3984 matches found
SUSE SLES15 Security Update : kernel (Live Patch 29 for SLE 15 SP2) (SUSE-SU-2022:3088-1)
The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:3088-1 advisory. This update for the Linux Kernel 5.3.18-15020024126 fixes several issues. The following security issues were fixed: - CVE-2020-36516: Fixed an...
The vulnerability of the Trend Micro HouseCall antivirus protection tool for home networks relates to improper privilege assignment, allowing attackers to elevate their privileges.
The vulnerability of the Trend Micro HouseCall antivirus protection tool relates to the improper assignment of privileges. Exploiting this vulnerability can allow a remote attacker to increase their privileges...
SUSE SLES15 Security Update : kernel (Live Patch 1 for SLE 15 SP4) (SUSE-SU-2022:3072-1)
The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:3072-1 advisory. This update for the Linux Kernel 5.14.21-1504002411 fixes several issues. The following security issues were fixed: - CVE-2020-36516: Fixed an...
CVE-2022-3063
CVE-2022-3063 entry is rejected and not used; this candidate has been removed to prevent accidental usage.
CVE-2022-3022
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. Reason: This CVE has been rejected as it was incorrectly assigned. All references and descriptions in this candidate have been removed to prevent accidental usage...
CVE-2022-3022
DO NOT USE THIS CANDIDATE NUMBER. Reason: This CVE has been rejected as it was incorrectly assigned. All references and descriptions in this candidate have been removed to prevent accidental usage...
CVE-2022-40155
DO NOT USE THIS CANDIDATE NUMBER. Reason: This CVE has been rejected as it was incorrectly assigned. All references and descriptions in this candidate have been removed to prevent accidental usage...
CVE-2022-40154
DO NOT USE THIS CANDIDATE NUMBER. Reason: This CVE has been rejected as it was incorrectly assigned. All references and descriptions in this candidate have been removed to prevent accidental usage...
Moodle Incorrect Authorization vulnerability
In Moodle before 3.9.1, 3.8.4, 3.7.7 and 3.5.13, teachers of a course were able to assign themselves the manager role within that course...
CVE-2020-14321
In Moodle before 3.9.1, 3.8.4, 3.7.7 and 3.5.13, teachers of a course were able to assign themselves the manager role within that course...
Design/Logic Flaw
The GitHub Actions ToolKit provides a set of packages to make creating actions easier. The core.exportVariable function uses a well known delimiter that attackers can use to break out of that specific variable and assign values to other arbitrary variables. Workflows that write untrusted values t...
Gitea allowed assignment of private issues
In Gitea before 1.16.9, it was possible for users to add existing issues to projects. Due to improper access controls, an attacker could assign any issue to any project in Gitea there was no permission check for fetching the issue. As a result, the attacker would get access to private issue title...
Gitea allowed assignment of private issues
In Gitea before 1.16.9, it was possible for users to add existing issues to projects. Due to improper access controls, an attacker could assign any issue to any project in Gitea there was no permission check for fetching the issue. As a result, the attacker would get access to private issue title...
CVE-2022-38183
In Gitea before 1.16.9, it was possible for users to add existing issues to projects. Due to improper access controls, an attacker could assign any issue to any project in Gitea there was no permission check for fetching the issue. As a result, the attacker would get access to private issue title...
CVE-2022-38183
In Gitea before 1.16.9, it was possible for users to add existing issues to projects. Due to improper access controls, an attacker could assign any issue to any project in Gitea there was no permission check for fetching the issue. As a result, the attacker would get access to private issue title...
CVE-2022-38183
In Gitea before 1.16.9, it was possible for users to add existing issues to projects. Due to improper access controls, an attacker could assign any issue to any project in Gitea there was no permission check for fetching the issue. As a result, the attacker would get access to private issue title...
Gitea 安全漏洞
Gitea is a lightweight Go-based git service developed by the Gitea community. A security vulnerability exists in Gitea versions prior to 1.16.9 that stems from improper access control. An attacker exploiting this vulnerability could assign any issue to any project in Gitea...
CVE-2022-37003
The AOD module has a vulnerability in permission assignment. Successful exploitation of this vulnerability may cause permission escalation and unauthorized access to files...
Code injection
The AOD module has a vulnerability in permission assignment. Successful exploitation of this vulnerability may cause permission escalation and unauthorized access to files...
CVE-2022-37003
CVE-2022-37003 concerns the AOD module of HarmonyOS, describing a vulnerability in permission assignment that can lead to privilege escalation and unauthorized access to files. Primary sources (NVD, Red Hat, CVE lists) consistently attribute the issue to incorrect permission handling in the AOD c...