67 matches found
Anaconda3 安全漏洞
Anaconda3 is a distribution of the Python and R programming languages for scientific computing data science, machine learning applications, large-scale data processing, predictive analytics, etc. from the US-based Anaconda Inc. Dedicated to simplifying package management systems and deployment. A...
CVE-2025-34288
Nagios XI versions prior to 2026R1.1 are vulnerable to local privilege escalation due to an unsafe interaction between sudo permissions and application file permissions. A user‑accessible maintenance script may be executed as root via sudo and includes an application file that is writable by a...
CVE-2025-34288
Nagios XI versions prior to 2026R1.1 are affected by a local privilege-escalation flaw caused by an unsafe interaction between sudo permissions and application file permissions. A maintenance script, accessible to users, may run as root via sudo and includes an application file writable by a lowe...
CVE-2025-61909
Icinga 2 is an open source monitoring system. From 2.10.0 to before 2.15.1, 2.14.7, and 2.13.13, the safe-reload script also used during systemctl reload icinga2 and logrotate configuration shipped with Icinga 2 read the PID of the main Icinga 2 process from a PID file writable by the daemon user...
EUVD-2000-0492
Malware in sbrugna...
EUVD-2013-6249
Malware in sbrugna...
EUVD-2018-12039
Malware in sbrugna...
EUVD-2001-0040
Malware in sbrugna...
EUVD-1999-0120
Malware in sbrugna...
EUVD-2001-1152
Malware in sbrugna...
EUVD-2018-13311
Malware in sbrugna...
EUVD-2021-29988
Malicious code in bioql PyPI...
SUSE-SU-2025:03022-1 Security update for git
This update for git fixes the following issues: - CVE-2025-27613: Fixed arbitrary writable file creation and truncation in Gitk bsc1245938 - CVE-2025-46835: Fixed arbitrary writable file creation when cloning untrusted repository in Git GUI bsc1245942 - CVE-2025-48384: Fixed arbitrary writable fi...
GHSA-856V-8QM2-9WJV operator-sdk: privilege escalation due to incorrect permissions of /etc/passwd
Early versions of Operator-SDK provided an insecure method to allow operator containers to run in environments that used a random UID. Operator-SDK before 0.15.2 provided a script, usersetup, which modifies the permissions of the /etc/passwd file to 664 during build time. Developers who used...
DEBIAN-CVE-2022-50217
In the Linux kernel, the following vulnerability has been resolved: fuse: write inode in fuserelease A race between write2 and close2 allows pages to be dirtied after fuseflush - writeinodenow. If these pages are not flushed from fuserelease, then there might not be a writable open file later. So...
CVE-1999-0120
Sun/Solaris utmp file allows local users to gain root access if it is writable by users other than root...
CVE-2024-3220 Default mimetype known files writeable on Windows
There is a defect in the CPython standard library module “mimetypes” where on Windows the default list of known file locations are writable meaning other users can create invalid files to cause MemoryError to be raised on Python runtime startup or have file extensions be interpreted as the...
CVE-2024-3913
An unauthenticated remote attacker can use this vulnerability to change the device configuration due to a file writeable for short time after system startup...
PT-2024-28357 · Phoenix Contact · Charx Sec-3100
Name of the Vulnerable Software and Affected Versions: Phoenix Contact CHARX SEC-3100 affected versions not specified Description: An unauthenticated remote attacker can use this issue to change the device configuration due to a file being writeable for a short time after system startup...
CVE-2024-36078
In Zammad before 6.3.1, a Ruby gem bundled by Zammad is installed with world-writable file permissions. This allowed a local attacker on the server to modify the gem's files, injecting arbitrary code into Zammad processes which run with the environment and permissions of the Zammad user...