Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2025-23386

Summary
Assigner-suse
Assigner Org ID-404e59f5-483d-4b8a-8e7a-e67604dd8afb
Published At-10 Apr, 2025 | 09:42
Updated At-10 Apr, 2025 | 14:22
Rejected At-
Credits

gerbera: Privilege escalation from user gerbera to root because of insecure %post script

A Incorrect Default Permissions vulnerability in the openSUSE Tumbleweed package gerbera allows the service user gerbera to escalate to root.,This issue affects gerbera on openSUSE Tumbleweed before 2.5.0-1.1.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:suse
Assigner Org ID:404e59f5-483d-4b8a-8e7a-e67604dd8afb
Published At:10 Apr, 2025 | 09:42
Updated At:10 Apr, 2025 | 14:22
Rejected At:
▼CVE Numbering Authority (CNA)
gerbera: Privilege escalation from user gerbera to root because of insecure %post script

A Incorrect Default Permissions vulnerability in the openSUSE Tumbleweed package gerbera allows the service user gerbera to escalate to root.,This issue affects gerbera on openSUSE Tumbleweed before 2.5.0-1.1.

Affected Products
Vendor
SUSESUSE
Product
openSUSE Tumbleweed
Package Name
gerbera
Default Status
unaffected
Versions
Affected
  • From ? before 2.5.0-1.1 (custom)
Problem Types
TypeCWE IDDescription
CWECWE-276CWE-276: Incorrect Default Permissions
Type: CWE
CWE ID: CWE-276
Description: CWE-276: Incorrect Default Permissions
Metrics
VersionBase scoreBase severityVector
3.17.8HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Version: 3.1
Base score: 7.8
Base severity: HIGH
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
finder
Johannes Segitz of SUSE
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://bugzilla.suse.com/show_bug.cgi?id=CVE-2025-23386
N/A
Hyperlink: https://bugzilla.suse.com/show_bug.cgi?id=CVE-2025-23386
Resource: N/A
▼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:meissner@suse.de
Published At:10 Apr, 2025 | 10:15
Updated At:15 Apr, 2026 | 00:35

A Incorrect Default Permissions vulnerability in the openSUSE Tumbleweed package gerbera allows the service user gerbera to escalate to root.,This issue affects gerbera on openSUSE Tumbleweed before 2.5.0-1.1.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary3.17.8HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Type: Secondary
Version: 3.1
Base score: 7.8
Base severity: HIGH
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CPE Matches
Weaknesses
CWE IDTypeSource
CWE-276Secondarymeissner@suse.de
CWE ID: CWE-276
Type: Secondary
Source: meissner@suse.de
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://bugzilla.suse.com/show_bug.cgi?id=CVE-2025-23386meissner@suse.de
N/A
Hyperlink: https://bugzilla.suse.com/show_bug.cgi?id=CVE-2025-23386
Source: meissner@suse.de
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

407Records found
CVE-2021-31998
Matching Score-10
Assigner-SUSE
ShareView Details
Matching Score-10
Assigner-SUSE
CVSS Score-6.8||MEDIUM
EPSS-0.03% / 8.70%
||
7 Day CHG~0.00%
Published-10 Jun, 2021 | 11:25
Updated-16 Sep, 2024 | 22:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
inn: %post calls user owned file allowing local privilege escalation to root

A Incorrect Default Permissions vulnerability in the packaging of inn of SUSE Linux Enterprise Server 11-SP3; openSUSE Backports SLE-15-SP2, openSUSE Leap 15.2 allows local attackers to escalate their privileges from the news user to root. This issue affects: SUSE Linux Enterprise Server 11-SP3 inn version inn-2.4.2-170.21.3.1 and prior versions. openSUSE Backports SLE-15-SP2 inn versions prior to 2.6.2. openSUSE Leap 15.2 inn versions prior to 2.6.2.

Action-Not Available
Vendor-openSUSESUSE
Product-linux_enterprise_serverinnbackports_sleleapSUSE Linux Enterprise Server 11-SP3openSUSE Backports SLE-15-SP2openSUSE Leap 15.2
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2022-45153
Matching Score-10
Assigner-SUSE
ShareView Details
Matching Score-10
Assigner-SUSE
CVSS Score-7||HIGH
EPSS-0.06% / 18.89%
||
7 Day CHG~0.00%
Published-15 Feb, 2023 | 00:00
Updated-18 Mar, 2025 | 19:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
saphanabootstrap-formula: Escalation to root for arbitrary users in hana/ha_cluster.sls

An Incorrect Default Permissions vulnerability in saphanabootstrap-formula of SUSE Linux Enterprise Module for SAP Applications 15-SP1, SUSE Linux Enterprise Server for SAP 12-SP5; openSUSE Leap 15.4 allows local attackers to escalate to root by manipulating the sudo configuration that is created. This issue affects: SUSE Linux Enterprise Module for SAP Applications 15-SP1 saphanabootstrap-formula versions prior to 0.13.1+git.1667812208.4db963e. SUSE Linux Enterprise Server for SAP 12-SP5 saphanabootstrap-formula versions prior to 0.13.1+git.1667812208.4db963e. openSUSE Leap 15.4 saphanabootstrap-formula versions prior to 0.13.1+git.1667812208.4db963e.

Action-Not Available
Vendor-openSUSESUSE
Product-linux_enterprise_module_for_sap_applicationslinux_enterprise_serverleapSUSE Linux Enterprise Module for SAP Applications 15-SP1openSUSE Leap 15.4SUSE Linux Enterprise Server for SAP 12-SP5
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2022-31254
Matching Score-10
Assigner-SUSE
ShareView Details
Matching Score-10
Assigner-SUSE
CVSS Score-7.8||HIGH
EPSS-0.05% / 15.62%
||
7 Day CHG~0.00%
Published-07 Feb, 2023 | 00:00
Updated-25 Mar, 2025 | 15:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
rmt-server-pubcloud allows to escalate from user _rmt to root

A Incorrect Default Permissions vulnerability in rmt-server-regsharing service of SUSE Linux Enterprise Server for SAP 15, SUSE Linux Enterprise Server for SAP 15-SP1, SUSE Manager Server 4.1; openSUSE Leap 15.3, openSUSE Leap 15.4 allows local attackers with access to the _rmt user to escalate to root. This issue affects: SUSE Linux Enterprise Server for SAP 15 rmt-server versions prior to 2.10. SUSE Linux Enterprise Server for SAP 15-SP1 rmt-server versions prior to 2.10. SUSE Manager Server 4.1 rmt-server versions prior to 2.10. openSUSE Leap 15.3 rmt-server versions prior to 2.10. openSUSE Leap 15.4 rmt-server versions prior to 2.10.

Action-Not Available
Vendor-openSUSESUSE
Product-rmt-serverlinux_enterprise_servermanager_serverleapopenSUSE Leap 15.4SUSE Manager Server 4.1SUSE Linux Enterprise Server for SAP 15-SP1SUSE Linux Enterprise Server for SAP 15openSUSE Leap 15.3
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2020-8018
Matching Score-10
Assigner-SUSE
ShareView Details
Matching Score-10
Assigner-SUSE
CVSS Score-8.4||HIGH
EPSS-0.03% / 8.08%
||
7 Day CHG~0.00%
Published-04 May, 2020 | 11:35
Updated-16 Sep, 2024 | 20:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
User owned /etc in SLES15-SP1-CHOST-BYOS

A Incorrect Default Permissions vulnerability in the SLES15-SP1-CHOST-BYOS and SLES15-SP1-CAP-Deployment-BYOS images of SUSE Linux Enterprise Server 15 SP1 allows local attackers with the UID 1000 to escalate to root due to a /etc directory owned by the user This issue affects: SUSE Linux Enterprise Server 15 SP1 SLES15-SP1-CAP-Deployment-BYOS version 1.0.1 and prior versions; SLES15-SP1-CHOST-BYOS versions prior to 1.0.3 and prior versions;

