Total
1587 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-68462 | 2025-12-18 | N/A | 3.2 LOW | ||
|
Freedombox before 25.17.1 does not set proper permissions for the backups-data directory, allowing the reading of dump files of databases.
|
|||||
| CVE-2025-43470 | 1 Apple | 1 Macos | 2025-12-16 | N/A | 5.5 MEDIUM |
|
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Tahoe 26.1. A standard user may be able to view files made from a disk image belonging to an administrator.
|
|||||
| CVE-2025-43759 | 1 Liferay | 2 Digital Experience Platform, Liferay Portal | 2025-12-16 | N/A | 2.7 LOW |
|
Liferay Portal 7.4.0 through 7.4.3.132, and Liferay DXP 2025.Q1.0, 2024.Q4.0 through 2024.Q4.7, 2024.Q3.0 through 2024.Q3.13, 2024.Q2.0 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.14 and 7.4 GA through update 92 allows admin users of a virtual instance to add pages that are not in the default/main virtual instance, then any tenant can create a list of all other tenants.
|
|||||
| CVE-2024-45657 | 1 Ibm | 2 Security Verify Access, Security Verify Access Docker | 2025-12-15 | N/A | 5.0 MEDIUM |
|
IBM Security Verify Access Appliance and Container 10.0.0 through 10.0.8 could allow a local privileged user to perform unauthorized actions due to incorrect permissions assignment.
|
|||||
| CVE-2025-0164 | 1 Ibm | 1 Qradar Security Information And Event Manager | 2025-12-15 | N/A | 2.3 LOW |
|
IBM QRadar SIEM 7.5 through 7.5 Update Pack 13 Independent Fix 01 could allow a local privileged user to perform unauthorized actions on configuration files due to improper permission assignment.
|
|||||
| CVE-2025-43808 | 1 Liferay | 2 Digital Experience Platform, Liferay Portal | 2025-12-15 | N/A | 5.3 MEDIUM |
|
The Commerce component in Liferay Portal 7.3.0 through 7.4.3.112, and Liferay DXP 2023.Q4.0 through 2023.Q4.8, 2023.Q3.1 through 2023.Q3.10, 7.4 GA through update 92, and 7.3 service pack 3 through update 35 saves virtual products uploaded to Documents and Media with guest view permission, which allows remote attackers to access and download virtual products for free via a crafted URL.
|
|||||
| CVE-2025-62251 | 1 Liferay | 2 Digital Experience Platform, Liferay Portal | 2025-12-12 | N/A | 6.5 MEDIUM |
|
Liferay Portal 7.3.0 through 7.4.3.119, and Liferay DXP 2023.Q3.1 through 2023.Q3.8, 2023.Q4.0 through 2023.Q4.5, 7.4 GA through update 92 and 7.3 GA though update 36 shows content to users who do not have permission to view it via the Menu Display Widget. This security flaw could result in sensitive information being exposed to unauthorized users.
|
|||||
| CVE-2025-40818 | 1 Siemens | 1 Sinema Remote Connect Server | 2025-12-10 | N/A | 3.3 LOW |
|
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP4). Affected applications contain private SSL/TLS keys on the server that are not properly protected allowing any user with server access to read these keys. This could allow an authenticated attacker to impersonate the server potentially enabling man-in-the-middle, traffic decryption or unauthorized access to services that trust these certificates.
|
|||||
| CVE-2023-31238 | 1 Siemens | 2 Q200, Q200 Firmware | 2025-12-09 | N/A | 5.5 MEDIUM |
|
A vulnerability has been identified in SICAM P850 (7KG8500-0AA00-0AA0) (All versions < V3.11), SICAM P850 (7KG8500-0AA00-2AA0) (All versions < V3.11), SICAM P850 (7KG8500-0AA10-0AA0) (All versions < V3.11), SICAM P850 (7KG8500-0AA10-2AA0) (All versions < V3.11), SICAM P850 (7KG8500-0AA30-0AA0) (All versions < V3.11), SICAM P850 (7KG8500-0AA30-2AA0) (All versions < V3.11), SICAM P850 (7KG8501-0AA01-0AA0) (All versions < V3.11), SICAM P850 (7KG8501-0AA01-2AA0) (All versions < V3.11), SICAM P850 (7 ...
