EUVD-2025-12246

Malicious code in bioql PyPI...

CVE-2020-14004

An issue was discovered in Icinga2 before v2.12.0-rc1. The prepare-dirs script run as part of the icinga2 systemd service executes chmod 2750 /run/icinga2/cmd. /run/icinga2 is under control of an unprivileged user by default. If /run/icinga2/cmd is a symlink, then it will by followed and arbitrar...

PT-2024-42: Insufficient authorization in MediaCMS

The vulnerability was identified in MediaCMS, versions 4.1.0. The discovered vulnerability can be exploited by an authorized attacker to delete any directory in the file system knowing its absolute path, as well as substitute the contents of any user file. Vulnerability status: Confirmed by vendo...

CVE-2023-27133

TSplus Remote Work 16.0.0.0 has weak permissions for .exe, .js, and .html files under the %PROGRAMFILESX86%\TSplus-RemoteWork\Clients\www folder. This may enable privilege escalation if a different local user modifies a file. NOTE: CVE-2023-31067 and CVE-2023-31068 are only about the TSplus Remot...

CVE-2000-0210

CVE-2000-0210 affects the lit program in Sun Flex License Manager (FlexLM). The vulnerability arises because lit follows symbolic links, allowing a local user to modify arbitrary files on the host. Root cause: improper handling of symlinks in the lit utility. Impact described in sources is local ...