CVE-2026-24755

Kiteworks Secure Data Forms (prior to v9.3.0) contains an Insecure Direct Object Reference (IDOR) vulnerability that allows an authenticated user to modify permissions on resources belonging to other users due to insufficient authorization checks on resource ownership. A patch is available in Kit...

USN-8168-1: Rust vulnerability

It was discovered that tar-rs embedded in rustc incorrectly handled symlinks when unpacking a tar archive. If a user or automated system were tricked into processing a specially crafted tar archive, a remote attacker could use this issue to modify permissions of arbitrary directories outside the...

USN-8138-1 rust-tar vulnerability

It was discovered that tar-rs incorrectly handled symlinks when unpacking a tar archive. If a user or automated system were tricked into processing a specially crafted tar archive, a remote attacker could use this issue to modify permissions of arbitrary directories outside the extraction root, a...

CVE-2026-33056

tar-rs is a tar archive reading/writing library for Rust. In versions 0.4.44 and below, when unpacking a tar archive, the tar crate's unpackdir function uses fs::metadata to check whether a path that already exists is a directory. Because fs::metadata follows symbolic links, a crafted tarball...

ALPINE-CVE-2026-33056

tar-rs is a tar archive reading/writing library for Rust. In versions 0.4.44 and below, when unpacking a tar archive, the tar crate's unpackdir function uses fs::metadata to check whether a path that already exists is a directory. Because fs::metadata follows symbolic links, a crafted tarball...

EUVD-2009-0804

Malware in sbrugna...

EUVD-2013-5561

Malware in sbrugna...

EUVD-2008-2820

Malware in sbrugna...

CVE-2025-30167

Jupyter Core on Windows (CVE-2025-30167) before 5.8.0 searches the shared %PROGRAMDATA% for configuration files (SYSTEM_CONFIG_PATH and SYSTEM_JUPYTER_PATH), which may let an attacker place files affecting other users. Affected: Jupyter Core components on Windows in multi-user, unprotected %PROGR...

CVE-2022-48226

An issue was discovered in Acuant AcuFill SDK before 10.22.02.03. During installation, an EXE gets executed out of C:\Windows\Temp. A standard user can create the path file ahead of time and obtain elevated code execution. Permissions need to be modified to prevent manipulation...

CVE-2009-0806

Unspecified vulnerability in OpenGoo before 1.2.1 allows remote authenticated users to modify their own permissions via unknown attack vectors...

PT-2025-23640

Name of the Vulnerable Software and Affected Versions Jupyter Core versions prior to 5.8.0 Description The issue affects Jupyter Core on Windows, where the shared %PROGRAMDATA% directory is searched for configuration files, potentially allowing users to create files that impact other users. This ...

PT-2024-38682 · Unknown · Sensei Mac Cleaner

Name of the Vulnerable Software and Affected Versions: Sensei Mac Cleaner affected versions not specified Description: The issue allows an attacker to perform multiple operations as the root user, including arbitrary file deletion and writing, loading and unloading daemons, manipulating file...

Top MITRE ATT&CK Tactics and Techniques Leveraged in 2023

The Qualys Threat Research Unit has mapped vulnerabilities and misconfigurations to the MITRE ATT&CK framework tactics and techniques to help you get the attacker’s view. They have also analyzed vulnerabilities and misconfigurations across all our customers to find the top tactics and techniques...

GHSA-PJFJ-QVQW-3F6V Apache StreamPark LDAP Injection vulnerability

Apache StreamPark versions 1.0.0 to 2.0.0 have an LDAP injection vulnerability. LDAP Injection is an attack used to exploit web based applications that construct LDAP statements based on user input. When an application fails to properly sanitize user input, it's possible to modify LDAP statements...

CVE-2022-48226

An issue was discovered in Acuant AcuFill SDK before 10.22.02.03. During installation, an EXE gets executed out of C:\Windows\Temp. A standard user can create the path file ahead of time and obtain elevated code execution. Permissions need to be modified to prevent manipulation...

PT-2022-26305 · Unknown · Simple Exam Reviewer Management System

Name of the Vulnerable Software and Affected Versions: Simple Exam Reviewer Management System version 1.0 Description: The issue concerns improper access control in the User List function, allowing low-privileged users to modify user permissions to higher privileges. Recommendations: For Simple...

CVE-2021-44795

Single Connect does not perform an authorization check when using the "sc-assigned-credential-ui" module. A remote attacker could exploit this vulnerability to modify users permissions. The exploitation of this vulnerability might allow a remote attacker to delete permissions from other users...

Privilege Escalation

cygwin is vulnerable to privilege escalation. Insecure handling of permissions modification when changing users allow an attacker to obtain additional privileges...

CVE-2019-25018

In the rcp client in MIT krb5-appl through 1.0.3, malicious servers could bypass intended access restrictions via the filename of . or an empty filename, similar to CVE-2018-20685 and CVE-2019-7282. The impact is modifying the permissions of the target directory on the client side. NOTE: MIT...