CVE-2022-31251

MEDIUM Year: 2022
CVSS v3 Score
6.3
Medium
Weakness Type
CWE-276
View all →

Vulnerability Description

A Incorrect Default Permissions vulnerability in the packaging of the slurm testsuite of openSUSE Factory allows local attackers with control over the slurm user to escalate to root. This issue affects: openSUSE Factory slurm versions prior to 22.05.2-3.3.

Related Vulnerabilities

CVE-2020-12075

MEDIUM
CVSS:6.3(Medium)

The data-tables-generator-by-supsystic plugin before 1.9.92 for WordPress lacks capability checks for AJAX actions.

CWE-2762020

CVE-2021-33333

MEDIUM
CVSS:6.3(Medium)

The Portal Workflow module in Liferay Portal 7.3.2 and earlier, and Liferay DXP 7.0 before fix pack 93, 7.1 before fix pack 19 and 7.2 before fix pack 6, does not properly check user permission, which...

CWE-2762021

CVE-2021-3948

MEDIUM
CVSS:6.3(Medium)

An incorrect default permissions vulnerability was found in the mig-controller. Due to an incorrect cluster namespaces handling an attacker may be able to migrate a malicious workload to the target cl...

CWE-2762021

CVE-2024-47240

MEDIUM
CVSS:6.3(Medium)

Dell Secure Connect Gateway (SCG) 5.24 contains an Incorrect Default Permissions vulnerability. A local attacker with low privileges can access the file system and could potentially exploit this vulne...

CWE-2762024

CVE-2024-6640

MEDIUM
CVSS:6.3(Medium)

In ICMPv6 Neighbor Discovery (ND), the ID is always 0. When pf is configured to allow ND and block incoming Echo Requests, a crafted Echo Request packet after a Neighbor Solicitation (NS) can trigger ...

CWE-2762024

CVE-2012-5578

MEDIUM
CVSS:6.2(Medium)

Python keyring has insecure permissions on new databases allowing world-readable files to be created

CWE-2762012