Action-Not Available
Vendor-SUSE
Product-linux_enterprise_desktopSUSE Linux Enterprise Server 15 SP1
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2020-8022
Matching Score-10
Assigner-SUSE
ShareView Details
Matching Score-10
Assigner-SUSE
CVSS Score-7.7||HIGH
EPSS-0.19% / 40.58%
||
7 Day CHG~0.00%
Published-29 Jun, 2020 | 08:20
Updated-17 Sep, 2024 | 00:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
User-writeable configuration file /usr/lib/tmpfiles.d/tomcat.conf allows for escalation of priviliges

A Incorrect Default Permissions vulnerability in the packaging of tomcat on SUSE Enterprise Storage 5, SUSE Linux Enterprise Server 12-SP2-BCL, SUSE Linux Enterprise Server 12-SP2-LTSS, SUSE Linux Enterprise Server 12-SP3-BCL, SUSE Linux Enterprise Server 12-SP3-LTSS, SUSE Linux Enterprise Server 12-SP4, SUSE Linux Enterprise Server 12-SP5, SUSE Linux Enterprise Server 15-LTSS, SUSE Linux Enterprise Server for SAP 12-SP2, SUSE Linux Enterprise Server for SAP 12-SP3, SUSE Linux Enterprise Server for SAP 15, SUSE OpenStack Cloud 7, SUSE OpenStack Cloud 8, SUSE OpenStack Cloud Crowbar 8 allows local attackers to escalate from group tomcat to root. This issue affects: SUSE Enterprise Storage 5 tomcat versions prior to 8.0.53-29.32.1. SUSE Linux Enterprise Server 12-SP2-BCL tomcat versions prior to 8.0.53-29.32.1. SUSE Linux Enterprise Server 12-SP2-LTSS tomcat versions prior to 8.0.53-29.32.1. SUSE Linux Enterprise Server 12-SP3-BCL tomcat versions prior to 8.0.53-29.32.1. SUSE Linux Enterprise Server 12-SP3-LTSS tomcat versions prior to 8.0.53-29.32.1. SUSE Linux Enterprise Server 12-SP4 tomcat versions prior to 9.0.35-3.39.1. SUSE Linux Enterprise Server 12-SP5 tomcat versions prior to 9.0.35-3.39.1. SUSE Linux Enterprise Server 15-LTSS tomcat versions prior to 9.0.35-3.57.3. SUSE Linux Enterprise Server for SAP 12-SP2 tomcat versions prior to 8.0.53-29.32.1. SUSE Linux Enterprise Server for SAP 12-SP3 tomcat versions prior to 8.0.53-29.32.1. SUSE Linux Enterprise Server for SAP 15 tomcat versions prior to 9.0.35-3.57.3. SUSE OpenStack Cloud 7 tomcat versions prior to 8.0.53-29.32.1. SUSE OpenStack Cloud 8 tomcat versions prior to 8.0.53-29.32.1. SUSE OpenStack Cloud Crowbar 8 tomcat versions prior to 8.0.53-29.32.1.

Action-Not Available
Vendor-The Apache Software FoundationopenSUSESUSE
Product-linux_enterprise_serveropenstack_cloudtomcatenterprise_storageopenstack_cloud_crowbarleapSUSE Linux Enterprise Server 12-SP5SUSE OpenStack Cloud Crowbar 8SUSE Linux Enterprise Server 12-SP4SUSE Linux Enterprise Server 12-SP2-BCLSUSE Linux Enterprise Server for SAP 12-SP3SUSE OpenStack Cloud 7SUSE Linux Enterprise Server 15-LTSSSUSE Linux Enterprise Server for SAP 12-SP2SUSE Linux Enterprise Server 12-SP3-LTSSSUSE Linux Enterprise Server 12-SP3-BCLSUSE Enterprise Storage 5SUSE OpenStack Cloud 8SUSE Linux Enterprise Server 12-SP2-LTSSSUSE Linux Enterprise Server for SAP 15
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2023-32182
Matching Score-8
Assigner-SUSE
ShareView Details
Matching Score-8
Assigner-SUSE
CVSS Score-5.9||MEDIUM
EPSS-0.02% / 6.54%
||
7 Day CHG~0.00%
Published-19 Sep, 2023 | 15:07
Updated-24 Sep, 2024 | 18:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A Improper Link Resolution Before File Access ('Link Following') vulnerability in SUSE SUSE Linux Enterprise Desktop 15 SP5 postfix, SUSE SUSE Linux Enterprise High Performance Computing 15 SP5 postfix, SUSE openSUSE Leap 15.5 postfix.This issue affects SUSE Linux Enterprise Desktop 15 SP5: before 3.7.3-150500.3.5.1; SUSE Linux Enterprise High Performance Computing 15 SP5: before 3.7.3-150500.3.5.1; openSUSE Leap 15.5 : before 3.7.3-150500.3.5.1.

Action-Not Available
Vendor-openSUSESUSE
Product-suse_linux_enterprise_desktoplinux_enterprise_high_performance_computingleapopenSUSE Leap 15.5 SUSE Linux Enterprise Desktop 15 SP5SUSE Linux Enterprise High Performance Computing 15 SP5
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2023-32190
Matching Score-8
Assigner-SUSE
ShareView Details
Matching Score-8
Assigner-SUSE
CVSS Score-8.5||HIGH
EPSS-0.14% / 33.77%
||
7 Day CHG~0.00%
Published-16 Oct, 2024 | 12:03
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
mlocate's %post script allows RUN_UPDATEDB_AS user to make arbitrary files world readable

mlocate's %post script allows RUN_UPDATEDB_AS user to make arbitrary files world readable by abusing insecure file operations that run with root privileges.

Action-Not Available
Vendor-SUSE
Product-openSUSE Tumbleweedopensuse_tumbleweed
CWE ID-CWE-125
Out-of-bounds Read
CVE-2026-41054
Matching Score-8
Assigner-SUSE
ShareView Details
Matching Score-8
Assigner-SUSE
CVSS Score-7.8||HIGH
EPSS-0.00% / 0.21%
||
7 Day CHG~0.00%
Published-20 May, 2026 | 08:56
Updated-05 Jun, 2026 | 12:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Missing exit out of permission check in haveged could lead to root exploit

In `src/havegecmd.c`, the `socket_handler` function performs a credential check on the abstract UNIX socket (`\0/sys/entropy/haveged`). However, while it detects if the connecting user is not root (`cred.uid != 0`) and prepares a negative acknowledgement (`ASCII_NAK`), it **fails to stop execution**. The code proceeds to the `switch` statement, allowing any local unprivileged user to execute privileged commands such as `MAGIC_CHROOT`.

