3981 matches found
CVE-2022-2626
Incorrect Privilege Assignment in GitHub repository hestiacp/hestiacp prior to 1.6.6...
Design/Logic Flaw
Incorrect Privilege Assignment in GitHub repository hestiacp/hestiacp prior to 1.6.6...
CVE-2022-2626 Incorrect Privilege Assignment in hestiacp/hestiacp
Incorrect Privilege Assignment in GitHub repository hestiacp/hestiacp prior to 1.6.6...
CVE-2022-2626 Incorrect Privilege Assignment in hestiacp/hestiacp
Incorrect Privilege Assignment in GitHub repository hestiacp/hestiacp prior to 1.6.6...
CVE-2022-2626
CVE-2022-2626 affects hestiacp/hestiacp prior to 1.6.6. The issue is incorrect privilege assignment that can escalate privileges (admin user) to root due to sudo rights, enabling unauthorized actions with high impact. Reported details indicate the admin account can run root-level commands via sud...
hestiacp 安全漏洞
hestiacp is a lightweight and powerful control panel for modern networks. A security vulnerability exists in hestiacp versions prior to 1.6.6 that stems from incorrect privilege assignment...
[SECURITY] Fedora 36 Update: golang-x-tools-0.1.10-3.fc36
This package holds the source for various tools that support the Go programmi ng language. Some of the tools, godoc and vet for example, are included in binary Go distributions. Others, including the Go guru and the test coverage tool, can be fetched with go get. Packages include a type-checker f...
Design/Logic Flaw
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2016. Notes: none...
Design/Logic Flaw
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2016. Notes: none...
CVE-2021-22648 Ovarro TBox Incorrect Permission Assignment for Critical Resource
Ovarro TBox proprietary Modbus file access functions allow attackers to read, alter, or delete the configuration file...
CVE-2022-1655
An Incorrect Permission Assignment for Critical Resource flaw was found in Horizon on Red Hat OpenStack. Horizon session cookies are created without the HttpOnly flag despite HorizonSecureCookies being set to true in the environmental files, possibly leading to a loss of confidentiality and...
CVE-2022-1655
An Incorrect Permission Assignment for Critical Resource flaw was found in Horizon on Red Hat OpenStack. Horizon session cookies are created without the HttpOnly flag despite HorizonSecureCookies being set to true in the environmental files, possibly leading to a loss of confidentiality and...
Design/Logic Flaw
An Incorrect Permission Assignment for Critical Resource flaw was found in Horizon on Red Hat OpenStack. Horizon session cookies are created without the HttpOnly flag despite HorizonSecureCookies being set to true in the environmental files, possibly leading to a loss of confidentiality and...
CVE-2022-1655
CVE-2022-1655 affects Horizon on Red Hat OpenStack. The underlying issue is an incorrect permission handling for critical resources: Horizon session cookies are created without the HttpOnly flag even when HorizonSecureCookies is true. This could lead to confidentiality/integrity risks for user se...
CVE-2022-1655
An Incorrect Permission Assignment for Critical Resource flaw was found in Horizon on Red Hat OpenStack. Horizon session cookies are created without the HttpOnly flag despite HorizonSecureCookies being set to true in the environmental files, possibly leading to a loss of confidentiality and...
CVE-2022-34737
The application security module has a vulnerability in permission assignment. Successful exploitation of this vulnerability may affect data integrity and confidentiality...
CVE-2022-34737
The application security module has a vulnerability in permission assignment. Successful exploitation of this vulnerability may affect data integrity and confidentiality...
Security feature bypass
The application security module has a vulnerability in permission assignment. Successful exploitation of this vulnerability may affect data integrity and confidentiality...
Oracle Linux 8 : go-toolset:ol8addon (ELSA-2022-17956)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-17956 advisory. go-toolset 1.18.3-1 - Update to golang 1.18.3 golang 1.18.3-1.0.1 - Rebase to 1.18.3 by adding upstream patches to the 1.18.0 openssl-fips - Modify...
CVE-2022-34737
CVE-2022-34737 affects Huawei HarmonyOS 2.0's application security module, with a vulnerability in permission assignment. The root cause is an incorrect privilege assignment in the module, which could allow an attacker to compromise data integrity and confidentiality. Connected sources (Red Hat, ...