Total
1480 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-29504 | 1 Huang-yk | 1 Student-manage | 2026-06-17 | N/A | 7.8 HIGH |
| Insecure Permission vulnerability in student-manage 1 allows a local attacker to escalate privileges via the Unsafe permission verification. | |||||
| CVE-2025-27926 | 1 Nintex | 1 Automation | 2026-06-17 | N/A | 4.3 MEDIUM |
| In Nintex Automation 5.6 and 5.7 before 5.8, the K2 SmartForms Designer folder has configuration files (web.config) containing passwords that are readable by unauthorized users. | |||||
| CVE-2025-27711 | 2026-06-17 | N/A | 6.7 MEDIUM | ||
| Incorrect default permissions for some Intel(R) One Boot Flash Update (Intel(R) OFU) software before version 14.1.31 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined with a high complexity attack may enable escalation of privilege. This result may potentially occur via local access when attack requirements are present without special internal knowledge and requires active user interaction. The potential vulnerability may impact the confidentiality (high), integrity (high) and availability (high) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts. | |||||
| CVE-2025-27682 | 1 Printerlogic | 2 Vasion Print, Virtual Appliance | 2026-06-17 | N/A | 9.8 CRITICAL |
| Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 1.0.735 Application 20.0.1330 allows Insecure Log Permissions V-2022-005. | |||||
| CVE-2025-27677 | 1 Printerlogic | 2 Vasion Print, Virtual Appliance | 2026-06-17 | N/A | 9.8 CRITICAL |
| Vasion Print (formerly PrinterLogic) before Virtual Appliance Host 22.0.843 Application 20.0.1923 allows Symbolic Links For Unprivileged File Interaction V-2022-002. | |||||
| CVE-2025-27612 | 2026-06-17 | N/A | 5.9 MEDIUM | ||
| libcontainer is a library for container control. Prior to libcontainer 0.5.3, while creating a tenant container, the tenant builder accepts a list of capabilities to be added in the spec of tenant container. The logic here adds the given capabilities to all capabilities of main container if present in spec, otherwise simply set provided capabilities as capabilities of the tenant container. However, setting inherited caps in any case for tenant container can lead to elevation of capabilities, similar to CVE-2022-29162. This does not affect youki binary itself. This is only applicable if you are using libcontainer directly and using the tenant builder. | |||||
| CVE-2025-27559 | 2026-06-17 | N/A | 6.7 MEDIUM | ||
| Incorrect default permissions for some AI Playground software before version v2.3.0 alpha may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2025-27521 | 1 Huawei | 1 Harmonyos | 2026-06-17 | N/A | 6.8 MEDIUM |
| Vulnerability of improper access permission in the process management module Impact: Successful exploitation of this vulnerability may affect service confidentiality. | |||||
| CVE-2025-27246 | 2026-06-17 | N/A | 6.7 MEDIUM | ||
| Incorrect default permissions for the Intel(R) Processor Identification Utility before version 8.0.43 within Ring 3: User Applications may allow an escalation of privilege. System software adversary with an authenticated user combined with a high complexity attack may enable local code execution. This result may potentially occur via local access when attack requirements are present without special internal knowledge and requires active user interaction. The potential vulnerability may impact the confidentiality (high), integrity (high) and availability (high) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts. | |||||
| CVE-2025-27154 | 1 Spotipy Project | 1 Spotipy | 2026-06-17 | N/A | 9.8 CRITICAL |
| Spotipy is a lightweight Python library for the Spotify Web API. The `CacheHandler` class creates a cache file to store the auth token. Prior to version 2.25.1, the file created has `rw-r--r--` (644) permissions by default, when it could be locked down to `rw-------` (600) permissions. This leads to overly broad exposure of the spotify auth token. If this token can be read by an attacker (another user on the machine, or a process running as another user), it can be used to perform administrative actions on the Spotify account, depending on the scope granted to the token. Version 2.25.1 tightens the cache file permissions. | |||||
