Lucene search
K

3984 matches found

Tenable Nessus
Tenable Nessus
added 2022/09/08 12:0 a.m.53 views

SUSE SLES15 Security Update : kernel (Live Patch 29 for SLE 15 SP2) (SUSE-SU-2022:3088-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:3088-1 advisory. This update for the Linux Kernel 5.3.18-15020024126 fixes several issues. The following security issues were fixed: - CVE-2020-36516: Fixed an...

7.8CVSS6.8AI score0.00678EPSS
Exploits1References7
BDU FSTEC
BDU FSTEC
added 2022/09/07 12:0 a.m.6 views

The vulnerability of the Trend Micro HouseCall antivirus protection tool for home networks relates to improper privilege assignment, allowing attackers to elevate their privileges.

The vulnerability of the Trend Micro HouseCall antivirus protection tool relates to the improper assignment of privileges. Exploiting this vulnerability can allow a remote attacker to increase their privileges...

10CVSS7.2AI score0.00211EPSS
Exploits0References3Affected Software1
Tenable Nessus
Tenable Nessus
added 2022/09/06 12:0 a.m.39 views

SUSE SLES15 Security Update : kernel (Live Patch 1 for SLE 15 SP4) (SUSE-SU-2022:3072-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:3072-1 advisory. This update for the Linux Kernel 5.14.21-1504002411 fixes several issues. The following security issues were fixed: - CVE-2020-36516: Fixed an...

7.8CVSS7AI score0.05561EPSS
Exploits4References13
CVE
CVE
added 2022/08/30 10:5 a.m.41 views

CVE-2022-3063

CVE-2022-3063 entry is rejected and not used; this candidate has been removed to prevent accidental usage.

6.9AI score
Exploits0
NVD
NVD
added 2022/08/30 9:15 a.m.11 views

CVE-2022-3022

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. Reason: This CVE has been rejected as it was incorrectly assigned. All references and descriptions in this candidate have been removed to prevent accidental usage...

Exploits0
ATTACKERKB
ATTACKERKB
added 2022/08/30 9:15 a.m.3 views

CVE-2022-3022

DO NOT USE THIS CANDIDATE NUMBER. Reason: This CVE has been rejected as it was incorrectly assigned. All references and descriptions in this candidate have been removed to prevent accidental usage...

5.7AI score
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2022/08/21 10:0 p.m.0 views

CVE-2022-40155

DO NOT USE THIS CANDIDATE NUMBER. Reason: This CVE has been rejected as it was incorrectly assigned. All references and descriptions in this candidate have been removed to prevent accidental usage...

7.1AI score
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2022/08/19 10:0 p.m.2 views

CVE-2022-40154

DO NOT USE THIS CANDIDATE NUMBER. Reason: This CVE has been rejected as it was incorrectly assigned. All references and descriptions in this candidate have been removed to prevent accidental usage...

7.1AI score
Exploits0References3
Github Security Blog
Github Security Blog
added 2022/08/17 12:0 a.m.19 views

Moodle Incorrect Authorization vulnerability

In Moodle before 3.9.1, 3.8.4, 3.7.7 and 3.5.13, teachers of a course were able to assign themselves the manager role within that course...

8.8CVSS6.6AI score0.16425EPSS
Exploits8References4Affected Software1
OSV
OSV
added 2022/08/16 9:15 p.m.34 views

CVE-2020-14321

In Moodle before 3.9.1, 3.8.4, 3.7.7 and 3.5.13, teachers of a course were able to assign themselves the manager role within that course...

8.8CVSS6.6AI score
Exploits0References1
Prion
Prion
added 2022/08/15 11:21 a.m.54 views

Design/Logic Flaw

The GitHub Actions ToolKit provides a set of packages to make creating actions easier. The core.exportVariable function uses a well known delimiter that attackers can use to break out of that specific variable and assign values to other arbitrary variables. Workflows that write untrusted values t...

4CVSS5.2AI score0.00559EPSS
Exploits0References2Affected Software1
Github Security Blog
Github Security Blog
added 2022/08/13 12:0 a.m.29 views

Gitea allowed assignment of private issues

In Gitea before 1.16.9, it was possible for users to add existing issues to projects. Due to improper access controls, an attacker could assign any issue to any project in Gitea there was no permission check for fetching the issue. As a result, the attacker would get access to private issue title...

6.5CVSS7AI score0.0069EPSS
Exploits0References7Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2022/08/13 12:0 a.m.16 views

Gitea allowed assignment of private issues

In Gitea before 1.16.9, it was possible for users to add existing issues to projects. Due to improper access controls, an attacker could assign any issue to any project in Gitea there was no permission check for fetching the issue. As a result, the attacker would get access to private issue title...

6.5CVSS7AI score0.0069EPSS
Exploits0References8Affected Software1
NVD
NVD
added 2022/08/12 8:15 p.m.14 views

CVE-2022-38183

In Gitea before 1.16.9, it was possible for users to add existing issues to projects. Due to improper access controls, an attacker could assign any issue to any project in Gitea there was no permission check for fetching the issue. As a result, the attacker would get access to private issue title...

6.5CVSS0.0069EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2022/08/12 8:15 p.m.3 views

CVE-2022-38183

In Gitea before 1.16.9, it was possible for users to add existing issues to projects. Due to improper access controls, an attacker could assign any issue to any project in Gitea there was no permission check for fetching the issue. As a result, the attacker would get access to private issue title...

6.5CVSS5.8AI score0.0069EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2022/08/12 8:15 p.m.31 views

CVE-2022-38183

In Gitea before 1.16.9, it was possible for users to add existing issues to projects. Due to improper access controls, an attacker could assign any issue to any project in Gitea there was no permission check for fetching the issue. As a result, the attacker would get access to private issue title...

6.5CVSS6.7AI score0.0069EPSS
Exploits0References3
CNNVD
CNNVD
added 2022/08/12 12:0 a.m.4 views

Gitea 安全漏洞

Gitea is a lightweight Go-based git service developed by the Gitea community. A security vulnerability exists in Gitea versions prior to 1.16.9 that stems from improper access control. An attacker exploiting this vulnerability could assign any issue to any project in Gitea...

6.5CVSS6.1AI score0.0069EPSS
Exploits0References5
NVD
NVD
added 2022/08/10 8:16 p.m.28 views

CVE-2022-37003

The AOD module has a vulnerability in permission assignment. Successful exploitation of this vulnerability may cause permission escalation and unauthorized access to files...

9.8CVSS0.00422EPSS
Exploits0References2
Prion
Prion
added 2022/08/10 8:16 p.m.17 views

Code injection

The AOD module has a vulnerability in permission assignment. Successful exploitation of this vulnerability may cause permission escalation and unauthorized access to files...

7.5CVSS9.3AI score0.00422EPSS
Exploits0References2Affected Software3
CVE
CVE
added 2022/08/09 8:10 p.m.42 views

CVE-2022-37003

CVE-2022-37003 concerns the AOD module of HarmonyOS, describing a vulnerability in permission assignment that can lead to privilege escalation and unauthorized access to files. Primary sources (NVD, Red Hat, CVE lists) consistently attribute the issue to incorrect permission handling in the AOD c...

9.8CVSS9.3AI score0.00422EPSS
Exploits0References2Affected Software3
Rows per page
Query Builder