Action-Not Available
Vendor-SUSE
Product-SUSE Linux Enterprise Server for SAP Applications 15 SP7Image SLES15-SP4-SAP-BYOS-AzureSUSE Linux Enterprise High Performance Computing 15 SP5-ESPOSSUSE Linux Enterprise Server 15 SP4-LTSSSUSE Linux Enterprise Server for SAP Applications 15 SP5SUSE Linux Enterprise Server for SAP Applications 15 SP4SUSE Manager Proxy LTS 4.3Image SLES15-SP4-SAP-BYOS-EC2Image SLES15-SP4-SAP-Hardened-BYOS-AzureImage SLES15-SP4-SAP-Hardened-BYOSImage SLES15-SP4-SAP-BYOSSUSE Linux Enterprise Server for SAP Applications 15 SP6Image SLES15-SP4-SAP-Hardened-BYOS-EC2Image SLES15-SP4-SAP-Hardened-GCESUSE Linux Enterprise Server 15 SP7Container suse/sle-micro-rancher/5.3:latestSUSE Linux Enterprise Micro 5.4SUSE Linux Enterprise Micro 5.3SUSE Linux Enterprise Server 15 SP6-LTSSImage SLES15-SP4-SAP-BYOS-GCEImage SLES15-SP4-SAP-HardenedSUSE Manager Retail Branch Server LTS 4.3SUSE Linux Enterprise High Performance Computing 15 SP7SUSE Linux Enterprise Micro 5.5SUSE Linux Enterprise Server 15 SP5-LTSSSUSE Manager Server LTS 4.3SUSE Linux Enterprise Desktop 15 SP7Container suse/sle-micro-rancher/5.4:latestSUSE Linux Enterprise Module for Basesystem 15 SP7Container suse/sle-micro/5.5:latestImage SLES15-SP4-SAP-Hardened-BYOS-GCESUSE Linux Enterprise High Performance Computing 15 SP5-LTSSSUSE Linux Enterprise High Performance Computing 15 SP4-LTSSSUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS
CWE ID-CWE-305
Authentication Bypass by Primary Weakness
CVE-2019-3693
Matching Score-8
Assigner-SUSE
ShareView Details
Matching Score-8
Assigner-SUSE
CVSS Score-7.7||HIGH
EPSS-0.17% / 37.99%
||
7 Day CHG~0.00%
Published-24 Jan, 2020 | 10:05
Updated-17 Sep, 2024 | 02:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Local privilege escalation from user wwwrun to root in the packaging of mailman

A symlink following vulnerability in the packaging of mailman in SUSE Linux Enterprise Server 11, SUSE Linux Enterprise Server 12; openSUSE Leap 15.1 allowed local attackers to escalate their privileges from user wwwrun to root. Additionally arbitrary files could be changed to group mailman. This issue affects: SUSE Linux Enterprise Server 11 mailman versions prior to 2.1.15-9.6.15.1. SUSE Linux Enterprise Server 12 mailman versions prior to 2.1.17-3.11.1. openSUSE Leap 15.1 mailman version 2.1.29-lp151.2.14 and prior versions.

Action-Not Available
Vendor-openSUSESUSE
Product-linux_enterprise_servermailmanbackports_sleleapSUSE Linux Enterprise Server 11Leap 15.1SUSE Linux Enterprise Server 12
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2019-3691
Matching Score-8
Assigner-SUSE
ShareView Details
Matching Score-8
Assigner-SUSE
CVSS Score-7.7||HIGH
EPSS-0.15% / 35.10%
||
7 Day CHG~0.00%
Published-23 Jan, 2020 | 16:00
Updated-16 Sep, 2024 | 22:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Local privilege escalation from user munge to root

A Symbolic Link (Symlink) Following vulnerability in the packaging of munge in SUSE Linux Enterprise Server 15; openSUSE Factory allowed local attackers to escalate privileges from user munge to root. This issue affects: SUSE Linux Enterprise Server 15 munge versions prior to 0.5.13-4.3.1. openSUSE Factory munge versions prior to 0.5.13-6.1.

Action-Not Available
Vendor-openSUSESUSE
Product-factorysuse_linux_enterprise_servermungeFactorySUSE Linux Enterprise Server 15
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2019-3682
Matching Score-8
Assigner-SUSE
ShareView Details
Matching Score-8
Assigner-SUSE
CVSS Score-8.4||HIGH
EPSS-0.14% / 33.41%
||
7 Day CHG~0.00%
Published-17 Jan, 2020 | 08:30
Updated-17 Sep, 2024 | 00:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Insecure API port exposed to all Master Node guest containers

The docker-kubic package in SUSE CaaS Platform 3.0 before 17.09.1_ce-7.6.1 provided access to an insecure API locally on the Kubernetes master node.

Action-Not Available
Vendor-SUSE
Product-caas_platformSUSE CaaS Platform 3.0
CWE ID-CWE-668
Exposure of Resource to Wrong Sphere
CVE-2019-3692
Matching Score-8
Assigner-SUSE
ShareView Details
Matching Score-8
Assigner-SUSE
CVSS Score-7.7||HIGH
EPSS-0.17% / 37.99%
||
7 Day CHG~0.00%
Published-24 Jan, 2020 | 08:50
Updated-16 Sep, 2024 | 20:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Local privilege escalation from user news to root in the packaging of inn

The packaging of inn on SUSE Linux Enterprise Server 11; openSUSE Factory, Leap 15.1 allows local attackers to escalate from user inn to root via symlink attacks. This issue affects: SUSE Linux Enterprise Server 11 inn version 2.4.2-170.21.3.1 and prior versions. openSUSE Factory inn version 2.6.2-2.2 and prior versions. openSUSE Leap 15.1 inn version 2.5.4-lp151.2.47 and prior versions.

Action-Not Available
Vendor-openSUSESUSE
Product-linux_enterprise_serverfactoryinnbackports_sleleapSUSE Linux Enterprise Server 11FactoryLeap 15.1
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2019-3695
Matching Score-8
Assigner-SUSE
ShareView Details
Matching Score-8
Assigner-SUSE
CVSS Score-8.4||HIGH
EPSS-0.12% / 30.40%
||
7 Day CHG~0.00%
Published-03 Mar, 2020 | 11:05
Updated-16 Sep, 2024 | 18:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
pcp: Local privilege escalation from user pcp to root

A Improper Control of Generation of Code vulnerability in the packaging of pcp of SUSE Linux Enterprise High Performance Computing 15-ESPOS, SUSE Linux Enterprise High Performance Computing 15-LTSS, SUSE Linux Enterprise Module for Development Tools 15, SUSE Linux Enterprise Module for Development Tools 15-SP1, SUSE Linux Enterprise Module for Open Buildservice Development Tools 15, SUSE Linux Enterprise Server 15-LTSS, SUSE Linux Enterprise Server for SAP 15, SUSE Linux Enterprise Software Development Kit 12-SP4, SUSE Linux Enterprise Software Development Kit 12-SP5; openSUSE Leap 15.1 allows the user pcp to run code as root by placing it into /var/log/pcp/configs.sh This issue affects: SUSE Linux Enterprise High Performance Computing 15-ESPOS pcp versions prior to 3.11.9-5.8.1. SUSE Linux Enterprise High Performance Computing 15-LTSS pcp versions prior to 3.11.9-5.8.1. SUSE Linux Enterprise Module for Development Tools 15 pcp versions prior to 3.11.9-5.8.1. SUSE Linux Enterprise Module for Development Tools 15-SP1 pcp versions prior to 4.3.1-3.5.3. SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 pcp versions prior to 3.11.9-5.8.1. SUSE Linux Enterprise Server 15-LTSS pcp versions prior to 3.11.9-5.8.1. SUSE Linux Enterprise Server for SAP 15 pcp versions prior to 3.11.9-5.8.1. SUSE Linux Enterprise Software Development Kit 12-SP4 pcp versions prior to 3.11.9-6.14.1. SUSE Linux Enterprise Software Development Kit 12-SP5 pcp versions prior to 3.11.9-6.14.1. openSUSE Leap 15.1 pcp versions prior to 4.3.1-lp151.2.3.1.

Action-Not Available
Vendor-openSUSESUSE
Product-linux_enterprise_software_development_kitlinux_enterprise_serverlinux_enterprise_high_performance_computingpcpleapSUSE Linux Enterprise High Performance Computing 15-LTSSSUSE Linux Enterprise High Performance Computing 15-ESPOSSUSE Linux Enterprise Software Development Kit 12-SP4SUSE Linux Enterprise Software Development Kit 12-SP5openSUSE Leap 15.1SUSE Linux Enterprise Module for Development Tools 15-SP1SUSE Linux Enterprise Module for Open Buildservice Development Tools 15SUSE Linux Enterprise Server 15-LTSSSUSE Linux Enterprise Module for Development Tools 15SUSE Linux Enterprise Server for SAP 15
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2019-3690
Matching Score-8
Assigner-SUSE
ShareView Details
Matching Score-8
Assigner-SUSE
CVSS Score-6.8||MEDIUM
EPSS-0.10% / 27.46%
||
7 Day CHG~0.00%
Published-05 Dec, 2019 | 15:30
Updated-16 Sep, 2024 | 16:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
chkstat follows untrusted symbolic links

The chkstat tool in the permissions package followed symlinks before commit a9e1d26cd49ef9ee0c2060c859321128a6dd4230 (please also check the additional hardenings after this fix). This allowed local attackers with control over a path that is traversed by chkstat to escalate privileges.

