Search Results (1766 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2016-4982 1 Teether 1 Authd 2025-04-20 N/A
authd sets weak permissions for /etc/ident.key, which allows local users to obtain the key by leveraging a race condition between the creation of the key, and the chmod to protect it.
CVE-2017-1000022 1 Logicaldoc 1 Logicaldoc 2025-04-20 N/A
LogicalDoc Community Edition 7.5.3 and prior contain an Incorrect access control which could leave to privilege escalation.
CVE-2017-0884 1 Nextcloud 1 Nextcloud Server 2025-04-20 4.3 Medium
Nextcloud Server before 9.0.55 and 10.0.2 suffers from a creation of folders in read-only folders despite lacking permissions issue. Due to a logical error in the file caching layer an authenticated adversary is able to create empty folders inside a shared folder. Note that this only affects folders and files that the adversary has at least read-only permissions for.
CVE-2017-9479 1 Cisco 2 Dpc3939, Dpc3939 Firmware 2025-04-20 N/A
The Comcast firmware on Cisco DPC3939 (firmware version dpc3939-P20-18-v303r20421746-170221a-CMCST) devices allows remote attackers to execute arbitrary commands as root by leveraging local network access and connecting to the syseventd server, as demonstrated by copying configuration data into a readable filesystem.
CVE-2017-0784 1 Google 1 Android 2025-04-20 N/A
A elevation of privilege vulnerability in the Android system (nfc). Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37287958.
CVE-2017-1000125 1 Codiad 1 Codiad 2025-04-20 N/A
Codiad(full version) is vulnerable to write anything to configure file in the installation resulting upload a webshell.
CVE-2017-7560 1 Redhat 1 Rhnsd 2025-04-20 N/A
It was found that rhnsd PID files are created as world-writable that allows local attackers to fill the disks or to kill selected processes.
CVE-2017-7307 1 Riverbed 1 Rios 2025-04-20 N/A
Riverbed RiOS before 9.0.1 does not properly restrict shell access in single-user mode, which makes it easier for physically proximate attackers to obtain root privileges and access decrypted data by replacing the /opt/tms/bin/cli file.
CVE-2017-9079 2 Debian, Dropbear Ssh Project 2 Debian Linux, Dropbear Ssh 2025-04-20 N/A
Dropbear before 2017.75 might allow local users to read certain files as root, if the file has the authorized_keys file format with a command= option. This occurs because ~/.ssh/authorized_keys is read with root privileges and symlinks are followed.
CVE-2017-6104 1 Zen Mobile App Native Project 1 Zen Mobile App Native 2025-04-20 N/A
Remote file upload vulnerability in Wordpress Plugin Mobile App Native 3.0.
CVE-2017-15611 1 Octopus 1 Octopus Deploy 2025-04-20 N/A
In Octopus before 3.17.7, an authenticated user who was explicitly granted the permission to invite new users (aka UserInvite) can invite users to teams with escalated privileges.
CVE-2017-17568 1 Scubez 1 Posty Readymade Classifieds 2025-04-20 N/A
Scubez Posty Readymade Classifieds has Incorrect Access Control for visiting admin/user_activate_submit.php (aka the backend PHP script), which might allow remote attackers to obtain sensitive information via a direct request.
CVE-2017-16882 1 Icinga 1 Icinga 2025-04-20 N/A
Icinga Core through 1.14.0 initially executes bin/icinga as root but supports configuration options in which this file is owned by a non-root account (and similarly can have etc/icinga.cfg owned by a non-root account), which allows local users to gain privileges by leveraging access to this non-root account, a related issue to CVE-2017-14312. This also affects bin/icingastats, bin/ido2db, and bin/log2ido.
CVE-2016-3107 2 Pulpproject, Redhat 3 Pulp, Satellite, Satellite Capsule 2025-04-20 N/A
The Node certificate in Pulp before 2.8.3 contains the private key, and is stored in a world-readable file in the "/etc/pki/pulp/nodes/" directory, which allows local users to gain access to sensitive data.
CVE-2017-9615 1 Cognito 1 Moneyworks 2025-04-20 N/A
Password exposure in Cognito Software Moneyworks 8.0.3 and earlier allows attackers to gain administrator access to all data, because verbose logging writes the administrator password to a world-readable file.
CVE-2016-4984 2 Openldap, Redhat 2 Openldap-servers, Enterprise Linux 2025-04-20 N/A
/usr/libexec/openldap/generate-server-cert.sh in openldap-servers sets weak permissions for the TLS certificate, which allows local users to obtain the TLS certificate by leveraging a race condition between the creation of the certificate, and the chmod to protect it.
CVE-2017-6950 1 Sap 1 Gui For Windows 2025-04-20 N/A
SAP GUI 7.2 through 7.5 allows remote attackers to bypass intended security policy restrictions and execute arbitrary code via a crafted ABAP code, aka SAP Security Note 2407616.
CVE-2016-3112 2 Pulpproject, Redhat 3 Pulp, Satellite, Satellite Capsule 2025-04-20 N/A
client/consumer/cli.py in Pulp before 2.8.3 writes consumer private keys to etc/pki/pulp/consumer/consumer-cert.pem as world-readable, which allows remote authenticated users to obtain the consumer private keys and escalate privileges by reading /etc/pki/pulp/consumer/consumer-cert, and authenticating as a consumer user.
CVE-2017-9780 2 Debian, Flatpak 2 Debian Linux, Flatpak 2025-04-20 N/A
In Flatpak before 0.8.7, a third-party app repository could include malicious apps that contain files with inappropriate permissions, for example setuid or world-writable. The files are deployed with those permissions, which would let a local attacker run the setuid executable or write to the world-writable location. In the case of the "system helper" component, files deployed as part of the app are owned by root, so in the worst case they could be setuid root.
CVE-2017-7850 1 Tenable 1 Nessus 2025-04-20 N/A
Nessus 6.10.x before 6.10.5 was found to be vulnerable to a local privilege escalation issue due to insecure permissions when running in Agent Mode.