Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

RedhatCVE
RedhatCVEadded 2025/12/17 9:27 a.m.2 views

CVE-2025-68146

A flaw was found in filelock. This vulnerability allows local attackers to corrupt or truncate arbitrary user files via a Time-of-Check-Time-of-Use TOCTOU race condition and symlink attacks. Mitigation Ensure lock file directories used by applications employing filelock have restrictive...

6.3CVSS6.2AI score0.00184EPSS
Exploits1References7
CVE
CVEadded 2025/12/16 6:10 p.m.23 views

CVE-2025-68146

CVE-2025-68146 affects the Python filelock package. A TOCTOU race in lock file creation allows local attackers with filesystem access to exploit symlinks and truncate target files. The vulnerability exists in UnixFileLock and WindowsFileLock for versions before 3.20.1; an attacker can create a sy...

6.5CVSS5.8AI score0.00184EPSS
Exploits1References4Affected Software1
Vulnrichment
Vulnrichmentadded 2025/01/28 9:31 p.m.7 views

CVE-2024-29869 Apache Hive: Credentials file created with non restrictive permissions

Hive creates a credentials file to a temporary directory in the file system with permissions 644 by default when the file permissions are not set explicitly. Any unauthorized user having access to the directory can read the sensitive information written into this file. Users are recommended to...

5.2AI score0.00265EPSS
Exploits0References4
Github Security Blog
Github Security Blogadded 2023/03/10 9:30 p.m.32 views

Incorrect Authorization in Jenkins Core

When triggering a build from the Jenkins CLI, Jenkins creates a temporary file on the controller if a file parameter is provided through the CLI’s standard input. Jenkins 2.393 and earlier, LTS 2.375.3 and earlier, and , and LTS prior to 2.387.1 creates this temporary file in the default temporar...

4.4CVSS6AI score0.00244EPSS
Exploits0References5Affected Software1
UbuntuCve
UbuntuCveadded 2020/03/16 4:15 p.m.30 views

CVE-2020-1736

A flaw was found in Ansible Engine when a file is moved using atomicmove primitive as the file mode cannot be specified. This sets the destination files world-readable if the destination file does not exist and if the file exists, the file could be changed to have less restrictive permissions...

3.3CVSS6.7AI score0.00401EPSS
Exploits1References2
Veracode
Veracodeadded 2019/08/08 12:7 a.m.20 views

Improper Access Restriction

sssd is vulnerable to improper access restriction. The vulnerability exists because it does not implement Group Policy Objects, resulting in too restrictive permissions.Therefore sssd allows authenticated users to login instead of denying access...

5.4CVSS5.3AI score0.01122EPSS
Exploits0References32Affected Software6
UbuntuCve
UbuntuCveadded 2007/05/11 10:19 a.m.18 views

CVE-2007-2606

Multiple buffer overflows in Firebird 2.1 allow attackers to trigger memory corruption and possibly have other unspecified impact via certain input processed by 1 config\ConfigFile.cpp or 2 msgs\checkmsgs.epp. NOTE: if ConfigFile.cpp reads a configuration file with restrictive permissions, then t...

7.8CVSS5.8AI score0.01788EPSS
Exploits0References1
Rows per page
Query Builder