Action-Not Available
Vendor-openSUSESUSE
Product-leappermissions
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2019-18897
Matching Score-8
Assigner-SUSE
ShareView Details
Matching Score-8
Assigner-SUSE
CVSS Score-8.4||HIGH
EPSS-0.10% / 26.52%
||
7 Day CHG~0.00%
Published-02 Mar, 2020 | 15:20
Updated-17 Sep, 2024 | 01:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Local privilege escalation from user salt to root

A UNIX Symbolic Link (Symlink) Following vulnerability in the packaging of salt of SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Server 15; openSUSE Factory allows local attackers to escalate privileges from user salt to root. This issue affects: SUSE Linux Enterprise Server 12 salt-master version 2019.2.0-46.83.1 and prior versions. SUSE Linux Enterprise Server 15 salt-master version 2019.2.0-6.21.1 and prior versions. openSUSE Factory salt-master version 2019.2.2-3.1 and prior versions.

Action-Not Available
Vendor-openSUSESUSE
Product-linux_enterprise_serverleapFactorySUSE Linux Enterprise Server 15SUSE Linux Enterprise Server 12
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2019-18898
Matching Score-8
Assigner-SUSE
ShareView Details
Matching Score-8
Assigner-SUSE
CVSS Score-7.7||HIGH
EPSS-0.15% / 35.33%
||
7 Day CHG~0.00%
Published-23 Jan, 2020 | 14:05
Updated-16 Sep, 2024 | 18:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
trousers: Local privilege escalation from tss to root

UNIX Symbolic Link (Symlink) Following vulnerability in the trousers package of SUSE Linux Enterprise Server 15 SP1; openSUSE Factory allowed local attackers escalate privileges from user tss to root. This issue affects: SUSE Linux Enterprise Server 15 SP1 trousers versions prior to 0.3.14-6.3.1. openSUSE Factory trousers versions prior to 0.3.14-7.1.

Action-Not Available
Vendor-openSUSESUSE
Product-trousersopensuse_factorysuse_linux_enterprise_serverleapFactorySUSE Linux Enterprise Server 15 SP1
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2022-31256
Matching Score-8
Assigner-SUSE
ShareView Details
Matching Score-8
Assigner-SUSE
CVSS Score-7.7||HIGH
EPSS-0.13% / 31.95%
||
7 Day CHG~0.00%
Published-26 Oct, 2022 | 08:55
Updated-09 May, 2025 | 19:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
sendmail: mail to root privilege escalation via sm-client.pre script

A Improper Link Resolution Before File Access ('Link Following') vulnerability in a script called by the sendmail systemd service of openSUSE Factory allows local attackers to escalate from user mail to root. This issue affects: SUSE openSUSE Factory sendmail versions prior to 8.17.1-1.1.

Action-Not Available
Vendor-SUSEopenSUSE
Product-factoryopenSUSE Factory
CWE ID-CWE-59
Improper Link Resolution Before File Access ('Link Following')
CVE-2021-25315
Matching Score-8
Assigner-SUSE
ShareView Details
Matching Score-8
Assigner-SUSE
CVSS Score-9.8||CRITICAL
EPSS-0.15% / 35.97%
||
7 Day CHG~0.00%
Published-03 Mar, 2021 | 09:55
Updated-16 Sep, 2024 | 21:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
salt-api unauthenticated remote code execution

CWE - CWE-287: Improper Authentication vulnerability in SUSE Linux Enterprise Server 15 SP 3; openSUSE Tumbleweed allows local attackers to execute arbitrary code via salt without the need to specify valid credentials. This issue affects: SUSE Linux Enterprise Server 15 SP 3 salt versions prior to 3002.2-3. openSUSE Tumbleweed salt version 3002.2-2.1 and prior versions. This issue affects: SUSE Linux Enterprise Server 15 SP 3 salt versions prior to 3002.2-3. openSUSE Tumbleweed salt version 3002.2-2.1 and prior versions.

Action-Not Available
Vendor-saltstackopenSUSESUSE
Product-tumbleweedsuse_linux_enterprise_serversaltTumbleweedSUSE Linux Enterprise Server 15 SP 3
CWE ID-CWE-287
Improper Authentication
CVE-2021-25314
Matching Score-8
Assigner-SUSE
ShareView Details
Matching Score-8
Assigner-SUSE
CVSS Score-7.8||HIGH
EPSS-0.03% / 8.64%
||
7 Day CHG~0.00%
Published-14 Apr, 2021 | 15:00
Updated-17 Sep, 2024 | 01:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
hawk: Insecure file permissions

A Creation of Temporary File With Insecure Permissions vulnerability in hawk2 of SUSE Linux Enterprise High Availability 12-SP3, SUSE Linux Enterprise High Availability 12-SP5, SUSE Linux Enterprise High Availability 15-SP2 allows local attackers to escalate to root. This issue affects: SUSE Linux Enterprise High Availability 12-SP3 hawk2 versions prior to 2.6.3+git.1614685906.812c31e9. SUSE Linux Enterprise High Availability 12-SP5 hawk2 versions prior to 2.6.3+git.1614685906.812c31e9. SUSE Linux Enterprise High Availability 15-SP2 hawk2 versions prior to 2.6.3+git.1614684118.af555ad9.

Action-Not Available
Vendor-SUSE
Product-linux_enterprise_high_availability_extensionhawk2SUSE Linux Enterprise High Availability 12-SP5SUSE Linux Enterprise High Availability 15-SP2SUSE Linux Enterprise High Availability 12-SP3
CWE ID-CWE-378
Creation of Temporary File With Insecure Permissions
CWE ID-CWE-668
Exposure of Resource to Wrong Sphere
CVE-2021-25321
Matching Score-8
Assigner-SUSE
ShareView Details
Matching Score-8
Assigner-SUSE
CVSS Score-7.8||HIGH
EPSS-0.03% / 9.33%
||
7 Day CHG~0.00%
Published-30 Jun, 2021 | 08:25
Updated-16 Sep, 2024 | 18:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
arpwatch: Local privilege escalation from runtime user to root

A UNIX Symbolic Link (Symlink) Following vulnerability in arpwatch of SUSE Linux Enterprise Server 11-SP4-LTSS, SUSE Manager Server 4.0, SUSE OpenStack Cloud Crowbar 9; openSUSE Factory, Leap 15.2 allows local attackers with control of the runtime user to run arpwatch as to escalate to root upon the next restart of arpwatch. This issue affects: SUSE Linux Enterprise Server 11-SP4-LTSS arpwatch versions prior to 2.1a15. SUSE Manager Server 4.0 arpwatch versions prior to 2.1a15. SUSE OpenStack Cloud Crowbar 9 arpwatch versions prior to 2.1a15. openSUSE Factory arpwatch version 2.1a15-169.5 and prior versions. openSUSE Leap 15.2 arpwatch version 2.1a15-lp152.5.5 and prior versions.

