settings backend in GNOME GLib (aka glib2.0) before 2.60.0 creates directories using g_file_make_directory_with_parents (kfsb->dir NULL NULL) and files using g_file_replace_contents (kfsb->file contents length NULL FALSE G_FILE_CREATE_REPLACE_DESTINATION NULL NULL NULL). Consequently it does not properly restrict directory (and file) permissions. Instead for directories 0777 permissions are used; for files default file permissions are used. This is similar to CVE-2019-12450.

...

9.8CVSS6.5AI score0.03211EPSS
Exploits0
OSV
OSV
added 2019/10/09 4:15 p.m.3 views

UBUNTU-CVE-2019-17383

The netaddr gem before 2.0.4 for Ruby has misconfigured file permissions, such that a gem install may result in 0777 permissions in the target filesystem...

9.8CVSS7.3AI score0.02287EPSS
Exploits0References4
OSV
OSV
added 2019/06/28 3:15 p.m.2 views

DEBIAN-CVE-2019-13012

The keyfile settings backend in GNOME GLib aka glib2.0 before 2.60.0 creates directories using gfilemakedirectorywithparents kfsb-dir, NULL, NULL and files using gfilereplacecontents kfsb-file, contents, length, NULL, FALSE, GFILECREATEREPLACEDESTINATION, NULL, NULL, NULL. Consequently, it does n...

7.5CVSS6.3AI score0.03211EPSS
Exploits0References1
OSV
OSV
added 2018/11/07 6:29 p.m.6 views

CVE-2018-19072

An issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application Firmware 2.72.1.32, and Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. /mnt/mtd/app has 0777 permissions, allowing local users to replace an archive file within that...

5.5CVSS5.8AI score0.00347EPSS
Exploits1References1
OSV
OSV
added 2017/04/13 2:59 p.m.3 views

UBUNTU-CVE-2016-10119

Firejail uses 0777 permissions when mounting /tmp, which allows local users to gain privileges...

7.8CVSS7.1AI score0.00394EPSS
Exploits0References4
OSV
OSV
added 2010/01/19 4:30 p.m.1 views

DEBIAN-CVE-2008-7251

libraries/File.class.php in phpMyAdmin 2.11.x before 2.11.10 creates a temporary directory with 0777 permissions, which has unknown impact and attack vectors...

10CVSS6.9AI score0.02662EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2009/10/26 12:0 a.m.5 views

PT-2009-5888 · Unknown · Back In Time

Name of the Vulnerable Software and Affected Versions: Back In Time version 0.9.26 Description: The issue allows local users to obtain sensitive information or interfere with backup integrity. This is due to the common/snapshots.py file changing certain permissions to 0777 before deleting files i...

7.1CVSS6.5AI score0.00302EPSS
Exploits0References12
Rows per page
Query Builder