Lucene search
K

1418 matches found

Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.4 views

MiracleLinux 9 : dotnet7.0-7.0.100-0.5.rc2.el9.ML.1 (AXSA:2023-5051:06)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-5051:06 advisory. dotnet: Nuget cache poisoning on Linux via world-writable cache directory CVE-2022-41032 Tenable has extracted the preceding description block directly from...

7.8CVSS7.5AI score0.01057EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/01/19 12:0 a.m.4 views

MiracleLinux 4 : RDMA stack (AXSA:2013-371:01)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2013-371:01 advisory. - ibacm before 1.0.6 does not properly manage reference counts for multicast connections, which allows remote attackers to cause a denial of service...

5CVSS5.6AI score0.02821EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.2 views

MiracleLinux 4 : automake-1.11.1-4.AXS4 (AXSA:2013-199:01)

The remote MiracleLinux 4 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2013-199:01 advisory. Automake is a tool for automatically generating Makefile.in' files compliant with the GNU Coding Standards. You should install Automake if you are developing...

4.4CVSS8.3AI score0.00474EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2026/01/16 12:0 a.m.2 views

MiracleLinux 3 : automake-1.9.6-3.AXS3 (AXSA:2014-541:01)

The remote MiracleLinux 3 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2014-541:01 advisory. Description : Automake is a tool for automatically generating Makefile.in' files compliant with the GNU Coding Standards. You should install Automake if you a...

4.4CVSS8.3AI score0.00474EPSS
Exploits1References2
Cvelist
Cvelist
added 2026/01/15 8:14 p.m.41 views

CVE-2025-59961 Junos OS and Junos OS Evolved: Unix socket used to control the jdhcpd process is world-writable

An Incorrect Permission Assignment for Critical Resource vulnerability in the Juniper DHCP daemon jdhcpd of Juniper Networks Junos OS and Junos OS Evolved allows a local, low-privileged user to write to the Unix socket used to manage the jdhcpd process, resulting in complete control over the...

6.8CVSS0.00117EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/01/15 8:14 p.m.4 views

CVE-2025-59961 Junos OS and Junos OS Evolved: Unix socket used to control the jdhcpd process is world-writable

An Incorrect Permission Assignment for Critical Resource vulnerability in the Juniper DHCP daemon jdhcpd of Juniper Networks Junos OS and Junos OS Evolved allows a local, low-privileged user to write to the Unix socket used to manage the jdhcpd process, resulting in complete control over the...

6.8CVSS6.5AI score0.00117EPSS
Exploits0References2
CVE
CVE
added 2026/01/15 8:14 p.m.14 views

CVE-2025-59961

CVE-2025-59961 describes an Incorrect Permission Assignment vulnerability in Juniper’s DHCP daemon (jdhcpd) used by Junos OS and Junos OS Evolved. A local, low-privilege user can write to the Unix socket that manages jdhcpd, enabling administrative control over the DHCP service. Affected products...

6.8CVSS6.5AI score0.00117EPSS
Exploits0References2Affected Software2
Tenable Nessus
Tenable Nessus
added 2026/01/14 12:0 a.m.5 views

MiracleLinux 3 : device-mapper-multipath-0.4.7-23.2.1AXS3 (AXSA:2009-47:01)

The remote MiracleLinux 3 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2009-47:01 advisory. device-mapper-multipath provides tools to manage multipath devices by instructing the device-mapper multipath kernel module what to do. Fixed bugs: CVE-2009-01...

7.8CVSS7.5AI score0.00494EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2026/01/09 12:11 p.m.10 views

CVE-2018-18654

Crossroads 2.81 does not properly handle the /tmp directory during a build of xr. A local attacker can first create a world-writable subdirectory in a certain location under the /tmp directory, wait until a user process copies xr there, and then replace the entire contents of this subdirectory to...

7.8CVSS6.5AI score0.00306EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:58 a.m.6 views

CVE-2025-67091

An issue in GL Inet GL.Inet AX1800 Version 4.6.4 & 4.6.8 are vulnerable. GL.Inet AX1800 Version 4.6.4 & 4.6.8 in the GL.iNet custom opkg wrapper script located at /usr/libexec/opkg-call. The script is executed with root privileges when triggered via the LuCI web interface or authenticated API cal...