Action-Not Available
Vendor-openSUSESUSE
Product-linux_enterprise_serverfactorymanager_serverarpwatchopenstack_cloud_crowbarleapLeap 15.2FactorySUSE OpenStack Cloud Crowbar 9SUSE Manager Server 4.0SUSE Linux Enterprise Server 11-SP4-LTSS
CWE ID-CWE-61
UNIX Symbolic Link (Symlink) Following
CVE-2020-8019
Matching Score-8
Assigner-SUSE
ShareView Details
Matching Score-8
Assigner-SUSE
CVSS Score-7.7||HIGH
EPSS-0.15% / 35.10%
||
7 Day CHG~0.00%
Published-29 Jun, 2020 | 11:30
Updated-17 Sep, 2024 | 03:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
syslog-ng: Local privilege escalation from new to root in %post

A UNIX Symbolic Link (Symlink) Following vulnerability in the packaging of syslog-ng of SUSE Linux Enterprise Debuginfo 11-SP3, SUSE Linux Enterprise Debuginfo 11-SP4, SUSE Linux Enterprise Module for Legacy Software 12, SUSE Linux Enterprise Point of Sale 11-SP3, SUSE Linux Enterprise Server 11-SP4-LTSS, SUSE Linux Enterprise Server for SAP 12-SP1; openSUSE Backports SLE-15-SP1, openSUSE Leap 15.1 allowed local attackers controlling the user news to escalate their privileges to root. This issue affects: SUSE Linux Enterprise Debuginfo 11-SP3 syslog-ng versions prior to 2.0.9-27.34.40.5.1. SUSE Linux Enterprise Debuginfo 11-SP4 syslog-ng versions prior to 2.0.9-27.34.40.5.1. SUSE Linux Enterprise Module for Legacy Software 12 syslog-ng versions prior to 3.6.4-12.8.1. SUSE Linux Enterprise Point of Sale 11-SP3 syslog-ng versions prior to 2.0.9-27.34.40.5.1. SUSE Linux Enterprise Server 11-SP4-LTSS syslog-ng versions prior to 2.0.9-27.34.40.5.1. SUSE Linux Enterprise Server for SAP 12-SP1 syslog-ng versions prior to 3.6.4-12.8.1. openSUSE Backports SLE-15-SP1 syslog-ng versions prior to 3.19.1-bp151.4.6.1. openSUSE Leap 15.1 syslog-ng versions prior to 3.19.1-lp151.3.6.1.

Action-Not Available
Vendor-oneidentityopenSUSESUSE
Product-linux_enterprise_serverlinux_enterprise_module_for_legacylinux_enterprise_debuginfolinux_enterprise_point_of_salesyslog-ngbackports_sleleapSUSE Linux Enterprise Debuginfo 11-SP4SUSE Linux Enterprise Module for Legacy Software 12SUSE Linux Enterprise Point of Sale 11-SP3openSUSE Leap 15.1SUSE Linux Enterprise Server for SAP 12-SP1openSUSE Backports SLE-15-SP1SUSE Linux Enterprise Server 11-SP4-LTSSSUSE Linux Enterprise Debuginfo 11-SP3
CWE ID-CWE-61
UNIX Symbolic Link (Symlink) Following
CVE-2020-8023
Matching Score-8
Assigner-SUSE
ShareView Details
Matching Score-8
Assigner-SUSE
CVSS Score-7.7||HIGH
EPSS-0.06% / 19.35%
||
7 Day CHG~0.00%
Published-01 Sep, 2020 | 11:25
Updated-16 Sep, 2024 | 18:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Local privilege escalation from ldap to root when using OPENLDAP_CONFIG_BACKEND=ldap in openldap2

A acceptance of Extraneous Untrusted Data With Trusted Data vulnerability in the start script of openldap2 of SUSE Enterprise Storage 5, SUSE Linux Enterprise Debuginfo 11-SP3, SUSE Linux Enterprise Debuginfo 11-SP4, SUSE Linux Enterprise Point of Sale 11-SP3, SUSE Linux Enterprise Server 11-SECURITY, SUSE Linux Enterprise Server 11-SP4-LTSS, SUSE Linux Enterprise Server 12-SP2-BCL, SUSE Linux Enterprise Server 12-SP2-LTSS, SUSE Linux Enterprise Server 12-SP3-BCL, SUSE Linux Enterprise Server 12-SP3-LTSS, SUSE Linux Enterprise Server 12-SP4, SUSE Linux Enterprise Server 12-SP5, SUSE Linux Enterprise Server 15-LTSS, SUSE Linux Enterprise Server for SAP 12-SP2, SUSE Linux Enterprise Server for SAP 12-SP3, SUSE Linux Enterprise Server for SAP 15, SUSE OpenStack Cloud 7, SUSE OpenStack Cloud 8, SUSE OpenStack Cloud Crowbar 8; openSUSE Leap 15.1, openSUSE Leap 15.2 allows local attackers to escalate privileges from user ldap to root. This issue affects: SUSE Enterprise Storage 5 openldap2 versions prior to 2.4.41-18.71.2. SUSE Linux Enterprise Debuginfo 11-SP3 openldap2 versions prior to 2.4.26-0.74.13.1,. SUSE Linux Enterprise Debuginfo 11-SP4 openldap2 versions prior to 2.4.26-0.74.13.1,. SUSE Linux Enterprise Point of Sale 11-SP3 openldap2 versions prior to 2.4.26-0.74.13.1,. SUSE Linux Enterprise Server 11-SECURITY openldap2-client-openssl1 versions prior to 2.4.26-0.74.13.1. SUSE Linux Enterprise Server 11-SP4-LTSS openldap2 versions prior to 2.4.26-0.74.13.1,. SUSE Linux Enterprise Server 12-SP2-BCL openldap2 versions prior to 2.4.41-18.71.2. SUSE Linux Enterprise Server 12-SP2-LTSS openldap2 versions prior to 2.4.41-18.71.2. SUSE Linux Enterprise Server 12-SP3-BCL openldap2 versions prior to 2.4.41-18.71.2. SUSE Linux Enterprise Server 12-SP3-LTSS openldap2 versions prior to 2.4.41-18.71.2. SUSE Linux Enterprise Server 12-SP4 openldap2 versions prior to 2.4.41-18.71.2. SUSE Linux Enterprise Server 12-SP5 openldap2 versions prior to 2.4.41-18.71.2. SUSE Linux Enterprise Server 15-LTSS openldap2 versions prior to 2.4.46-9.31.1. SUSE Linux Enterprise Server for SAP 12-SP2 openldap2 versions prior to 2.4.41-18.71.2. SUSE Linux Enterprise Server for SAP 12-SP3 openldap2 versions prior to 2.4.41-18.71.2. SUSE Linux Enterprise Server for SAP 15 openldap2 versions prior to 2.4.46-9.31.1. SUSE OpenStack Cloud 7 openldap2 versions prior to 2.4.41-18.71.2. SUSE OpenStack Cloud 8 openldap2 versions prior to 2.4.41-18.71.2. SUSE OpenStack Cloud Crowbar 8 openldap2 versions prior to 2.4.41-18.71.2. openSUSE Leap 15.1 openldap2 versions prior to 2.4.46-lp151.10.12.1. openSUSE Leap 15.2 openldap2 versions prior to 2.4.46-lp152.14.3.1.

Action-Not Available
Vendor-openSUSESUSE
Product-linux_enterprise_serverlinux_enterprise_debuginfolinux_enterprise_point_of_saleopenldap2openstack_cloudenterprise_storageopenstack_cloud_crowbarleapSUSE Linux Enterprise Debuginfo 11-SP4SUSE OpenStack Cloud Crowbar 8SUSE Linux Enterprise Server 12-SP4SUSE Linux Enterprise Server 11-SECURITYSUSE Linux Enterprise Server 12-SP2-BCLSUSE Linux Enterprise Server for SAP 12-SP3SUSE Linux Enterprise Server for SAP 12-SP2SUSE Linux Enterprise Server 12-SP3-LTSSSUSE Linux Enterprise Server 12-SP3-BCLSUSE Enterprise Storage 5SUSE Linux Enterprise Server 11-SP4-LTSSSUSE Linux Enterprise Server 12-SP2-LTSSSUSE Linux Enterprise Server for SAP 15SUSE Linux Enterprise Server 12-SP5SUSE Linux Enterprise Point of Sale 11-SP3openSUSE Leap 15.1SUSE OpenStack Cloud 7openSUSE Leap 15.2SUSE Linux Enterprise Server 15-LTSSSUSE Linux Enterprise Debuginfo 11-SP3SUSE OpenStack Cloud 8
CWE ID-CWE-349
Acceptance of Extraneous Untrusted Data With Trusted Data
CVE-2024-22029
Matching Score-8
Assigner-SUSE
ShareView Details
Matching Score-8
Assigner-SUSE
CVSS Score-7.8||HIGH
EPSS-0.02% / 5.47%
||
7 Day CHG~0.00%
Published-16 Oct, 2024 | 13:20
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
tomcat packaging allows for escalation to root from tomcat user