| CVE-2025-26470 | 2026-06-17 | N/A | 6.7 MEDIUM | ||
| Incorrect default permissions for some Intel(R) Distribution for Python software installers before version 2025.1.0 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2025-25535 | 2026-06-17 | N/A | 9.8 CRITICAL | ||
| HTTP Response Manipulation in SCRIPT CASE v.1.0.002 Build7 allows a remote attacker to escalate privileges via a crafted request. | |||||
| CVE-2025-24915 | 2026-06-17 | N/A | 7.8 HIGH | ||
| When installing Nessus Agent to a non-default location on a Windows host, Nessus Agent versions prior to 10.8.3 did not enforce secure permissions for sub-directories. This could allow for local privilege escalation if users had not secured the directories in the non-default installation location. | |||||
| CVE-2025-24914 | 2026-06-17 | N/A | 7.8 HIGH | ||
| When installing Nessus to a non-default location on a Windows host, Nessus versions prior to 10.8.4 did not enforce secure permissions for sub-directories. This could allow for local privilege escalation if users had not secured the directories in the non-default installation location. - CVE-2025-24914 | |||||
| CVE-2025-24891 | 2026-06-17 | N/A | 9.6 CRITICAL | ||
| Dumb Drop is a file upload application. Users with permission to upload to the service are able to exploit a path traversal vulnerability to overwrite arbitrary system files. As the container runs as root by default, there is no limit to what can be overwritten. With this, it's possible to inject malicious payloads into files ran on schedule or upon certain service actions. As the service is not required to run with authentication enabled, this may permit wholly unprivileged users root access. Otherwise, anybody with a PIN. | |||||
| CVE-2025-24864 | 2026-06-17 | N/A | 7.8 HIGH | ||
| Incorrect access permission of a specific folder issue exists in RemoteView Agent (for Windows) versions prior to v8.1.5.2. If this vulnerability is exploited, a non-administrative user on the remote PC may execute an arbitrary OS command with LocalSystem privilege. | |||||
| CVE-2025-24826 | 2026-06-17 | N/A | 6.7 MEDIUM | ||
| Local privilege escalation due to insecure folder permissions. The following products are affected: Acronis Snap Deploy (Windows) before build 4625. | |||||
| CVE-2025-24795 | 2 Linux, Snowflake | 2 Linux Kernel, Snowflake Connector | 2026-06-17 | N/A | 4.4 MEDIUM |
| The Snowflake Connector for Python provides an interface for developing Python applications that can connect to Snowflake and perform all standard operations. Snowflake discovered and remediated a vulnerability in the Snowflake Connector for Python. On Linux systems, when temporary credential caching is enabled, the Snowflake Connector for Python will cache temporary credentials locally in a world-readable file. This vulnerability affects versions 2.3.7 through 3.13.0. Snowflake fixed the issue in version 3.13.1. | |||||
| CVE-2025-24790 | 2 Linux, Snowflake | 2 Linux Kernel, Snowflake Jdbc | 2026-06-17 | N/A | 4.4 MEDIUM |
| Snowflake JDBC provides a JDBC type 4 driver that supports core functionality, allowing Java program to connect to Snowflake. Snowflake discovered and remediated a vulnerability in the Snowflake JDBC Driver. On Linux systems, when temporary credential caching is enabled, the Snowflake JDBC Driver will cache temporary credentials locally in a world-readable file. This vulnerability affects versions 3.6.8 through 3.21.0. Snowflake fixed the issue in version 3.22.0. | |||||
| CVE-2025-24788 | 3 Apple, Linux, Snowflake | 3 Macos, Linux Kernel, Snowflake Connector | 2026-06-17 | N/A | 5.0 MEDIUM |
| snowflake-connector-net is the Snowflake Connector for .NET. Snowflake discovered and remediated a vulnerability in the Snowflake Connector for .NET in which files downloaded from stages are temporarily placed in a world-readable local directory, making them accessible to unauthorized users on the same machine. This vulnerability affects versions 2.0.12 through 4.2.0 on Linux and macOS. Snowflake fixed the issue in version 4.3.0. | |||||