Lucene search
K

3981 matches found

NVD
NVD
added 2022/08/05 9:15 a.m.17 views

CVE-2022-2626

Incorrect Privilege Assignment in GitHub repository hestiacp/hestiacp prior to 1.6.6...

9.1CVSS0.01035EPSS
Exploits1References2
Prion
Prion
added 2022/08/05 9:15 a.m.16 views

Design/Logic Flaw

Incorrect Privilege Assignment in GitHub repository hestiacp/hestiacp prior to 1.6.6...

5.8CVSS7AI score0.01035EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2022/08/05 8:15 a.m.18 views

CVE-2022-2626 Incorrect Privilege Assignment in hestiacp/hestiacp

Incorrect Privilege Assignment in GitHub repository hestiacp/hestiacp prior to 1.6.6...

9.1CVSS7.3AI score0.01035EPSS
Exploits1References2
OSV
OSV
added 2022/08/05 8:15 a.m.20 views

CVE-2022-2626 Incorrect Privilege Assignment in hestiacp/hestiacp

Incorrect Privilege Assignment in GitHub repository hestiacp/hestiacp prior to 1.6.6...

9.1CVSS8.4AI score0.01035EPSS
Exploits1References4
CVE
CVE
added 2022/08/05 8:15 a.m.63 views

CVE-2022-2626

CVE-2022-2626 affects hestiacp/hestiacp prior to 1.6.6. The issue is incorrect privilege assignment that can escalate privileges (admin user) to root due to sudo rights, enabling unauthorized actions with high impact. Reported details indicate the admin account can run root-level commands via sud...

9.1CVSS7.3AI score0.01035EPSS
Exploits1References2Affected Software1
CNNVD
CNNVD
added 2022/08/05 12:0 a.m.5 views

hestiacp 安全漏洞

hestiacp is a lightweight and powerful control panel for modern networks. A security vulnerability exists in hestiacp versions prior to 1.6.6 that stems from incorrect privilege assignment...

9.1CVSS7.9AI score0.01035EPSS
Exploits1References3
Fedora
Fedora
added 2022/07/31 1:37 a.m.16 views

[SECURITY] Fedora 36 Update: golang-x-tools-0.1.10-3.fc36

This package holds the source for various tools that support the Go programmi ng language. Some of the tools, godoc and vet for example, are included in binary Go distributions. Others, including the Go guru and the test coverage tool, can be fetched with go get. Packages include a type-checker f...

7.3AI score
Exploits0
Prion
Prion
added 2022/07/28 5:15 p.m.8 views

Design/Logic Flaw

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2016. Notes: none...

7AI score
Exploits0
Prion
Prion
added 2022/07/28 5:15 p.m.7 views

Design/Logic Flaw

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2016. Notes: none...

7AI score
Exploits0
Vulnrichment
Vulnrichment
added 2022/07/28 2:18 p.m.6 views

CVE-2021-22648 Ovarro TBox Incorrect Permission Assignment for Critical Resource

Ovarro TBox proprietary Modbus file access functions allow attackers to read, alter, or delete the configuration file...

8.8CVSS9.4AI score0.00724EPSS
Exploits0References1
NVD
NVD
added 2022/07/22 3:15 p.m.32 views

CVE-2022-1655

An Incorrect Permission Assignment for Critical Resource flaw was found in Horizon on Red Hat OpenStack. Horizon session cookies are created without the HttpOnly flag despite HorizonSecureCookies being set to true in the environmental files, possibly leading to a loss of confidentiality and...

6.5CVSS0.00471EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2022/07/22 3:15 p.m.26 views

CVE-2022-1655

An Incorrect Permission Assignment for Critical Resource flaw was found in Horizon on Red Hat OpenStack. Horizon session cookies are created without the HttpOnly flag despite HorizonSecureCookies being set to true in the environmental files, possibly leading to a loss of confidentiality and...

6.5CVSS6.6AI score0.00471EPSS
Exploits0References1
Prion
Prion
added 2022/07/22 3:15 p.m.21 views

Design/Logic Flaw

An Incorrect Permission Assignment for Critical Resource flaw was found in Horizon on Red Hat OpenStack. Horizon session cookies are created without the HttpOnly flag despite HorizonSecureCookies being set to true in the environmental files, possibly leading to a loss of confidentiality and...

6.4CVSS6.5AI score0.00471EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2022/07/22 2:54 p.m.78 views

CVE-2022-1655

CVE-2022-1655 affects Horizon on Red Hat OpenStack. The underlying issue is an incorrect permission handling for critical resources: Horizon session cookies are created without the HttpOnly flag even when HorizonSecureCookies is true. This could lead to confidentiality/integrity risks for user se...

6.5CVSS6.4AI score0.00471EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2022/07/22 2:54 p.m.36 views

CVE-2022-1655

An Incorrect Permission Assignment for Critical Resource flaw was found in Horizon on Red Hat OpenStack. Horizon session cookies are created without the HttpOnly flag despite HorizonSecureCookies being set to true in the environmental files, possibly leading to a loss of confidentiality and...

6.7AI score0.00471EPSS
Exploits0References1
NVD
NVD
added 2022/07/12 2:15 p.m.14 views

CVE-2022-34737

The application security module has a vulnerability in permission assignment. Successful exploitation of this vulnerability may affect data integrity and confidentiality...

9.1CVSS0.00548EPSS
Exploits0References2
OSV
OSV
added 2022/07/12 2:15 p.m.3 views

CVE-2022-34737

The application security module has a vulnerability in permission assignment. Successful exploitation of this vulnerability may affect data integrity and confidentiality...

9.1CVSS5.8AI score0.00548EPSS
Exploits0References2
Prion
Prion
added 2022/07/12 2:15 p.m.16 views

Security feature bypass

The application security module has a vulnerability in permission assignment. Successful exploitation of this vulnerability may affect data integrity and confidentiality...

6.4CVSS9.1AI score0.00548EPSS
Exploits0References2Affected Software3
Tenable Nessus
Tenable Nessus
added 2022/07/12 12:0 a.m.75 views

Oracle Linux 8 : go-toolset:ol8addon (ELSA-2022-17956)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-17956 advisory. go-toolset 1.18.3-1 - Update to golang 1.18.3 golang 1.18.3-1.0.1 - Rebase to 1.18.3 by adding upstream patches to the 1.18.0 openssl-fips - Modify...

7.8CVSS7.4AI score0.05335EPSS
Exploits4References9
CVE
CVE
added 2022/07/11 1:53 p.m.52 views

CVE-2022-34737

CVE-2022-34737 affects Huawei HarmonyOS 2.0's application security module, with a vulnerability in permission assignment. The root cause is an incorrect privilege assignment in the module, which could allow an attacker to compromise data integrity and confidentiality. Connected sources (Red Hat, ...

9.1CVSS9.1AI score0.00548EPSS
Exploits0References2Affected Software3
Rows per page
Query Builder