Insecure permissions in the packaging of tomcat allow local users that win a race during package installation to escalate to root

Action-Not Available
Vendor-SUSE
Product-SUSE Linux Enterprise Module for Web and Scripting 15 SP5SUSE Linux Enterprise High Performance Computing 15 SP2-LTSSSUSE Linux Enterprise High Performance Computing 15 SP4-ESPOSSUSE Linux Enterprise Server for SAP Applications 15 SP6SUSE Linux Enterprise High Performance Computing 15 SP6SUSE Linux Enterprise Server 15 SP2-LTSSSUSE Linux Enterprise Server for SAP Applications 15 SP3SUSE Linux Enterprise Server for SAP Applications 15 SP2SUSE Linux Enterprise Module for Web and Scripting 15 SP6openSUSE TumbleweedSUSE Linux Enterprise Server 15 SP6SUSE Linux Enterprise Server for SAP Applications 15 SP4SUSE Linux Enterprise High Performance Computing 15 SP3-LTSSSUSE Linux Enterprise High Performance Computing 15 SP5SUSE Linux Enterprise High Performance Computing 15 SP4-LTSSopenSUSE Leap 15.5SUSE Enterprise Storage 7.1SUSE Linux Enterprise Server 15 SP3-LTSSSUSE Linux Enterprise Server 15 SP4-LTSSSUSE Linux Enterprise Server for SAP Applications 15 SP5SUSE Linux Enterprise Server 15 SP5SUSE Manager Server 4.3Container suse/manager/5.0/x86_64/server:5.0.0-beta1.2.122
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2018-17956
Matching Score-8
Assigner-OpenText (formerly Micro Focus)
ShareView Details
Matching Score-8
Assigner-OpenText (formerly Micro Focus)
CVSS Score-3.3||LOW
EPSS-0.04% / 14.36%
||
7 Day CHG~0.00%
Published-15 Mar, 2019 | 20:00
Updated-17 Sep, 2024 | 02:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Password exposed in process listing

In yast2-samba-provision up to and including version 1.0.1 the password for samba shares was provided on the command line to tools used by yast2-samba-provision, allowing local attackers to read them in the process list

Action-Not Available
Vendor-openSUSESUSE
Product-yast2-samba-provisionyast2-samba-provision
CWE ID-CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
CVE-2018-17954
Matching Score-8
Assigner-OpenText (formerly Micro Focus)
ShareView Details
Matching Score-8
Assigner-OpenText (formerly Micro Focus)
CVSS Score-9.3||CRITICAL
EPSS-0.04% / 13.06%
||
7 Day CHG~0.00%
Published-03 Apr, 2020 | 07:05
Updated-16 Sep, 2024 | 20:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
crowbar provision leaks admin password to all nodes in cleartext

An Improper Privilege Management in crowbar of SUSE OpenStack Cloud 7, SUSE OpenStack Cloud 8, SUSE OpenStack Cloud 9, SUSE OpenStack Cloud Crowbar 8, SUSE OpenStack Cloud Crowbar 9 allows root users on any crowbar managed node to cause become root on any other node. This issue affects: SUSE OpenStack Cloud 7 crowbar-core versions prior to 4.0+git.1578392992.fabfd186c-9.63.1, crowbar-. SUSE OpenStack Cloud 8 ardana-cinder versions prior to 8.0+git.1579279939.ee7da88-3.39.3, ardana-. SUSE OpenStack Cloud 9 ardana-ansible versions prior to 9.0+git.1581611758.f694f7d-3.16.1, ardana-. SUSE OpenStack Cloud Crowbar 8 crowbar-core versions prior to 5.0+git.1582968668.1a55c77c5-3.35.4, crowbar-. SUSE OpenStack Cloud Crowbar 9 crowbar-core versions prior to 6.0+git.1582892022.cbd70e833-3.19.3, crowbar-.

Action-Not Available
Vendor-SUSE
Product-openstack_cloud_crowbaropenstack_cloudSUSE OpenStack Cloud Crowbar 8SUSE OpenStack Cloud Crowbar 9SUSE OpenStack Cloud 7SUSE OpenStack Cloud 9SUSE OpenStack Cloud 8
CWE ID-CWE-269
Improper Privilege Management
CVE-2019-3688
Matching Score-6
Assigner-SUSE
ShareView Details
Matching Score-6
Assigner-SUSE
CVSS Score-5.1||MEDIUM
EPSS-0.06% / 18.26%
||
7 Day CHG~0.00%
Published-07 Oct, 2019 | 14:00
Updated-16 Sep, 2024 | 23:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
squid: /usr/sbin/pinger packaged with wrong permission

The /usr/sbin/pinger binary packaged with squid in SUSE Linux Enterprise Server 15 before and including version 4.8-5.8.1 and in SUSE Linux Enterprise Server 12 before and including 3.5.21-26.17.1 had squid:root, 0750 permissions. This allowed an attacker that compromissed the squid user to gain persistence by changing the binary

Action-Not Available
Vendor-SUSE
Product-suse_linux_enterprise_serverSUSE Linux Enterprise Server 15SUSE Linux Enterprise Server 12
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2019-3687
Matching Score-6
Assigner-SUSE
ShareView Details
Matching Score-6
Assigner-SUSE
CVSS Score-4||MEDIUM
EPSS-0.08% / 24.14%
||
7 Day CHG~0.00%
Published-24 Jan, 2020 | 08:25
Updated-16 Sep, 2024 | 20:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
"easy" permission profile allows everyone execute dumpcap and read all network traffic

The permission package in SUSE Linux Enterprise Server allowed all local users to run dumpcap in the "easy" permission profile and sniff network traffic. This issue affects: SUSE Linux Enterprise Server permissions versions starting from 85c83fef7e017f8ab7f8602d3163786d57344439 to 081d081dcfaf61710bda34bc21c80c66276119aa.

Action-Not Available
Vendor-SUSE
Product-linux_enterprise_serverSUSE Linux Enterprise Server
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2019-3689
Matching Score-6
Assigner-SUSE
ShareView Details
Matching Score-6
Assigner-SUSE
CVSS Score-5.1||MEDIUM
EPSS-0.34% / 56.93%
||
7 Day CHG~0.00%
Published-19 Sep, 2019 | 13:27
Updated-17 Sep, 2024 | 04:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
nfs-utils: root-owned files stored in insecure /var/lib/nfs directory

The nfs-utils package in SUSE Linux Enterprise Server 12 before and including version 1.3.0-34.18.1 and in SUSE Linux Enterprise Server 15 before and including version 2.1.1-6.10.2 the directory /var/lib/nfs is owned by statd:nogroup. This directory contains files owned and managed by root. If statd is compromised, it can therefore trick processes running with root privileges into creating/overwriting files anywhere on the system.

Action-Not Available
Vendor-linux-nfsSUSE
Product-linux_enterprise_servernfs-utilsSUSE Linux Enterprise Server 15SUSE Linux Enterprise Server 12
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2019-18900
Matching Score-6
Assigner-SUSE
ShareView Details
Matching Score-6
Assigner-SUSE
CVSS Score-4||MEDIUM
EPSS-0.10% / 27.10%
||
7 Day CHG~0.00%
Published-24 Jan, 2020 | 15:15
Updated-16 Sep, 2024 | 20:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
libzypp stores cookies world readable

: Incorrect Default Permissions vulnerability in libzypp of SUSE CaaS Platform 3.0, SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Server 15 allowed local attackers to read a cookie store used by libzypp, exposing private cookies. This issue affects: SUSE CaaS Platform 3.0 libzypp versions prior to 16.21.2-27.68.1. SUSE Linux Enterprise Server 12 libzypp versions prior to 16.21.2-2.45.1. SUSE Linux Enterprise Server 15 17.19.0-3.34.1.