6.5CVSS7.1AI score0.02981EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:57 a.m.4 views

CVE-2022-38170

In Apache Airflow prior to 2.3.4, an insecure umask was configured for numerous Airflow components when running with the --daemon flag which could result in a race condition giving world-writable files in the Airflow home directory and allowing local users to expose arbitrary file contents via th...

4.7CVSS6.6AI score0.00593EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:44 a.m.7 views

CVE-2022-26526

Anaconda Anaconda3 Anaconda Distribution through 2021.11.0.0 and Miniconda3 through 4.11.0.0 can create a world-writable directory under %PROGRAMDATA% and place that directory into the system PATH environment variable. Thus, for example, local users can gain privileges by placing a Trojan horse...

7.8CVSS6.9AI score0.00338EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:18 a.m.5 views

CVE-2019-18192

GNU Guix 1.0.1 allows local users to gain access to an arbitrary user's account because the parent directory of the user-profile directories is world writable, a similar issue to CVE-2019-17365...

7.8CVSS6.9AI score0.00433EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:17 a.m.6 views

CVE-2019-18409

The rubyparser-legacy aka legacy gem 1.0.0 for Ruby allows local privilege escalation because of world-writable files. For example, if the brakeman gem which has a legacy dependency 4.5.0 through 4.7.0 is used, a local user can insert malicious code into the...

7.8CVSS7.2AI score0.00332EPSS
Exploits1References1
NVD
NVD
added 2026/01/08 4:15 p.m.9 views

CVE-2025-67091

An issue in GL Inet GL.Inet AX1800 Version 4.6.4 & 4.6.8 are vulnerable. GL.Inet AX1800 Version 4.6.4 & 4.6.8 in the GL.iNet custom opkg wrapper script located at /usr/libexec/opkg-call. The script is executed with root privileges when triggered via the LuCI web interface or authenticated API cal...

6.5CVSS0.02981EPSS
Exploits1References3
OSV
OSV
added 2026/01/08 4:15 p.m.6 views

CVE-2025-67091

An issue in GL Inet GL.Inet AX1800 Version 4.6.4 & 4.6.8 are vulnerable. GL.Inet AX1800 Version 4.6.4 & 4.6.8 in the GL.iNet custom opkg wrapper script located at /usr/libexec/opkg-call. The script is executed with root privileges when triggered via the LuCI web interface or authenticated API cal...

6.5CVSS5.9AI score0.02981EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2026/01/08 12:0 a.m.3 views

CVE-2025-67091

An issue in GL Inet GL.Inet AX1800 Version 4.6.4 & 4.6.8 are vulnerable. GL.Inet AX1800 Version 4.6.4 & 4.6.8 in the GL.iNet custom opkg wrapper script located at /usr/libexec/opkg-call. The script is executed with root privileges when triggered via the LuCI web interface or authenticated API cal...

6.7AI score0.02981EPSS
Exploits1References3
Cvelist
Cvelist
added 2026/01/08 12:0 a.m.30 views

CVE-2025-67091

An issue in GL Inet GL.Inet AX1800 Version 4.6.4 & 4.6.8 are vulnerable. GL.Inet AX1800 Version 4.6.4 & 4.6.8 in the GL.iNet custom opkg wrapper script located at /usr/libexec/opkg-call. The script is executed with root privileges when triggered via the LuCI web interface or authenticated API cal...

0.02981EPSS
Exploits1References3
CVE
CVE
added 2026/01/08 12:0 a.m.9 views

CVE-2025-67091

CVE-2025-67091 affects GL.iNet AX1800 firmware versions 4.6.4 and 4.6.8 . The issue lies in the GL.iNet custom opkg wrapper script at /usr/libexec/opkg-call , which runs with root privileges when triggered via the LuCI web interface or authenticated API calls to manage packages. Vulnerable code u...

6.5CVSS6.7AI score0.02981EPSS
Exploits1References3Affected Software1
RedhatCVE
RedhatCVE
added 2026/01/07 9:10 a.m.13 views

CVE-2019-16784

In PyInstaller before version 3.6, only on Windows, a local privilege escalation vulnerability is present in this particular case: If a software using PyInstaller in "onefile" mode is launched by a privileged user at least more than the current one which have his "TempPath" resolving to a world...

7.8CVSS6.8AI score0.00689EPSS
Exploits1References1
Rows per page
Query Builder