6 matches found
CVE-2023-0944
Bhima version 1.27.0 allows an authenticated attacker with regular user permissions to update arbitrary user session data such as username, email and password. This is possible because the application is vulnerable to IDOR, it does not correctly validate user permissions with respect to certain...
CVE-2023-0944
creationtimestamp| type| source ---|---|--- 2023-04-06 00:26:43+00:00| seen| https://t.me/cibsecurity/61514 2025-02-14 10:09:22+00:00| seen| Telegram/nlkqkBLwRbGhOW97RbK4xP-pvnoUE6zKsiWANVMMFYGGsvtg...
CVE-2023-0944
Bhima version 1.27.0 allows an authenticated attacker with regular user permissions to update arbitrary user session data such as username, email and password. This is possible because the application is vulnerable to IDOR, it does not correctly validate user permissions with respect to certain...
CVE-2023-0944
Bhima version 1.27.0 allows an authenticated attacker with regular user permissions to update arbitrary user session data such as username, email and password. This is possible because the application is vulnerable to IDOR, it does not correctly validate user permissions with respect to certain...
CVE-2023-0944
CVE-2023-0944 affects Bhima 1.27.0. An authenticated user with regular permissions can perform an IDOR to update arbitrary user session data (e.g., username, email, password) due to improper permission validation for certain actions. The connected documents describe the vulnerability and impact b...
RHEL 7 : kernel (RHSA-2023:0944)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:0944 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: stack overflow in doprocdointvec and...