incron 0.5.5 does not initialize supplementary groups when running a process from a user's incrontabs, which causes the process to be run with the incrond supplementary groups and allows local users to gain privileges via an incrontab table.
Max CVSS
4.6
EPSS Score
0.04%
Published
2009-10-08
Updated
2009-10-08
Unspecified vulnerability in inotify before 0.3.5 has unknown impact and attack vectors, related to "access rights to watched files."
Max CVSS
2.1
EPSS Score
0.06%
Published
2007-01-31
Updated
2011-03-08
2 vulnerabilities found