CWE-732: CWE-732

This vulnerability in Oracle MySQL Server allows high-privileged attackers with network access to cause a denial of service (DoS) by crashing or hangi...

This vulnerability in Siemens Spectrum Power 4 allows attackers to modify the local database containing application credentials, potentially gaining a...

Acronis Cyber Protect Cloud Agent fails to delete credentials after plan revocation, leaving authentication data accessible. This affects all platform...

Nagios XI versions before 2024R1.4.2 have overly permissive systemd unit file permissions, specifically on nagios.service. This allows local attackers...

This CVE describes a macOS permissions vulnerability where applications can bypass file system protections and modify restricted areas. It affects mac...

This vulnerability allows Web Users in Fortra's GoAnywhere MFT who are configured for password-only SFTP authentication to bypass this restriction and...

CVE-2024-54159 is a local privilege escalation vulnerability in stalld (Starving CPUs and Latency Daemon) that allows local users to overwrite arbitra...

SINEMA Remote Connect Server versions before V3.2 SP4 store SSL/TLS private keys with insufficient protection, allowing any authenticated user with se...

Freedombox versions before 25.17.1 have improper permissions on the backups-data directory, allowing unauthorized users to read database dump files. T...

This CVE describes an insecure permission vulnerability in ibaPDA software that could allow attackers to perform unauthorized file system operations. ...

CVE-2025-69426 allows attackers to exploit hardcoded SSH credentials in Ruckus vRIoT IoT Controller firmware to gain root access through Docker contai...

AirVPN Eddie on macOS contains an insecure XPC service that allows local, unprivileged users to escalate privileges to root. This affects Eddie versio...

A local privilege escalation vulnerability in ASUS System Control Interface allows unprivileged users to copy files into protected system paths withou...