CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

330 matches found

OSV•added 2026/05/18 9:31 p.m.•7 views

GHSA-F2M9-WCF4-CWWX MLFlow Creates a Temporary File With Insecure Permissions

In mlflow/mlflow versions prior to 3.11.0, the getorcreatenfstmpdir function in mlflow/utils/fileutils.py creates temporary directories with world-writable permissions 0o777, and the createmodeldownloadingtmpdir function in mlflow/pyfunc/init.py creates directories with group-writable permissions...

7CVSS6.3AI score0.00193EPSS

Exploits1References5

NVD•added 2026/03/16 2:17 p.m.•4 views

CVE-2016-20024

ZKTeco ZKTime.Net 3.0.1.6 contains an insecure file permissions vulnerability that allows unprivileged users to escalate privileges by modifying executable files. Attackers can exploit world-writable permissions on the ZKTimeNet3.0 directory and its contents to replace executable files with...

9.8CVSS0.00735EPSS

Exploits1References6

ATTACKERKB•added 2026/03/15 1:35 p.m.•3 views

CVE-2016-20024

5.8AI score0.00735EPSS

Exploits1References5Affected Software1

NVD•added 2026/03/13 7:53 p.m.•3 views

CVE-2025-8766

A container privilege escalation flaw was found in certain Multi-Cloud Object Gateway Core images. This issue stems from the /etc/passwd file being created with group-writable permissions during build time. In certain conditions, an attacker who can execute commands within an affected container,...

6.4CVSS0.0028EPSS

Exploits0References2

Vulnrichment•added 2026/03/13 2:48 a.m.•3 views

CVE-2025-8766 Noobaa-core: excessive permissions of /etc could lead to escalation of privilege in the noobaa-core container

6.4CVSS6AI score0.0028EPSS

Exploits0References2

OSV•added 2025/12/18 3:18 p.m.•4 views

CVE-2025-64724 Arduino IDE for macOS has Insecure File Permissions

Arduino IDE is an integrated development environment. Prior to version 2.3.7, Arduino IDE for macOS is installed with world-writable file permissions on sensitive application components, allowing any local user to replace legitimate files with malicious code. When another user launches the...

4.8CVSS6.8AI score0.00104EPSS

Exploits0References6