Show More |
|||||
| CVE-2025-20386 | 2 Microsoft, Splunk | 2 Windows, Splunk | 2025-12-05 | N/A | 8.0 HIGH |
|
In Splunk Enterprise for Windows versions below 10.0.2, 9.4.6, 9.3.8, and 9.2.10, a new installation of or an upgrade to an affected version can result in incorrect permissions assignment in the Splunk Enterprise for Windows Installation directory. This lets non-administrator users on the machine access the directory and all its contents.
|
|||||
| CVE-2025-20387 | 1 Splunk | 1 Splunk | 2025-12-05 | N/A | 8.0 HIGH |
|
In Splunk Universal Forwarder for Windows versions below 10.0.2, 9.4.6, 9.3.8, and 9.2.10, a new installation of or an upgrade to an affected version can result in incorrect permissions assignment in the Universal Forwarder for Windows Installation directory. This lets non-administrator users on the machine access the directory and all its contents.
|
|||||
| CVE-2025-34323 | 1 Nagios | 1 Log Server | 2025-11-26 | N/A | 7.8 HIGH |
|
Nagios Log Server versions prior to 2026R1.0.1 are vulnerable to local privilege escalation due to a combination of sudo misconfiguration and group-writable application directories. The 'www-data' user is a member of the 'nagios' group, which has write access to '/usr/local/nagioslogserver/scripts', while several scripts in this directory are owned by root and may be executed via sudo without a password. A local attacker running as 'www-data' can move one of these root-owned scripts to a backup ...
Show More |
|||||
| CVE-2025-59373 | 2025-11-25 | N/A | N/A | ||
|
A local privilege escalation vulnerability exists in
the restore mechanism of
ASUS System Control Interface. It can be triggered when an unprivileged actor copies files without proper validation into protected system paths, potentially leading to arbitrary files being executed as SYSTEM.
For more information, please refer to section Security Update for MyAsus in the ASUS Security Advisory.
|
|||||
| CVE-2017-5456 | 2 Mozilla, Redhat | 7 Firefox, Enterprise Linux, Enterprise Linux Desktop and 4 more | 2025-11-25 | 7.5 HIGH | 9.8 CRITICAL |
|
A mechanism to bypass file system access protections in the sandbox using the file system request constructor through an IPC message. This allows for read and write access to the local file system. This vulnerability affects Firefox ESR < 52.1 and Firefox < 53.
|
|||||
| CVE-2025-64324 | 1 Kubevirt | 1 Kubevirt | 2025-11-25 | N/A | 7.7 HIGH |
|
KubeVirt is a virtual machine management add-on for Kubernetes. The `hostDisk` feature in KubeVirt allows mounting a host file or directory owned by the user with UID 107 into a VM. However, prior to version 1.6.1 and 1.7.0, the implementation of this feature and more specifically the `DiskOrCreate` option (which creates a file if it doesn't exist) has a logic bug that allows an attacker to read and write arbitrary files owned by more privileged users on the host system. Versions 1.6.1 and 1.7.0 ...
Show More |
|||||
| CVE-2025-8108 | 1 Axis | 233 A1210 \(-b\), A1214, A1601 and 230 more | 2025-11-24 | N/A | 6.7 MEDIUM |
|
An ACAP configuration file has improper permissions and lacks input validation, which could potentially lead to privilege escalation. This vulnerability can only be exploited if the Axis device is configured to allow the installation of unsigned ACAP applications, and if an attacker convinces the victim to install a malicious ACAP application.
|
|||||
| CVE-2025-6779 | 1 Axis | 233 A1210 \(-b\), A1214, A1601 and 230 more | 2025-11-24 | N/A | 6.7 MEDIUM |
|
An ACAP configuration file has improper permissions, which could allow command injection and potentially lead to privilege escalation. This vulnerability can only be exploited if the Axis device is configured to allow the installation of unsigned ACAP applications, and if an attacker convinces the victim to install a malicious ACAP application.
|
|||||
| CVE-2025-64996 | 1 Checkmk | 1 Checkmk | 2025-11-24 | N/A | 4.4 MEDIUM |
|
In Checkmk versions prior to 2.4.0p16, 2.3.0p41, and all versions of 2.2.0 and older, the mk_inotify plugin creates world-readable and writable files, allowing any local user on the system to read the plugin's output and manipulate it, potentially leading to unauthorized access to or modification of monitoring data.
|
|||||
| CVE-2024-6360 | 2 Microfocus, Opentext | 2 Vertica, Vertica | 2025-11-19 | N/A | 9.8 CRITICAL |
|
Incorrect Permission Assignment for Critical Resource vulnerability in OpenText™ Vertica could allow Privilege Abuse and result in unauthorized access or privileges to Vertica agent apikey.
