GO-2025-3816 apko is vulnerable to attack through incorrect permissions in /etc/ld.so.cache and other files in chainguard.dev/apko

apko is vulnerable to attack through incorrect permissions in /etc/ld.so.cache and other files in chainguard.dev/apko...

apko is vulnerable to attack through incorrect permissions in /etc/ld.so.cache and other files

It was discovered that the ld.so.cache in images generated by apko had file system permissions mode 0666: bash-5.3 find / -type f -perm -o+w /etc/ld.so.cache This issue was introduced in commit 04f37e2 "generate /etc/ld.so.cache 1629"v0.27.0. Impact This potentially allows a local unprivileged us...

CVE-2025-27703 Privilege escalation in the management console of Absolute Secure Access prior to version 13.54

CVE-2025-27703 is a privilege escalation vulnerability in the management console of Absolute Secure Access prior to version 13.54. Attackers with administrative access to a specific subset of privileged features in the console can elevate their permissions to access additional features in the...

mysql: race condition while setting stats during MyISAM table repair (CPU Oct 2016)

A race condition was found in the way MySQL performed MyISAM engine table repair. A database user with shell access to the server running mysqld could use this flaw to change permissions of arbitrary files writable by the mysql system user...

CVE-2013-1813

util-linux/mdev.c in BusyBox before 1.21.0 uses 0777 permissions for parent directories when creating nested directories under /dev/, which allows local users to have unknown impact and attack vectors...

CVE-2009-1173

IBM WebSphere Application Server WAS 7.0 before 7.0.0.3 uses weak permissions 777 for files associated with unspecified "interim fixes," which allows attackers to modify files that would not have been accessible if the intended 755 permissions were used...