Total
1280 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-29570 | 2025-04-07 | 7.8 High | ||
| An issue in Shenzhen Libituo Technology Co., Ltd LBT-T300-T400 v3.2 allows a local attacker to escalate privileges via the function tftp_image_check of a binary named rc. | ||||
| CVE-2025-0014 | 2025-04-07 | 7.3 High | ||
| Incorrect default permissions on the AMD Ryzen(TM) AI installation folder could allow an attacker to achieve privilege escalation, potentially resulting in arbitrary code execution. | ||||
| CVE-2025-29504 | 2025-04-07 | 7.8 High | ||
| Insecure Permission vulnerability in student-manage 1 allows a local attacker to escalate privileges via the Unsafe permission verification. | ||||
| CVE-2025-24195 | 1 Apple | 1 Macos | 2025-04-07 | 9.8 Critical |
| An integer overflow was addressed with improved input validation. This issue is fixed in macOS Ventura 13.7.5, macOS Sequoia 15.4, macOS Sonoma 14.7.5. A user may be able to elevate privileges. | ||||
| CVE-2025-24207 | 1 Apple | 1 Macos | 2025-04-07 | 9.8 Critical |
| A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Ventura 13.7.5, macOS Sequoia 15.4, macOS Sonoma 14.7.5. An app may be able to enable iCloud storage features without user consent. | ||||
| CVE-2025-24277 | 1 Apple | 1 Macos | 2025-04-04 | 7.8 High |
| A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in macOS Ventura 13.7.5, macOS Sequoia 15.4, macOS Sonoma 14.7.5. An app may be able to gain root privileges. | ||||
| CVE-2025-24267 | 1 Apple | 1 Macos | 2025-04-04 | 7.8 High |
| A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Ventura 13.7.5, macOS Sequoia 15.4, macOS Sonoma 14.7.5. An app may be able to gain root privileges. | ||||
| CVE-2025-24170 | 1 Apple | 1 Macos | 2025-04-04 | 7.8 High |
| A logic issue was addressed with improved file handling. This issue is fixed in macOS Ventura 13.7.5, macOS Sonoma 14.7.5. An app may be able to gain root privileges. | ||||
| CVE-2025-24172 | 1 Apple | 1 Macos | 2025-04-04 | 9.8 Critical |
| A permissions issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Ventura 13.7.5, macOS Sequoia 15.4, macOS Sonoma 14.7.5. "Block All Remote Content" may not apply for all mail previews. | ||||
| CVE-2025-30465 | 1 Apple | 2 Ipados, Macos | 2025-04-04 | 9.8 Critical |
| A permissions issue was addressed with improved validation. This issue is fixed in macOS Ventura 13.7.5, iPadOS 17.7.6, macOS Sequoia 15.4, macOS Sonoma 14.7.5. A shortcut may be able to access files that are normally inaccessible to the Shortcuts app. | ||||
| CVE-2022-45924 | 1 Opentext | 1 Opentext Extended Ecm | 2025-04-04 | 8.1 High |
| An issue was discovered in OpenText Content Suite Platform 22.1 (16.2.19.1803). The endpoint itemtemplate.createtemplate2 allows a low-privilege user to delete arbitrary files on the server's local filesystem. | ||||
| CVE-2025-24238 | 1 Apple | 4 Ipados, Iphone Os, Macos and 1 more | 2025-04-04 | 9.8 Critical |
| A logic issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.7.5, tvOS 18.4, iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4, macOS Sonoma 14.7.5. An app may be able to gain elevated privileges. | ||||
| CVE-2020-36611 | 2 Hitachi, Linux | 2 Tuning Manager, Linux Kernel | 2025-04-03 | 6.6 Medium |
| Incorrect Default Permissions vulnerability in Hitachi Tuning Manager on Linux (Hitachi Tuning Manager server, Hitachi Tuning Manager - Agent for RAID, Hitachi Tuning Manager - Agent for NAS, Hitachi Tuning Manager - Agent for SAN Switch components) allows local users to read and write specific files.This issue affects Hitachi Tuning Manager: before 8.8.5-00. | ||||
| CVE-2002-1713 | 1 Mandrakesoft | 1 Mandrake Linux | 2025-04-03 | 5.5 Medium |
| The Standard security setting for Mandrake-Security package (msec) in Mandrake 8.2 installs home directories with world-readable permissions, which could allow local users to read other user's files. | ||||
| CVE-2005-1941 | 1 Silvercity Project | 1 Silvercity | 2025-04-03 | 7.8 High |
| SilverCity before 0.9.5-r1 installs (1) cgi-styler-form.py, (2) cgi-styler.py, and (3) source2html.py with read and write world permissions, which allows local users to execute arbitrary code. | ||||
| CVE-2001-0497 | 1 Isc | 1 Bind | 2025-04-03 | 7.8 High |
| dnskeygen in BIND 8.2.4 and earlier, and dnssec-keygen in BIND 9.1.2 and earlier, set insecure permissions for a HMAC-MD5 shared secret key file used for DNS Transactional Signatures (TSIG), which allows attackers to obtain the keys and perform dynamic DNS updates. | ||||
| CVE-1999-0426 | 1 Suse | 1 Suse Linux | 2025-04-03 | 9.8 Critical |
| The default permissions of /dev/kmem in Linux versions before 2.0.36 allows IP spoofing. | ||||
| CVE-2002-1844 | 2 Microsoft, Oracle | 2 Windows Media Player, Solaris | 2025-04-03 | 7.8 High |
| Microsoft Windows Media Player (WMP) 6.3, when installed on Solaris, installs executables with world-writable permissions, which allows local users to delete or modify the executables to gain privileges. | ||||
| CVE-2004-1778 | 1 Skype | 1 Skype | 2025-04-03 | N/A |
| Skype 0.92.0.12 and 1.0.0.1 for Linux, and possibly other versions, creates the /usr/share/skype/lang directory with world-writable permissions, which allows local users to modify language files and possibly conduct social engineering or other attacks. | ||||
| CVE-2022-48199 | 2 Microsoft, Softperfect | 2 Windows, Networx | 2025-04-02 | 8.8 High |
| SoftPerfect NetWorx 7.1.1 on Windows allows an attacker to execute a malicious binary with potentially higher privileges via a low-privileged user account that abuses the Notifications function. The Notifications function allows for arbitrary binary execution and can be modified by any user. The resulting binary execution will occur in the context of any user running NetWorx. If an attacker modifies the Notifications function to execute a malicious binary, the binary will be executed by every user running NetWorx on that system. | ||||