This issue affects Vertica: from 10.0 through 10.X, from 11.0 through 11.X, from 12.0 through 12.X, from 23.0 through 23.X, from 24.0 through 24.X.
|
|||||
| CVE-2024-7594 | 2 Hashicorp, Openbao | 2 Vault, Openbao | 2025-11-13 | N/A | 7.5 HIGH |
|
Vault’s SSH secrets engine did not require the valid_principals list to contain a value by default. If the valid_principals and default_user fields of the SSH secrets engine configuration are not set, an SSH certificate requested by an authorized user to Vault’s SSH secrets engine could be used to authenticate as any user on the host. Fixed in Vault Community Edition 1.17.6, and in Vault Enterprise 1.17.6, 1.16.10, and 1.15.15.
|
|||||
| CVE-2024-32014 | 2025-11-12 | N/A | 4.7 MEDIUM | ||
|
A vulnerability has been identified in Spectrum Power 4 (All versions < V4.70 SP12 Update 2). The affected application is vulnerable to alter the local database which contains the application credentials. This allows an attacker to gain administrative application privileges.
|
|||||
| CVE-2024-32010 | 2025-11-12 | N/A | 7.8 HIGH | ||
|
A vulnerability has been identified in Spectrum Power 4 (All versions < V4.70 SP12 Update 2). The affected application is vulnerable to extraction of database credentials via a world-readable credential file. This allows an attacker to connect to the database as privileged application user and to run system commands via the database.
|
|||||
| CVE-2025-34135 | 1 Nagios | 1 Nagios Xi | 2025-11-06 | N/A | 4.4 MEDIUM |
|
Nagios XI versions prior to 2024R1.4.2 configure some systemd unit files with permission sets that were too permissive. In particular, the nagios.service unit had executable permissions that were not required. Overly permissive permissions on service unit files can broaden local attack surface by enabling unintended execution behaviors or facilitating abuse of service operations when combined with other weaknesses.
|
|||||
| CVE-2025-34287 | 1 Nagios | 1 Nagios Xi | 2025-11-06 | N/A | 7.8 HIGH |
|
Nagios XI versions prior to 2024R2 contain an improperly owned script, process_perfdata.pl, which is executed periodically as the nagios user but owned by www-data. Because the file was writable by www-data, an attacker with web server privileges could modify its contents, leading to arbitrary code execution as the nagios user when the script is next run. This improper ownership and permission configuration enables local privilege escalation.
|
|||||
| CVE-2019-15752 | 3 Apache, Docker, Microsoft | 3 Geode, Docker, Windows | 2025-11-06 | 9.3 HIGH | 7.8 HIGH |
|
Docker Desktop Community Edition before 2.1.0.1 allows local users to gain privileges by placing a Trojan horse docker-credential-wincred.exe file in %PROGRAMDATA%\DockerDesktop\version-bin\ as a low-privilege user, and then waiting for an admin or service user to authenticate with Docker, restart Docker, or run 'docker login' to force the command.
|
|||||
| CVE-2024-57520 | 1 Sangoma | 1 Asterisk | 2025-11-06 | N/A | 9.8 CRITICAL |
|
Insecure Permissions vulnerability in asterisk v22 allows a remote attacker to execute arbitrary code via the action_createconfig function. NOTE: this is disputed by the Supplier because the impact is limited to creating empty files outside of the Asterisk product directory (aka directory traversal) and the attack can only be performed by a privileged user who has the ability to manage the configuration.
|
|||||
| CVE-2025-27446 | 1 Apache | 1 Apisix | 2025-11-04 | N/A | 7.8 HIGH |
|
Incorrect Permission Assignment for Critical Resource vulnerability in Apache APISIX(java-plugin-runner).
Local listening file permissions in APISIX plugin runner allow a local attacker to elevate privileges.
This issue affects Apache APISIX(java-plugin-runner): from 0.2.0 through 0.5.0.
