Filtered by CWE-687
Total 3 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2025-22620 2025-01-20 5 Medium
gitoxide is an implementation of git written in Rust. Prior to 0.17.0, gix-worktree-state specifies 0777 permissions when checking out executable files, intending that the umask will restrict them appropriately. But one of the strategies it uses to set permissions is not subject to the umask. This causes files in a repository to be world-writable in some situations. This vulnerability is fixed in 0.17.0.
CVE-2024-36985 1 Splunk 1 Splunk 2025-01-15 8.8 High
In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10, a low-privileged user that does not hold the admin or power Splunk roles could cause a Remote Code Execution through an external lookup that references the “splunk_archiver“ application.
CVE-2024-49603 1 Dell 1 Powerscale Onefs 2025-01-09 4.3 Medium
Dell PowerScale OneFS Versions 8.2.2.x through 9.9.0.x contain an incorrect specified argument vulnerability. A remote low privileged legitimate user could potentially exploit this vulnerability, leading to information disclosure.