| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Apache Airflow 2.4.0, and versions before 2.9.3, has a vulnerability that allows authenticated DAG authors to craft a doc_md parameter in a way that could execute arbitrary code in the scheduler context, which should be forbidden according to the Airflow Security model. Users should upgrade to version 2.9.3 or later which has removed the vulnerability. |
| Insecure permissions in 14Finger v1.1 allow attackers to escalate privileges from normal user to Administrator via a crafted POST request. |
| Aimeos is an Open Source e-commerce framework for online shops. All SaaS and marketplace setups using Aimeos version from 2022/2023/2024 are affected by a potential denial of service attack. Users should upgrade to versions 2022.10.17, 2023.10.17, or 2024.04 of the aimeos/aimeos-core package to receive a patch.
|
| CWE-276: Incorrect Default Permissions vulnerability exists that could allow an authenticated
user with access to the device’s web interface to perform unauthorized file and firmware
uploads when crafting custom web requests. |
| Insecure permissions in the AdminController.AjaxSave() method of PPGo_Jobs v2.8.0 allows authenticated attackers to arbitrarily modify users' account information. |
| Insecure permissions in logging-operator v4.6.0 allows attackers to access sensitive data and escalate privileges by obtaining the service account's token. |
| Veritas System Recovery before 23.3_Hotfix has incorrect permissions for the Veritas System Recovery folder, and thus low-privileged users can conduct attacks. |
| Stalwart Mail Server is an open-source mail server. Prior to version 0.8.0, when using `RUN_AS_USER`, the specified user (and therefore, web interface admins) can read arbitrary files as root. This issue affects admins who have set up to run stalwart with `RUN_AS_USER` who handed out admin credentials to the mail server but expect these to only grant access according to the `RUN_AS_USER` and are attacked where the attackers managed to achieve Arbitrary Code Execution using another vulnerability. Version 0.8.0 contains a patch for the issue. |
| IBM Security Access Manager Docker 10.0.0.0 through 10.0.7.1 could allow a local user to obtain sensitive information from the container due to incorrect default permissions. IBM X-Force ID: 292415. |
| Clario through 2024-04-11 for Desktop has weak permissions for %PROGRAMDATA%\Clario and tries to load DLLs from there as SYSTEM. |
| Buildroot before 0b2967e lacks the sticky bit for the /dev/shm directory. A fix was released in 2024.02.2. |
| Local privilege escalation due to insecure folder permissions. The following products are affected: Acronis Cloud Manager (Windows) before build 6.2.24135.272. |
| Local privilege escalation due to insecure folder permissions. The following products are affected: Acronis Cyber Protect Cloud Agent (Windows) before build 37758. |
| Kaminari is a paginator for web app frameworks and object relational mappings. A security vulnerability involving insecure file permissions has been identified in the Kaminari pagination library for Ruby on Rails, concerning insecure file permissions. This vulnerability is of moderate severity due to the potential for unauthorized write access to particular Ruby files managed by the library. Such access could lead to the alteration of application behavior or data integrity issues. Users of affected versions are advised to update to Kaminari version 0.16.2 or later, where file permissions have been adjusted to enhance security. If upgrading is not feasible immediately, review and adjust the file permissions for particular Ruby files in Kaminari to ensure they are only accessible by authorized user. |
| Redon Hub is a Roblox Product Delivery Bot, also known as a Hub. In all hubs before version 1.0.2, all commands are capable of being ran by all users, including admin commands. This allows users to receive products for free and delete/create/update products/tags/etc. The only non-affected command is `/products admin clear` as this was already programmed for bot owners only. All users should upgrade to version 1.0.2 to receive a patch. |
| Insecure Permissions vulnerability in e-trust Horacius 1.0, 1.1, and 1.2 allows a local attacker to escalate privileges via the password reset function. |
| The Ruby One Time Password library (ROTP) is an open source library for generating and validating one time passwords. Affected versions had overly permissive default permissions. Users should patch to version 6.3.0. Users unable to patch may correct file permissions after installation. |
| Macro Expert through 4.9.4 allows BUILTIN\Users:(OI)(CI)(M) access to the "%PROGRAMFILES(X86)%\GrassSoft\Macro Expert" folder and thus an unprivileged user can escalate to SYSTEM by replacing the MacroService.exe binary. |
| rack-cors (aka Rack CORS Middleware) 2.0.1 has 0666 permissions for the .rb files. |
| OpenObserve is a observability platform built specifically for logs, metrics, traces, analytics, designed to work at petabyte scale. A critical vulnerability has been identified in the "/api/{org_id}/users/{email_id}" endpoint. This vulnerability allows any authenticated user within an organization to remove any other user from that same organization, irrespective of their respective roles. This includes the ability to remove users with "Admin" and "Root" roles. By enabling any organizational member to unilaterally alter the user base, it opens the door to unauthorized access and can cause considerable disruptions in operations. The core of the vulnerability lies in the `remove_user_from_org` function in the user management system. This function is designed to allow organizational users to remove members from their organization. The function does not check if the user initiating the request has the appropriate administrative privileges to remove a user. Any user who is part of the organization, irrespective of their role, can remove any other user, including those with higher privileges. This vulnerability is categorized as an Authorization issue leading to Unauthorized User Removal. The impact is severe, as it compromises the integrity of user management within organizations. By exploiting this vulnerability, any user within an organization, without the need for administrative privileges, can remove critical users, including "Admins" and "Root" users. This could result in unauthorized system access, administrative lockout, or operational disruptions. Given that user accounts are typically created by "Admins" or "Root" users, this vulnerability can be exploited by any user who has been granted access to an organization, thereby posing a critical risk to the security and operational stability of the application. This issue has been addressed in release version 0.8.0. Users are advised to upgrade. |