Users are recommended to upgrade to version 0.6.0 or higher, which fixes the issue.
|
|||||
| CVE-2024-2905 | 2025-11-04 | N/A | 6.2 MEDIUM | ||
|
A security vulnerability has been discovered within rpm-ostree, pertaining to the /etc/shadow file in default builds having the world-readable bit enabled. This issue arises from the default permissions being set at a higher level than recommended, potentially exposing sensitive authentication data to unauthorized access.
|
|||||
| CVE-2023-42924 | 1 Apple | 1 Macos | 2025-11-04 | N/A | 5.5 MEDIUM |
|
A logic issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.2, macOS Ventura 13.6.3. An app may be able to access sensitive user data.
|
|||||
| CVE-2024-23223 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2025-11-04 | N/A | 6.2 MEDIUM |
|
A privacy issue was addressed with improved handling of files. This issue is fixed in macOS Sonoma 14.3, watchOS 10.3, tvOS 17.3, iOS 17.3 and iPadOS 17.3. An app may be able to access sensitive user data.
|
|||||
| CVE-2024-28955 | 2025-11-04 | N/A | 5.9 MEDIUM | ||
|
Affected devices create coredump files when crashed, storing them with world-readable permission. Any local user of the device can examine the coredump files, and research the memory contents. As for the details of affected product names, model numbers, and versions, refer to the information provided by the respective vendors listed under [References].
|
|||||
| CVE-2024-27883 | 1 Apple | 1 Macos | 2025-11-04 | N/A | 4.4 MEDIUM |
|
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sonoma 14.6, macOS Monterey 12.7.6, macOS Ventura 13.6.8. An app may be able to modify protected parts of the file system.
|
|||||
| CVE-2022-48257 | 1 Eternal Terminal Project | 1 Eternal Terminal | 2025-11-04 | N/A | 5.3 MEDIUM |
|
In Eternal Terminal 6.2.1, etserver and etclient have predictable logfile names in /tmp.
|
|||||
| CVE-2023-4332 | 1 Broadcom | 1 Raid Controller Web Interface | 2025-11-04 | N/A | 7.5 HIGH |
|
Broadcom RAID Controller web interface is vulnerable due to Improper permissions on the log file
|
|||||
| CVE-2025-4952 | 2025-11-04 | N/A | N/A | ||
|
Tampering of the registry entries might have led to preventing the ESET security products from starting correctly on the next system startup or to unauthorized changes in the product's configuration.
|
|||||
| CVE-2024-50590 | 2025-11-03 | N/A | 7.8 HIGH | ||
|
Attackers with local access to the medical office computer can
escalate their Windows user privileges to "NT AUTHORITY\SYSTEM" by
overwriting one of two Elefant service binaries with weak permissions. The default installation directory of Elefant is "C:\Elefant1" which is
writable for all users. In addition, the Elefant installer registers two
Firebird database services which are running as “NT AUTHORITY\SYSTEM”.
Path: C:\Elefant1\Firebird_2\bin\fbserver.exe
Path: C:\Elefant1\Firebird_2\b ...
Show More |
|||||
| CVE-2023-32724 | 1 Zabbix | 1 Zabbix | 2025-11-03 | N/A | 9.1 CRITICAL |
|
Memory pointer is in a property of the Ducktape object. This leads to multiple vulnerabilities related to direct memory access and manipulation.
|
|||||
| CVE-2022-23132 | 2 Fedoraproject, Zabbix | 2 Fedora, Zabbix | 2025-11-03 | 7.5 HIGH | 3.3 LOW |
|
During Zabbix installation from RPM, DAC_OVERRIDE SELinux capability is in use to access PID files in [/var/run/zabbix] folder. In this case, Zabbix Proxy or Server processes can bypass file read, write and execute permissions check on the file system level
|
|||||
| CVE-2025-21566 | 1 Oracle | 1 Mysql Server | 2025-11-03 | N/A | 6.5 MEDIUM |
|
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 9.1.0 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector ...
Show More |
|||||
| CVE-2025-21523 | 1 Oracle | 1 Mysql Server | 2025-11-03 | N/A | 4.9 MEDIUM |
|
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.40 and prior, 8.4.3 and prior and 9.1.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availa ...
Show More |
|||||