Lucene search
K

2838 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 6:2 a.m.3 views

SUSE CVE-2009-3557

The tempnam function in ext/standard/file.c in PHP before 5.2.12 and 5.3.x before 5.3.1 allows context-dependent attackers to bypass safemode restrictions, and create files in group-writable or world-writable directories, via the dir and prefix arguments...

5CVSS7.1AI score0.02096EPSS
Exploits2References4
SUSE CVE
SUSE CVE
added 2023/02/15 6:1 a.m.4 views

SUSE CVE-2009-3889

The dbglvl file for the megaraidsas driver in the Linux kernel before 2.6.27 has world-writable permissions, which allows local users to change the 1 behavior and 2 logging level of the driver by modifying this file...

6.6CVSS6.3AI score0.00531EPSS
Exploits2References7
SUSE CVE
SUSE CVE
added 2023/02/15 6:1 a.m.2 views

SUSE CVE-2009-3939

The pollmodeio file for the megaraidsas driver in the Linux kernel 2.6.31.6 and earlier has world-writable permissions, which allows local users to change the I/O mode of the driver by modifying this file...

7.1CVSS6.2AI score0.00444EPSS
Exploits1References11
SUSE CVE
SUSE CVE
added 2023/02/15 6:0 a.m.5 views

SUSE CVE-2010-0926

The default configuration of smbd in Samba before 3.3.11, 3.4.x before 3.4.6, and 3.5.x before 3.5.0rc3, when a writable share exists, allows remote authenticated users to leverage a directory traversal vulnerability, and access arbitrary files, by using the symlink command in smbclient to create...

3.5CVSS7.1AI score0.3053EPSS
Exploits6References8
SUSE CVE
SUSE CVE
added 2023/02/15 5:59 a.m.3 views

SUSE CVE-2010-2023

transports/appendfile.c in Exim before 4.72, when a world-writable sticky-bit mail directory is used, does not verify the stnlink field of mailbox files, which allows local users to cause a denial of service or possibly gain privileges by creating a hard link to another user's file...

4.4CVSS7AI score0.0028EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/02/15 5:54 a.m.4 views

SUSE CVE-2011-0988

pure-ftpd 1.0.22, as used in SUSE Linux Enterprise Server 10 SP3 and SP4, and Enterprise Desktop 10 SP3 and SP4, when running OES Netware extensions, creates a world-writeable directory, which allows local users to overwrite arbitrary files and gain privileges via unspecified vectors...

4.4CVSS7.1AI score0.00344EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/02/15 5:53 a.m.2 views

SUSE CVE-2011-1784

The pidfilewrite function in core/pidfile.c in keepalived 1.2.2 and earlier uses 0666 permissions for the 1 keepalived.pid, 2 checkers.pid, and 3 vrrp.pid files in /var/run/, which allows local users to kill arbitrary processes by writing a PID to one of these files...

3.6CVSS6.4AI score0.00367EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/02/15 5:45 a.m.3 views

SUSE CVE-2012-3386

The "make distcheck" rule in GNU Automake before 1.11.6 and 1.12.x before 1.12.2 grants world-writable permissions to the extraction directory, which introduces a race condition that allows local users to execute arbitrary code via unspecified vectors...

4.4CVSS7.5AI score0.00474EPSS
Exploits1References6
SUSE CVE
SUSE CVE
added 2023/02/15 5:45 a.m.1 views

SUSE CVE-2012-3449

Open vSwitch 1.4.2 uses world writable permissions for 1 /var/lib/openvswitch/pki/controllerca/incoming/ and 2 /var/lib/openvswitch/pki/switchca/incoming/, which allows local users to delete and overwrite arbitrary files...

3.6CVSS6.8AI score0.00348EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 5:45 a.m.4 views

SUSE CVE-2012-3512

Munin before 2.0.6 stores plugin state files that run as root in the same group-writable directory as non-root plugins, which allows local users to execute arbitrary code by replacing a state file, as demonstrated using the smart plugin...

7.2CVSS7.5AI score0.0059EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2023/02/15 5:44 a.m.3 views

SUSE CVE-2012-4454

openCryptoki before 2.4.1, when using spinlocks, allows local users to create or set world-writable permissions on arbitrary files via a symlink attack on the 1 .pkapixpk or 2 .pkcs11spinloc file in /tmp...

2.9CVSS6.7AI score0.01029EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/02/15 5:44 a.m.3 views

SUSE CVE-2012-4455

openCryptoki 2.4.1 allows local users to create or set world-writable permissions on arbitrary files via a symlink attack on the 1 LCK..opencryptoki or 2 LCK..opencryptokistdll file in /var/lock/...

6.2CVSS6.7AI score0.00359EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/02/15 5:43 a.m.7 views

SUSE CVE-2012-5638

The setuplogging function in log.h in SANLock uses world-writable permissions for /var/log/sanlock.log, which allows local users to overwrite the file content or bypass intended disk-quota restrictions via standard filesystem write operations...

3.6CVSS8.7AI score0.00335EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 5:41 a.m.2 views

SUSE CVE-2013-0798

Mozilla Firefox before 20.0 on Android uses world-writable and world-readable permissions for the apptmp installation directory in the local filesystem, which allows attackers to modify add-ons before installation via an application that leverages the time window during which apptmp is used...

4.3CVSS6.5AI score0.00994EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2023/02/15 5:40 a.m.1 views

SUSE CVE-2013-1731

Untrusted search path vulnerability in the GL tracing functionality in Mozilla Firefox before 24.0 on Android allows attackers to execute arbitrary code via a Trojan horse .so file in a world-writable directory...

6.8CVSS7.6AI score0.01823EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 5:39 a.m.3 views

SUSE CVE-2013-1863

Samba 4.x before 4.0.4, when configured as an Active Directory domain controller, uses world-writable permissions on non-default CIFS shares, which allows remote authenticated users to read, modify, create, or delete arbitrary files via standard filesystem operations...

6CVSS7AI score0.02155EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 5:35 a.m.3 views

SUSE CVE-2013-4451

gitolite commit fa06a34 through 3.5.3 might allow attackers to have unspecified impact via vectors involving world-writable permissions when creating 1 /.gitolite.rc, 2 /.gitolite, or 3 /repositories/gitolite-admin.git on fresh installs...

9.8CVSS9.8AI score0.03079EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2023/02/15 5:34 a.m.3 views

SUSE CVE-2013-6412

The transformsave function in transform.c in Augeas 1.0.0 through 1.1.0 does not properly calculate the permission values when the umask contains a "7," which causes world-writable permissions to be used for new files and allows local users to modify the files via unspecified vectors...

4.6CVSS6.5AI score0.00368EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2023/02/15 5:33 a.m.2 views

SUSE CVE-2013-7048

OpenStack Compute Nova Grizzly 2013.1.4, Havana 2013.2.1, and earlier uses world-writable and world-readable permissions for the temporary directory used to store live snapshots, which allows local users to read and modify live snapshots...

3.3CVSS6.2AI score0.00475EPSS
Exploits2References3
SUSE CVE
SUSE CVE
added 2023/02/15 5:33 a.m.3 views

SUSE CVE-2013-7171

Slackware 14.0 and 14.1, and Slackware LLVM 3.0-i486-2 and 3.3-i486-2, contain world-writable permissions on the /tmp directory which could allow remote attackers to execute arbitrary code with root privileges...

10CVSS8.1AI score0.06344EPSS
Exploits0References3
Rows per page
Query Builder