Action-Not Available
Vendor-openSUSESUSE
Product-caas_platformlibzyppsuse_linux_enterprise_serverCaaS Platform 3.0SUSE Linux Enterprise Server 15SUSE Linux Enterprise Server 12
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2023-22651
Matching Score-6
Assigner-SUSE
ShareView Details
Matching Score-6
Assigner-SUSE
CVSS Score-9.9||CRITICAL
EPSS-0.37% / 59.11%
||
7 Day CHG~0.00%
Published-04 May, 2023 | 07:53
Updated-29 Jan, 2025 | 17:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper Privilege Management vulnerability in SUSE Rancher allows Privilege Escalation. A failure in the update logic of Rancher's admission Webhook may lead to the misconfiguration of the Webhook. This component enforces validation rules and security checks before resources are admitted into the Kubernetes cluster. The issue only affects users that upgrade from 2.6.x or 2.7.x to 2.7.2. Users that did a fresh install of 2.7.2 (and did not follow an upgrade path) are not affected.

Action-Not Available
Vendor-SUSE
Product-rancherRancher
CWE ID-CWE-269
Improper Privilege Management
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2024-49504
Matching Score-6
Assigner-SUSE
ShareView Details
Matching Score-6
Assigner-SUSE
CVSS Score-7||HIGH
EPSS-0.09% / 25.87%
||
7 Day CHG~0.00%
Published-13 Nov, 2024 | 14:44
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
grub2 allows bypassing TPM-bound disk encryption on SL(E)M encrypted Images

grub2 allowed attackers with access to the grub shell to access files on the encrypted disks.

Action-Not Available
Vendor-SUSE
Product-openSUSE Tumbleweedopensuse_tumbleweed
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2022-31251
Matching Score-6
Assigner-SUSE
ShareView Details
Matching Score-6
Assigner-SUSE
CVSS Score-6.5||MEDIUM
EPSS-0.03% / 9.80%
||
7 Day CHG~0.00%
Published-07 Sep, 2022 | 08:55
Updated-17 Sep, 2024 | 01:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
slurm: %post for slurm-testsuite operates as root in user owned directory

A Incorrect Default Permissions vulnerability in the packaging of the slurm testsuite of openSUSE Factory allows local attackers with control over the slurm user to escalate to root. This issue affects: openSUSE Factory slurm versions prior to 22.05.2-3.3.

Action-Not Available
Vendor-openSUSESUSE
Product-factoryopenSUSE Factory
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2021-25317
Matching Score-6
Assigner-SUSE
ShareView Details
Matching Score-6
Assigner-SUSE
CVSS Score-3.3||LOW
EPSS-0.10% / 27.42%
||
7 Day CHG~0.00%
Published-05 May, 2021 | 09:35
Updated-17 Sep, 2024 | 00:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
cups: ownership of /var/log/cups allows the lp user to create files as root

A Incorrect Default Permissions vulnerability in the packaging of cups of SUSE Linux Enterprise Server 11-SP4-LTSS, SUSE Manager Server 4.0, SUSE OpenStack Cloud Crowbar 9; openSUSE Leap 15.2, Factory allows local attackers with control of the lp users to create files as root with 0644 permissions without the ability to set the content. This issue affects: SUSE Linux Enterprise Server 11-SP4-LTSS cups versions prior to 1.3.9. SUSE Manager Server 4.0 cups versions prior to 2.2.7. SUSE OpenStack Cloud Crowbar 9 cups versions prior to 1.7.5. openSUSE Leap 15.2 cups versions prior to 2.2.7. openSUSE Factory cups version 2.3.3op2-2.1 and prior versions.

Action-Not Available
Vendor-Fedora ProjectopenSUSESUSE
Product-linux_enterprise_serverfactorycupsmanager_serverfedoraopenstack_cloud_crowbarleapFactorySUSE OpenStack Cloud Crowbar 9SUSE Manager Server 4.0openSUSE Leap 15.2SUSE Linux Enterprise Server 11-SP4-LTSS
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2024-27264
Matching Score-4
Assigner-IBM Corporation
ShareView Details
Matching Score-4
Assigner-IBM Corporation
CVSS Score-7.4||HIGH
EPSS-0.04% / 13.79%
||
7 Day CHG~0.00%
Published-22 May, 2024 | 19:21
Updated-30 Jun, 2025 | 18:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
IBM Performance Tools for i privilege escalation

IBM Performance Tools for i 7.2, 7.3, 7.4, and 7.5 could allow a local user to gain elevated privileges due to an unqualified library call. A malicious actor could cause user-controlled code to run with administrator privilege. IBM X-Force ID: 284563.

Action-Not Available
Vendor-IBM Corporation
Product-ii
CWE ID-CWE-269
Improper Privilege Management
CWE ID-CWE-276
Incorrect Default Permissions
CWE ID-CWE-284
Improper Access Control
CVE-2021-47761
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-8.5||HIGH
EPSS-0.02% / 6.74%
||
7 Day CHG~0.00%
Published-15 Jan, 2026 | 15:52
Updated-16 Jan, 2026 | 15:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
MilleGPG5 5.7.2 Luglio 2021 (x64) - Local Privilege Escalation

MilleGPG5 5.7.2 contains a local privilege escalation vulnerability that allows authenticated users to modify service executable files in the MariaDB bin directory. Attackers can replace the mysqld.exe with a malicious executable, which will execute with system privileges when the computer restarts.

Action-Not Available
Vendor-Millegpg
Product-MilleGPG5
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2016-3943
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.19% / 41.18%
||
7 Day CHG~0.00%
Published-18 Apr, 2016 | 15:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Panda Endpoint Administration Agent before 7.50.00, as used in Panda Security for Business products for Windows, uses a weak ACL for the Panda Security/WaAgent directory and sub-directories, which allows local users to gain SYSTEM privileges by modifying an executable module.

Action-Not Available
Vendor-n/aWatchGuard Technologies, Inc.
Product-panda_endpoint_administration_agentn/a
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2024-25958
Matching Score-4
Assigner-Dell
ShareView Details
Matching Score-4
Assigner-Dell
CVSS Score-6.7||MEDIUM
EPSS-0.03% / 10.75%
||
7 Day CHG~0.00%
Published-26 Mar, 2024 | 15:18
Updated-28 Jan, 2025 | 18:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell Grab for Windows, versions up to and including 5.0.4, contain Weak Application Folder Permissions vulnerability. A local authenticated attacker could potentially exploit this vulnerability, leading to privilege escalation, unauthorized access to application data, unauthorized modification of application data and service disruption.

Action-Not Available
Vendor-Dell Inc.
Product-grabGrab for Windowsgrab_for_windows
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2025-21532
Matching Score-4
Assigner-Oracle
ShareView Details
Matching Score-4
Assigner-Oracle
CVSS Score-7.8||HIGH
EPSS-0.17% / 38.73%
||
7 Day CHG~0.00%
Published-21 Jan, 2025 | 20:53
Updated-26 Feb, 2026 | 19:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the Oracle Analytics Desktop product of Oracle Analytics (component: Install). Supported versions that are affected are Prior to 8.1.0. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Analytics Desktop executes to compromise Oracle Analytics Desktop. Successful attacks of this vulnerability can result in takeover of Oracle Analytics Desktop. CVSS 3.1 Base Score 7.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).

