Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
umask project umask vulnerabilities and exploits
(subscribe to this query)
7.2
CVSSv2
CVE-2021-31155
Failure to normalize the umask in please prior to 0.4 allows a local malicious user to gain full root privileges if they are allowed to execute at least one command.
Umask Project Umask
7.2
CVSSv2
CVE-2015-5723
Doctrine Annotations prior to 1.2.7, Cache prior to 1.3.2 and 1.4.x prior to 1.4.2, Common prior to 2.4.3 and 2.5.x prior to 2.5.1, ORM prior to 2.4.8 or 2.5.x prior to 2.5.1, MongoDB ODM prior to 1.0.2, and MongoDB ODM Bundle prior to 3.0.1 use world-writable permissions for cac...
Zend Zend-cache 2.5.1
Zend Zend-cache 2.5.0
Zend Zend-cache 2.5.2
Zend Zend-cache
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Doctrine-project Object Relational Mapper 2.5.0
Doctrine-project Object Relational Mapper
Doctrine-project Doctrinemongodbbundle 3.0.0
Zend Zend Framework
Doctrine-project Common
Doctrine-project Common 2.5.0
Doctrine-project Annotations
Doctrine-project Mongodb-odm
Doctrine-project Cache 1.4.0
Doctrine-project Cache 1.4.1
Doctrine-project Cache
Zend Zf-apigility-doctrine
1 Github repository
7.2
CVSSv2
CVE-2007-4573
The IA32 system call emulation functionality in Linux kernel 2.4.x and 2.6.x prior to 2.6.22.7, when running on the x86_64 architecture, does not zero extend the eax register after the 32bit entry path to ptrace is used, which might allow local users to gain privileges by trigger...
Linux Linux Kernel
2 EDB exploits
5.5
CVSSv2
CVE-2018-14348
libcgroup up to and including 0.41 creates /var/log/cgred with mode 0666 regardless of the configured umask, leading to disclosure of information.
Libcgroup Project Libcgroup
Debian Debian Linux 8.0
Fedoraproject Fedora 28
5
CVSSv2
CVE-2014-0160
The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 prior to 1.0.1g do not properly handle Heartbeat Extension packets, which allows remote malicious users to obtain sensitive information from process memory via crafted packets that trigger a buffer over-read, as demonstrat...
Openssl Openssl
Filezilla-project Filezilla Server
Siemens Application Processing Engine Firmware 2.0
Siemens Cp 1543-1 Firmware 1.1
Siemens Simatic S7-1500 Firmware 1.5
Siemens Simatic S7-1500t Firmware 1.5
Siemens Elan-8.2
Siemens Wincc Open Architecture 3.12
Intellian V100 Firmware 1.20
Intellian V100 Firmware 1.21
Intellian V100 Firmware 1.24
Intellian V60 Firmware 1.15
Intellian V60 Firmware 1.25
Mitel Micollab 6.0
Mitel Micollab 7.0
Mitel Micollab 7.1
Mitel Micollab 7.2
Mitel Micollab 7.3.0.104
Mitel Micollab 7.3
Mitel Mivoice 1.1.3.3
Mitel Mivoice 1.2.0.11
Mitel Mivoice 1.3.2.2
4 EDB exploits
2 Nmap scripts
308 Github repositories
4 Articles
4.9
CVSSv2
CVE-2007-3731
The Linux kernel 2.6.20 and 2.6.21 does not properly handle an invalid LDT segment selector in %cs (the xcs field) during ptrace single-step operations, which allows local users to cause a denial of service (NULL dereference and OOPS) via certain code that makes ptrace PTRACE_SET...
Linux Linux Kernel 2.6.21
Linux Linux Kernel 2.6.20
4.7
CVSSv2
CVE-2007-3739
mm/mmap.c in the hugetlb kernel, when run on PowerPC systems, does not prevent stack expansion from entering into reserved kernel page memory, which allows local users to cause a denial of service (OOPS) via unspecified vectors.
Redhat Enterprise Linux 5.0
4.6
CVSSv2
CVE-2013-2027
Jython 2.2.1 uses the current umask to set the privileges of the class cache files, which allows local users to bypass intended access restrictions via unspecified vectors.
Opensuse Opensuse 13.1
Opensuse Opensuse 13.2
Jython Project Jython 2.2.1
4.6
CVSSv2
CVE-2005-3148
StoreBackup prior to 1.19 does not properly set the uid and guid for symbolic links (1) that are backed up by storeBackup.pl, or (2) recovered by storeBackupRecover.pl, which could cause files to be restored with incorrect ownership.
Storebackup Storebackup 1.13
Storebackup Storebackup 1.14
Storebackup Storebackup 1.15
Storebackup Storebackup 1.16
Storebackup Storebackup 1.6
Storebackup Storebackup 1.7
Storebackup Storebackup 1.8
Storebackup Storebackup 1.8.1
Storebackup Storebackup 1.9
Storebackup Storebackup 1.10.1
Storebackup Storebackup 1.12
Storebackup Storebackup 1.12.2
Storebackup Storebackup 1.16.1
Storebackup Storebackup 1.17
Storebackup Storebackup 1.3
Storebackup Storebackup 1.5
Storebackup Storebackup 1.1
Storebackup Storebackup 1.10
Storebackup Storebackup 1.18.1
Storebackup Storebackup 1.18.2
Storebackup Storebackup 1.18.3
Storebackup Storebackup 1.18.4
4.4
CVSSv2
CVE-2007-3740
The CIFS filesystem in the Linux kernel prior to 2.6.22, when Unix extension support is enabled, does not honor the umask of a process, which allows local users to gain privileges.
Linux Linux Kernel 2.2.27
Linux Linux Kernel 2.6.21.5
Linux Linux Kernel 2.6.20.21
Linux Linux Kernel 2.6.18
Linux Linux Kernel 2.6.20.16
Linux Linux Kernel 2.4.36.2
Linux Linux Kernel 2.6.21.6
Linux Linux Kernel 2.4.36.6
Linux Linux Kernel 2.6.19.7
Linux Linux Kernel 2.6.19.4
Linux Linux Kernel 2.4.36
Linux Linux Kernel 2.4.36.3
Linux Linux Kernel 2.6.20.20
Linux Linux Kernel 2.6.20.19
Linux Linux Kernel 2.6.19.6
Linux Linux Kernel 2.4.36.5
Linux Linux Kernel 2.4.36.1
Linux Linux Kernel 2.6.20.18
Linux Linux Kernel 2.6.20.17
Linux Linux Kernel 2.6.19.5
Linux Linux Kernel 2.6
Linux Linux Kernel 2.4.36.4
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »