CVE-2026-4982

CVE-2026-4982 affects Venueless where a user with the privilege “update world” can exfiltrate chat messages from direct messages or channels in other worlds on the same server due to a bug in the reporting feature. The vulnerability arises from the reporting component allowing cross-world access ...

venueless 安全漏洞

Venueless is an open-source online activity platform developed by Venueless. There are security vulnerabilities in Venueless; these vulnerabilities stem from defects in the reporting feature, which may allow users with update world permissions to disclose chat messages from other worlds on the sa...

Code injection

Ubuntu's packaging of libvirt in 20.04 LTS created a control socket with world read and write permissions. An attacker could use this to overwrite arbitrary files or execute arbitrary code...

CVE-2020-15708

CVE-2020-15708 affects libvirt packaging in Ubuntu 20.04 LTS, where a control socket was created with world read/write permissions. This could allow an attacker to overwrite arbitrary files or execute arbitrary code locally. Ubuntu’s advisory USN-4452-1 addresses this by likely restricting the so...

CVE-2020-15708

Ubuntu's packaging of libvirt in 20.04 LTS created a control socket with world read and write permissions. An attacker could use this to overwrite arbitrary files or execute arbitrary code...

CVE-2020-15708

Ubuntu's packaging of libvirt in 20.04 LTS created a control socket with world read and write permissions. An attacker could use this to overwrite arbitrary files or execute arbitrary code...

PT-2005-2892 · Silvercity · Silvercity

Name of the Vulnerable Software and Affected Versions: SilverCity versions prior to 0.9.5-r1 Description: The issue allows local users to execute arbitrary code due to the installation of certain files with read and write world permissions. The affected files include cgi-styler-form.py,...