Action-Not Available
Vendor-Oracle Corporation
Product-analytics_desktopOracle Analytics Desktop
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2016-5425
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-7.8||HIGH
EPSS-11.55% / 93.80%
||
7 Day CHG~0.00%
Published-13 Oct, 2016 | 14:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Tomcat package on Red Hat Enterprise Linux (RHEL) 7, Fedora, CentOS, Oracle Linux, and possibly other Linux distributions uses weak permissions for /usr/lib/tmpfiles.d/tomcat.conf, which allows local users to gain root privileges by leveraging membership in the tomcat group.

Action-Not Available
Vendor-n/aThe Apache Software FoundationRed Hat, Inc.Oracle Corporation
Product-instantis_enterprisetrackenterprise_linux_serverenterprise_linux_workstationtomcatenterprise_linux_server_tusenterprise_linux_desktopenterprise_linux_server_euslinuxenterprise_linux_server_ausn/a
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2024-22428
Matching Score-4
Assigner-Dell
ShareView Details
Matching Score-4
Assigner-Dell
CVSS Score-7||HIGH
EPSS-0.05% / 14.61%
||
7 Day CHG~0.00%
Published-16 Jan, 2024 | 04:02
Updated-13 Nov, 2024 | 20:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dell iDRAC Service Module, versions 5.2.0.0 and prior, contain an Incorrect Default Permissions vulnerability. It may allow a local unprivileged user to escalate privileges and execute arbitrary code on the affected system. Dell recommends customers upgrade at the earliest opportunity.

Action-Not Available
Vendor-Dell Inc.
Product-emc_idrac_service_moduleiDRAC Service Module (iSM)
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2024-21116
Matching Score-4
Assigner-Oracle
ShareView Details
Matching Score-4
Assigner-Oracle
CVSS Score-7.8||HIGH
EPSS-0.20% / 42.18%
||
7 Day CHG~0.00%
Published-16 Apr, 2024 | 21:26
Updated-09 Jun, 2025 | 17:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 7.0.16. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. Note: This vulnerability applies to Linux hosts only. CVSS 3.1 Base Score 7.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).

Action-Not Available
Vendor-Oracle CorporationLinux Kernel Organization, Inc
Product-vm_virtualboxlinux_kernelVM VirtualBox
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2024-13188
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-4.8||MEDIUM
EPSS-0.07% / 20.60%
||
7 Day CHG~0.00%
Published-08 Jan, 2025 | 19:00
Updated-09 Oct, 2025 | 20:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
MicroWorld eScan Antivirus Installation var default permission

A vulnerability was found in MicroWorld eScan Antivirus 7.0.32 on Linux. It has been rated as critical. Affected by this issue is some unknown functionality of the file /opt/MicroWorld/var/ of the component Installation Handler. The manipulation leads to incorrect default permissions. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Action-Not Available
Vendor-escanavMicroWorld
Product-escan_anti-viruseScan Antivirus
CWE ID-CWE-266
Incorrect Privilege Assignment
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2025-29504
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.18% / 39.10%
||
7 Day CHG~0.00%
Published-03 Apr, 2025 | 00:00
Updated-15 Oct, 2025 | 16:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insecure Permission vulnerability in student-manage 1 allows a local attacker to escalate privileges via the Unsafe permission verification.

Action-Not Available
Vendor-huang-ykn/a
Product-student-managen/a
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2024-11598
Matching Score-4
Assigner-Ivanti
ShareView Details
Matching Score-4
Assigner-Ivanti
CVSS Score-7.8||HIGH
EPSS-0.34% / 57.34%
||
7 Day CHG~0.00%
Published-11 Dec, 2024 | 16:50
Updated-23 Jan, 2025 | 20:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Under specific circumstances, insecure permissions in Ivanti Application Control before version 2024.3 HF1, 2024.1 HF2, or 2023.3 HF3 allows a local authenticated attacker to achieve local privilege escalation.

Action-Not Available
Vendor-Ivanti Software
Product-application_controlApplication Control
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2024-11624
Matching Score-4
Assigner-Google Devices
ShareView Details
Matching Score-4
Assigner-Google Devices
CVSS Score-7.8||HIGH
EPSS-0.01% / 0.39%
||
7 Day CHG~0.00%
Published-03 Jan, 2025 | 03:28
Updated-03 Jan, 2025 | 23:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

there is a possible to add apps to bypass VPN due to Undeclared Permission . This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Action-Not Available
Vendor-Google LLC
Product-Android
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2024-1155
Matching Score-4
Assigner-National Instruments
ShareView Details
Matching Score-4
Assigner-National Instruments
CVSS Score-7.8||HIGH
EPSS-0.08% / 24.49%
||
7 Day CHG~0.00%
Published-20 Feb, 2024 | 14:34
Updated-12 Feb, 2025 | 18:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Incorrect permissions for shared NI SystemLink Elixir based services

Incorrect permissions in the installation directories for shared SystemLink Elixir based services may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-emersonNI
Product-specification_compliance_managerflexloggersystemlink_serverlabview_nxgg_web_development_softwarestatic_test_software_suitedata_record_adsts_software_bundleSystemLink ServerFlexLogger
CWE ID-CWE-276
Incorrect Default Permissions
CWE ID-CWE-863
Incorrect Authorization
CVE-2020-13770
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.10% / 28.29%
||
7 Day CHG~0.00%
Published-12 Nov, 2020 | 17:38
Updated-04 Aug, 2024 | 12:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Several services are accessing named pipes in Ivanti Endpoint Manager through 2020.1.1 with default or overly permissive security attributes; as these services run as user ‘NT AUTHORITY\SYSTEM’, the issue can be used to escalate privileges from a local standard or service account having SeImpersonatePrivilege (eg. user ‘NT AUTHORITY\NETWORK SERVICE’).

Action-Not Available
Vendor-n/aIvanti Software
Product-endpoint_managern/a
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2020-13554
Matching Score-4
Assigner-Talos
ShareView Details
Matching Score-4
Assigner-Talos
CVSS Score-8.8||HIGH
EPSS-0.04% / 14.17%
||
7 Day CHG~0.00%
Published-03 Mar, 2021 | 16:14
Updated-04 Aug, 2024 | 12:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An exploitable local privilege elevation vulnerability exists in the file system permissions of Advantech WebAccess/SCADA 9.0.1 installation. In webvrpcs Run Key Privilege Escalation in installation folder of WebAccess, an attacker can either replace binary or loaded modules to execute code with NT SYSTEM privilege.

Action-Not Available
Vendor-n/aAdvantech (Advantech Co., Ltd.)
Product-webaccess\/scadaAdvantech
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2025-24914
Matching Score-4
Assigner-Tenable Network Security, Inc.
ShareView Details
Matching Score-4
Assigner-Tenable Network Security, Inc.
CVSS Score-7.8||HIGH
EPSS-0.06% / 20.40%
||
7 Day CHG~0.00%
Published-18 Apr, 2025 | 18:18
Updated-15 Apr, 2026 | 00:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Local Priviledge Escalation

When installing Nessus to a non-default location on a Windows host, Nessus versions prior to 10.8.4 did not enforce secure permissions for sub-directories. This could allow for local privilege escalation if users had not secured the directories in the non-default installation location. - CVE-2025-24914

Action-Not Available
Vendor-Tenable, Inc.
Product-Nessus
CWE ID-CWE-276
Incorrect Default Permissions
CVE-2025-23105
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.06% / 18.37%
||
7 Day CHG~0.00%
Published-02 Jun, 2025 | 00:00
Updated-13 Jun, 2025 | 18:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in Samsung Mobile Processor Exynos 2200, 1480, and 2400. A Use-After-Free in the mobile processor leads to privilege escalation.

Action-Not Available
Vendor-n/aSamsung
Product-exynos_2400_firmwareexynos_2200exynos_2200_firmwareexynos_1480exynos_2400exynos_1480_firmwaren/a
CWE ID-CWE-276
Incorrect Default Permissions
  • Previous
  • 1
  • 2
  • 3
  • ...
  • 8
  • 9
  • Next
Details not found