Lucene search
+L

67 matches found

cnnvd
cnnvd
added 2025/12/17 12:0 a.m.4 views

Anaconda3 安全漏洞

Anaconda3 is a distribution of the Python and R programming languages for scientific computing data science, machine learning applications, large-scale data processing, predictive analytics, etc. from the US-based Anaconda Inc. Dedicated to simplifying package management systems and deployment. A...

7.8CVSS6.5AI score0.00172EPSS
Exploits1References3
nvd
nvd
added 2025/12/16 11:15 p.m.4 views

CVE-2025-34288

Nagios XI versions prior to 2026R1.1 are vulnerable to local privilege escalation due to an unsafe interaction between sudo permissions and application file permissions. A user‑accessible maintenance script may be executed as root via sudo and includes an application file that is writable by a...

8.6CVSS0.01794EPSS
Exploits0References2
cve
cve
added 2025/12/16 10:17 p.m.17 views

CVE-2025-34288

Nagios XI versions prior to 2026R1.1 are affected by a local privilege-escalation flaw caused by an unsafe interaction between sudo permissions and application file permissions. A maintenance script, accessible to users, may run as root via sudo and includes an application file writable by a lowe...

8.6CVSS7.3AI score0.01794EPSS
Exploits0References2Affected Software1
nvd
nvd
added 2025/10/16 6:15 p.m.7 views

CVE-2025-61909

Icinga 2 is an open source monitoring system. From 2.10.0 to before 2.15.1, 2.14.7, and 2.13.13, the safe-reload script also used during systemctl reload icinga2 and logrotate configuration shipped with Icinga 2 read the PID of the main Icinga 2 process from a PID file writable by the daemon user...

4.4CVSS0.002EPSS
Exploits0References4
euvd
euvd
added 2025/10/07 12:30 a.m.7 views

EUVD-2000-0492

Malware in sbrugna...

7.2CVSS6.4AI score0.00941EPSS
Exploits1References4
euvd
euvd
added 2025/10/07 12:30 a.m.5 views

EUVD-2013-6249

Malware in sbrugna...

7.2CVSS6.1AI score0.00498EPSS
Exploits1References7
euvd
euvd
added 2025/10/07 12:30 a.m.5 views

EUVD-2018-12039

Malware in sbrugna...

8.4CVSS8.2AI score0.00565EPSS
Exploits1References5
euvd
euvd
added 2025/10/07 12:30 a.m.6 views

EUVD-2001-0040

Malware in sbrugna...

2.1CVSS6.3AI score0.00858EPSS
Exploits1References5
euvd
euvd
added 2025/10/07 12:30 a.m.6 views

EUVD-1999-0120

Malware in sbrugna...

7.2CVSS6.4AI score0.00408EPSS
Exploits0References2
euvd
euvd
added 2025/10/07 12:30 a.m.10 views

EUVD-2001-1152

Malware in sbrugna...

7.2CVSS6.4AI score0.00345EPSS
Exploits0References2
euvd
euvd
added 2025/10/07 12:30 a.m.10 views

EUVD-2018-13311

Malware in sbrugna...

9.8CVSS9.5AI score0.01235EPSS
Exploits0References2
euvd
euvd
added 2025/10/03 8:7 p.m.5 views

EUVD-2021-29988

Malicious code in bioql PyPI...

7.8CVSS7.7AI score0.00438EPSS
Exploits1References3
osv
osv
added 2025/08/29 11:51 a.m.1 views

SUSE-SU-2025:03022-1 Security update for git

This update for git fixes the following issues: - CVE-2025-27613: Fixed arbitrary writable file creation and truncation in Gitk bsc1245938 - CVE-2025-46835: Fixed arbitrary writable file creation when cloning untrusted repository in Git GUI bsc1245942 - CVE-2025-48384: Fixed arbitrary writable fi...

8.5CVSS7.1AI score0.02775EPSS
Exploits9References7
osv
osv
added 2025/08/07 9:31 p.m.7 views

GHSA-856V-8QM2-9WJV operator-sdk: privilege escalation due to incorrect permissions of /etc/passwd

Early versions of Operator-SDK provided an insecure method to allow operator containers to run in environments that used a random UID. Operator-SDK before 0.15.2 provided a script, usersetup, which modifies the permissions of the /etc/passwd file to 664 during build time. Developers who used...

5.2CVSS6.5AI score0.0022EPSS
Exploits0References29
osv
osv
added 2025/06/18 11:15 a.m.3 views

DEBIAN-CVE-2022-50217

In the Linux kernel, the following vulnerability has been resolved: fuse: write inode in fuserelease A race between write2 and close2 allows pages to be dirtied after fuseflush - writeinodenow. If these pages are not flushed from fuserelease, then there might not be a writable open file later. So...

5.5CVSS5.4AI score0.00186EPSS
Exploits0References1
redhatcve
redhatcve
added 2025/05/21 6:6 p.m.10 views

CVE-1999-0120

Sun/Solaris utmp file allows local users to gain root access if it is writable by users other than root...

7.2CVSS6.9AI score0.00408EPSS
Exploits0References1
cvelist
cvelist
added 2025/02/14 4:18 p.m.32 views

CVE-2024-3220 Default mimetype known files writeable on Windows

There is a defect in the CPython standard library module “mimetypes” where on Windows the default list of known file locations are writable meaning other users can create invalid files to cause MemoryError to be raised on Python runtime startup or have file extensions be interpreted as the...

2.3CVSS0.00498EPSS
Exploits0References1
osv
osv
added 2024/08/13 1:15 p.m.3 views

CVE-2024-3913

An unauthenticated remote attacker can use this vulnerability to change the device configuration due to a file writeable for short time after system startup...

5.9CVSS5.8AI score0.00507EPSS
Exploits0References1
ptsecurity
ptsecurity
added 2024/08/13 12:0 a.m.6 views

PT-2024-28357 · Phoenix Contact · Charx Sec-3100

Name of the Vulnerable Software and Affected Versions: Phoenix Contact CHARX SEC-3100 affected versions not specified Description: An unauthenticated remote attacker can use this issue to change the device configuration due to a file being writeable for a short time after system startup...

5.9CVSS7.2AI score0.00507EPSS
Exploits0References10
nvd
nvd
added 2024/05/19 8:15 p.m.20 views

CVE-2024-36078

In Zammad before 6.3.1, a Ruby gem bundled by Zammad is installed with world-writable file permissions. This allowed a local attacker on the server to modify the gem's files, injecting arbitrary code into Zammad processes which run with the environment and permissions of the Zammad user...

6.7CVSS6.7AI score0.00202EPSS
Exploits0References1
Rows per page
Query Builder