CVE-2022-31072

Octokit is a Ruby toolkit for the GitHub API. Versions 4.23.0 and 4.24.0 of the octokit gem were published containing world-writeable files. Specifically, the gem was packed with files having their permissions set to -rw-rw-rw- i.e. 0666 instead of rw-r--r-- i.e. 0644. This means everyone who is...

EUVD-2000-0710

Malware in sbrugna...

EUVD-2001-1237

Malware in sbrugna...

EUVD-2013-4249

Malware in sbrugna...

EUVD-2022-5885

Malicious code in bioql PyPI...

EUVD-2022-6044

Malicious code in bioql PyPI...

SUSE CVE-2025-27613

Gitk is a Tcl/Tk based Git history browser. Starting with 1.7.0, when a user clones an untrusted repository and runs gitk without additional command arguments, files for which the user has write permission can be created and truncated. The option Support per-file encoding must have been enabled...

CVE-2022-31072

Octokit is a Ruby toolkit for the GitHub API. Versions 4.23.0 and 4.24.0 of the octokit gem were published containing world-writeable files. Specifically, the gem was packed with files having their permissions set to -rw-rw-rw- i.e. 0666 instead of rw-r--r-- i.e. 0644. This means everyone who is...

CVE-2022-31071

Octopoller is a micro gem for polling and retrying. Version 0.2.0 of the octopoller gem was published containing world-writeable files. Specifically, the gem was packed with files having their permissions set to -rw-rw-rw- i.e. 0666 instead of rw-r--r-- i.e. 0644. This means everyone who is not t...

CVE-2022-31071 Octopoller gem published with world-writable files

Octopoller is a micro gem for polling and retrying. Version 0.2.0 of the octopoller gem was published containing world-writeable files. Specifically, the gem was packed with files having their permissions set to -rw-rw-rw- i.e. 0666 instead of rw-r--r-- i.e. 0644. This means everyone who is not t...

CVE-2022-31072

The CVE affects the Ruby Octokit gem; versions 4.23.0 and 4.24.0 ship world-writable files (permissions 0666) instead of 0644, enabling modification by non-owners in affected environments. The root cause is improper packaging of files during these releases. A fix is available in Octokit 4.25.0. W...

CVE-2022-31072 Octokit gem published with world-writable files

Octokit is a Ruby toolkit for the GitHub API. Versions 4.23.0 and 4.24.0 of the octokit gem were published containing world-writeable files. Specifically, the gem was packed with files having their permissions set to -rw-rw-rw- i.e. 0666 instead of rw-r--r-- i.e. 0644. This means everyone who is...

CVE-2019-19522

OpenBSD 6.6, in a non-default configuration where S/Key or YubiKey authentication is enabled, allows local users to become root by leveraging membership in the auth group. This occurs because root's file can be written to /etc/skey or /var/db/yubikey, and need not be owned by root...

Code injection

ovirt-engine 3.2 running on Linux kernel 3.1 and newer creates certain files world-writeable due to an upstream kernel change which impacted how python's os.chmod works when passed a mode of '-1'...

CVE-2013-4367

CVE-2013-4367 affects ovirt-engine 3.2 running on Linux kernel 3.1 and newer, where upstream kernel behavior change with os.chmod(-1) causes certain files to become world-writable. This is a local attacker issue with potential exposure of sensitive data, as reflected by CVSS metrics (NVD CVSSv3.1...

0xsp Mongoose v1.7 - Linux/Windows Privilege Escalation intelligent Enumeration Toolkit

Using 0xsp mongoose you will be able to scan targeted operating system for any possible way for privilege escalation attacks, starting from collecting information stage until reporting information through 0xsp Web Application API. user will be able to scan different Linux / windows Operation...

0xsp-Mongoose - Privilege Escalation Enumeration Toolkit (ELF 64/32), Fast, Intelligent Enumeration With Web API Integration

Using 0xsp mongoose you will be able to scan a targeted operating system for any possible way for privilege escalation attacks, starting from collecting information stage until reporting information through 0xsp Web Application API. user will be able to scan different Linux os system at the same...

World-writeable files may be created in additional shares on a

Description Administrators of the Samba 4.0 Active Directory Domain Controller might unexpectedly find files created world-writeable if additional CIFS file shares are created on the AD DC. By default the AD DC is not vulnerable to this issue, as a specific inheritable ACL is set on the files in...

Nmap NSE net: ftp-anon

Checks if an FTP server allows anonymous logins. If anonymous is allowed, gets a directory listing of the root directory and highlights writeable files. SYNTAX: ftp-anon.maxlist: The maximum number of files to return in the directory listing. By default it is 20, or unlimited if verbosity is...

ftp-anon NSE Script

Checks if an FTP server allows anonymous logins. If anonymous is allowed, gets a directory listing of the root directory and highlights writeable files. See also: ftp-brute.nse Script Arguments ftp-anon.maxlist The maximum number of files to return in the directory listing. By default it is 20, o...