Multiple i-フィルター products are configured with improper file access permission settings. Files may be created or overwritten in the system directory or backup directory by a non-administrative user.
Multiple i-フィルター products contain an issue with incorrect default permissions. If this vulnerability is exploited, a local authenticated attacker may replace a service executable on the system where t
Multiple NAS management applications provided by I-O DATA DEVICE, INC. register Windows services with unquoted file paths. A user with the write permission on the root directory of the system drive ma
The affected product creates a directory with insecure default permissions during administrative installation. This allows a low-privileged local attacker to modify a temporary file defining the compo
Incorrect default permissions issue exists in Optical Disc Archive Software for Windows 5.5.3 and earlier. If this vulnerability is exploited, arbitrary code may be executed with SYSTEM privileges.
Incorrect default permissions issue exists in Security Point (Windows) of MaLion prior to Ver.5.3.4. If this vulnerability is exploited, an arbitrary file could be placed in the specific folder by a u
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. A malicious app with root privileges may be able t
BenimPOS Masaustu 3.0.x is affected by insecure file permissions. The application installation directory grants Everyone and BUILTIN\Users groups FILE_ALL_ACCESS, allowing local users to replace or mo
The mkdir utility in uutils coreutils incorrectly applies permissions when using the -m flag by creating a directory with umask-derived permissions (typically 0755) before subsequently changing them t
There is a configuration defect vulnerability in the version server of ZTE MF258K Pro products. Due to improper directory permission settings, an attacker can execute write permissions in a specific d
A file overwrite vulnerability exists in gaizhenbiao/chuanhuchatgpt versions <= 20240410. This vulnerability allows an attacker to gain unauthorized access to overwrite critical configuration files wi
A security issue has been identified in ibaPDA that could allow unauthorized actions on the file system under certain conditions. This may impact the confidentiality, integrity, or availability of the
An issue was discovered in cPanel 110 through 132. A directory traversal vulnerability within the Team Manager API allows for overwrite of an arbitrary file. This can allow for privilege escalation to
Netwrix Directory Manager (formerly Imanami GroupID) before and including v.11.0.0.0 and after v.11.1.25134.03 has Incorrect Permission Assignment for a Critical Resource.
AudioCodes Fax Server and Auto-Attendant IVR appliances versions up to and including 2.6.23 expose an unauthenticated backup upload endpoint at AudioCodes_files/ajaxBackupUploadFile.php in the F2MAdmi
There is a risk of unauthorized file uploads in GT-SoftControl and potential file overwrites due to insufficient validation in the file selection process. This could lead to data integrity issues and
A logic issue was addressed with improved restrictions. This issue is fixed in macOS Sequoia 15.2, macOS Sonoma 14.7.2, macOS Ventura 13.7.2. An app may be able to overwrite arbitrary files.
Affected devices create coredump files when crashed, storing them with world-readable permission. Any local user of the device can examine the coredump files, and research the memory contents. As for
A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4. An app may be able to modify protected parts of the
The mv utility in uutils coreutils fails to preserve file ownership during moves across different filesystem boundaries. The utility falls back to a copy-and-delete routine that creates the destinatio
Page 1+ Next →