The VFS subsystem in the Linux kernel 3.x provides an incomplete set of requirements for setattr operations that underspecifies removing extended privilege attributes, which allows local users to caus...

Microsoft Windows 10 allows an elevation of privilege vulnerability when the Windows Update Delivery Optimization does not properly enforce file share permissions.

An accessibility flaw was found in the OpenStack Workflow (mistral) service where a service log directory was improperly made world readable. A malicious system user could exploit this flaw to access ...

An issue was discovered in certain Apple products. iTunes before 12.7 is affected. The issue involves the "Data Sync" component. It allows attackers to access iOS backups (written by iTunes) via a cra...

A binary planting in SAP SQL Anywhere, before version 17.0, SAP IQ, before version 16.1, and SAP Dynamic Tier, before versions 1.0 and 2.0, can result in the inadvertent access of files located in dir...

Directory Indexing in Login Portal of Login Portal of TOTOLINK-A702R-V1.0.0-B20161227.1023 allows attacker to access /icons/ directories via GET Parameter.