Total
949 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-11872 | 1 Epicgames | 1 Launcher | 2025-08-15 | N/A | N/A |
| Epic Games Launcher Incorrect Default Permissions Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Epic Games Launcher. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the product installer. The product applies incorrect default permissions to a sensitive folder. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-24329. | |||||
| CVE-2022-29376 | 2 Apachefriends, Microsoft | 2 Xampp, Windows | 2025-08-15 | 6.5 MEDIUM | 8.8 HIGH |
| Xampp for Windows v8.1.4 and below was discovered to contain insecure permissions for its install directory, allowing attackers to execute arbitrary code via overwriting binaries located in the directory. | |||||
| CVE-2025-20087 | 2025-08-12 | N/A | N/A | ||
| Incorrect default permissions for some Intel(R) oneAPI DPC++/C++ Compiler software installers may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2025-20023 | 2025-08-12 | N/A | N/A | ||
| Incorrect default permissions for some Intel(R) Graphics Driver software installers may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2025-26470 | 2025-08-12 | N/A | N/A | ||
| Incorrect default permissions for some Intel(R) Distribution for Python software installers before version 2025.1.0 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2025-27559 | 2025-08-12 | N/A | N/A | ||
| Incorrect default permissions for some AI Playground software before version v2.3.0 alpha may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2025-8672 | 2025-08-11 | N/A | N/A | ||
| MacOS version of GIMP bundles a Python interpreter that inherits the Transparency, Consent, and Control (TCC) permissions granted by the user to the main application bundle. An attacker with local user access can invoke this interpreter with arbitrary commands or scripts, leveraging the application's previously granted TCC permissions to access user's files in privacy-protected folders without triggering user prompts. Accessing other resources beyond previously granted TCC permissions will prompt the user for approval in the name of GIMP, potentially disguising attacker's malicious intent. This issue has been fixed in 3.1.4.2 version of GIMP. | |||||
| CVE-2025-48950 | 1 Maxkb | 1 Maxkb | 2025-08-06 | N/A | 8.8 HIGH |
| MaxKB is an open-source AI assistant for enterprise. Prior to version 1.10.8-lts, Sandbox only restricts the execution permissions of binary files in common directories, such as `/bin,/usr/bin`, etc. Therefore, attackers can exploit some files with execution permissions in non blacklisted directories to carry out attacks. Version 1.10.8-lts fixes the issue. | |||||
| CVE-2025-41658 | 2025-08-04 | N/A | 5.5 MEDIUM | ||
| CODESYS Runtime Toolkit-based products may expose sensitive files to local low-privileged operating system users due to default file permissions. | |||||
| CVE-2025-54530 | 1 Jetbrains | 1 Teamcity | 2025-07-31 | N/A | 9.8 CRITICAL |
| In JetBrains TeamCity before 2025.07 privilege escalation was possible due to incorrect directory permissions | |||||
| CVE-2025-21106 | 1 Dell | 1 Recoverpoint For Virtual Machines | 2025-07-31 | N/A | N/A |
| Dell Recover Point for Virtual Machines 6.0.X contains a Weak file system permission vulnerability. A low privileged Local attacker could potentially exploit this vulnerability, leading to impacting only non-sensitive resources in the system. | |||||
| CVE-2025-53945 | 2025-07-18 | N/A | N/A | ||
| apko allows users to build and publish OCI container images built from apk packages. Starting in version 0.27.0 and prior to version 0.29.5, critical files were inadvertently set to 0666, which could likely be abused for root escalation. Version 0.29.5 contains a fix for the issue. | |||||
| CVE-2025-54059 | 2025-07-18 | N/A | N/A | ||
| melange allows users to build apk packages using declarative pipelines. Starting in version 0.23.0 and prior to version 0.29.5, SBOM files generated by melange in apks had file system permissions mode 666. This potentially allows an unprivileged user to tamper with apk SBOMs on a running image, potentially confusing security scanners. An attacker could also perform a DoS under special circumstances. Version 0.29.5 fixes the issue. | |||||
| CVE-2025-29801 | 1 Microsoft | 1 Autoupdate | 2025-07-10 | N/A | 7.8 HIGH |
| Incorrect default permissions in Microsoft AutoUpdate (MAU) allows an authorized attacker to elevate privileges locally. | |||||
| CVE-2025-52900 | 1 Filebrowser | 1 Filebrowser | 2025-07-10 | N/A | N/A |
| File Browser provides a file managing interface within a specified directory and it can be used to upload, delete, preview, rename and edit files. The file access permissions for files uploaded to or created from File Browser are never explicitly set by the application. The same is true for the database used by File Browser. On standard servers using File Browser prior to version 2.33.7 where the umask configuration has not been hardened before, this makes all the stated files readable by any operating system account. Version 2.33.7 fixes the issue. | |||||
| CVE-2025-41665 | 2025-07-08 | N/A | 6.5 MEDIUM | ||
| An low privileged remote attacker can enforce the watchdog of the affected devices to reboot the PLC due to incorrect default permissions of a config file. | |||||
| CVE-2025-52991 | 2025-06-27 | N/A | N/A | ||
| The Nix, Lix, and Guix package managers default to using temporary build directories in a world-readable and world-writable location. This allows standard users to deceive the package manager into using directories with pre-existing content, potentially leading to unauthorized actions or data manipulation. This affects Nix before 2.24.15, 2.26.4, 2.28.4, and 2.29.1; Lix before 2.91.2, 2.92.2, and 2.93.1; and Guix before 1.4.0-38.0e79d5b. | |||||
| CVE-2025-49144 | 2025-06-23 | N/A | N/A | ||
| Notepad++ is a free and open-source source code editor. In versions 8.8.1 and prior, a privilege escalation vulnerability exists in the Notepad++ v8.8.1 installer that allows unprivileged users to gain SYSTEM-level privileges through insecure executable search paths. An attacker could use social engineering or clickjacking to trick users into downloading both the legitimate installer and a malicious executable to the same directory (typically Downloads folder - which is known as Vulnerable directory). Upon running the installer, the attack executes automatically with SYSTEM privileges. This issue has been fixed and will be released in version 8.8.2. | |||||
| CVE-2022-4964 | 1 Canonical | 1 Ubuntu Pipewire-pulse | 2025-06-20 | N/A | 5.5 MEDIUM |
| Ubuntu's pipewire-pulse in snap grants microphone access even when the snap interface for audio-record is not set. | |||||
| CVE-2025-5255 | 2025-06-20 | N/A | N/A | ||
| The Phoenix Code's configuration on macOS, specifically the presence of entitlements: "com.apple.security.cs.allow-dyld-environment-variables" and "com.apple.security.cs.disable-library-validation" allows for Dynamic Library (Dylib) injection. A local attacker with unprivileged access can use environment variables like DYLD_INSERT_LIBRARIES to successfully inject code in application's context and bypass Transparency, Consent, and Control (TCC). Acquired resource access is limited to previously granted permissions by the user. Access to other resources beyond granted-permissions requires user interaction with a system prompt asking for permission. This issue was fixed in commit 0c75fb57f89d0b7d9b180026bc2624b7dcf807da | |||||