CWE-CWE-275 CVE

Filtered by CWE-275

Total 102 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2013-3703	1 Opensuse	1 Open Build Service	2024-11-21	4.0 MEDIUM	8.8 HIGH
The controller of the Open Build Service API prior to version 2.4.4 is missing a write permission check, allowing an authenticated attacker to add or remove user roles from packages and/or project meta data.
CVE-2012-5628	1 Gofer Project	1 Gofer	2024-11-21	3.6 LOW	4.4 MEDIUM
gofer before 0.68 uses world-writable permissions for /var/lib/gofer/journal/watchdog, which allows local users to cause a denial of service by removing journal entries.

Vulnerabilities (CVE)