administrator.cfc in Adobe ColdFusion 9.0, 9.0.1, 9.0.2, and 10 allows remote attackers to bypa…

The XML-RPC server in supervisor before 3.0.1, 3.1.x before 3.1.4, 3.2.x before 3.2.4, and 3.3.…

SolarView Compact <= 6.0 is vulnerable to Insecure Permissions. Any file on the server can be r…

Kramer VIAware 2.5.0719.1034 has Incorrect Access Control.

An issue was discovered in SolarWinds MSP PME (Patch Management Engine) Cache Service before 1.…

Potential security vulnerabilities have been identified in an OMEN Gaming Hub SDK package which…

Internet Explorer in Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an attac…

The Open Connectivity Foundation UPnP specification before 2020-04-17 does not forbid the accep…

The vCenter Server contains an information disclosure vulnerability due to improper permission …

An access control issue in the component formDMZ.cgi of D-Link 816A2_FWv1.10CNB05_R1B011D88210 …

An issue was discovered in Vaultwarden (formerly Bitwarden_RS) 1.30.3. A vulnerability has been…

**UNSUPPORTED WHEN ASSIGNED** Insecure default credentials for the Telnet function in the legac…

eQ-3 Homematic Central Control Unit (CCU)2 through 2.51.6 and CCU3 through 3.51.6 allow Remote …

The default permissions of /dev/kmem in Linux versions before 2.0.36 allows IP spoofing.

PowerJob V4.3.1 is vulnerable to Insecure Permissions. via the list job interface.

Sonatype Nexus Repository Manager 3.x up to and including 3.21.2 has Incorrect Access Control.

Puppet Server and PuppetDB provide useful performance and debugging information via their metri…

INSTEON Hub 2242-222 lacks Web and API authentication

Remote attackers may delete arbitrary files in a system hosting a JSPWiki instance, versions up…

Diasoft File Replication Pro 7.5.0 allows attackers to escalate privileges by replacing a legit…

A vulnerability in the client update process of Cisco AnyConnect Secure Mobility Client Softwar…

Millennium Millewin (also known as "Cartella clinica") 13.39.028, 13.39.28.3342, and 13.39.146.…

Incorrect File Permissions in Nagios XI 5.7.5 and earlier and Nagios Fusion 4.1.8 and earlier a…

An issue was discovered in Django 2.2 before 2.2.16, 3.0 before 3.0.10, and 3.1 before 3.1.1 (w…

Couchbase Server 4.0.0, 4.1.0, 4.1.1, 4.5.0, 4.5.1, 4.6.0 through 4.6.5, 5.0.0, 5.1.1, 5.5.0 an…

An unspecified server utility in NoMachine before 5.3.10 on Mac OS X and Linux allows authentic…

Unspecified vulnerability in cPanel before 10.9.0 12 Tree allows remote authenticated users to …

In SolarWinds DameWare Mini Remote Control Server 12.0.1.200, insecure file permissions allow f…

The Tomcat package on Red Hat Enterprise Linux (RHEL) 7, Fedora, CentOS, Oracle Linux, and poss…

The web management console of CheckMK Raw Edition (versions 1.5.0 to 1.6.0) allows a misconfigu…

Nagios XI before 5.8.5 has Incorrect Permission Assignment for repairmysql.sh.

Nagios XI before 5.8.5 has Incorrect Permission Assignment for migrate.php.

An elevation of privilege vulnerability exists in Active Directory Forest trusts due to a defau…

fwknop before 2.0.3 allow remote authenticated users to cause a denial of service (server crash…

An issue was discovered in Django 2.2 before 2.2.16, 3.0 before 3.0.10, and 3.1 before 3.1.1 (w…

In XeroSecurity Sn1per 9.0 (free version), insecure directory permissions (0777) are set during…

D-Link DSL-G2452DG HW:T1\\tFW:ME_2.00 was discovered to contain insecure permissions.

In IXP EasyInstall 6.2.13723, there is Remote Code Execution via weak permissions on the Engine…

Laundry Booking Management System 1.0 (Latest) and previous versions are affected by a remote c…

The administrative UI component of TIBCO Software Inc.'s TIBCO JasperReports Server, TIBCO Jasp…