3979 matches found
The vulnerability in the implementation of the Windows SMB network protocol of the Microsoft operating system allows a perpetrator to cause a service failure.
The vulnerability of the Windows SMB network protocol implementation in Microsoft Windows is related to the assignment of the zero pointer. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...
Malicious code in agent-assignment (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 217fcc369833f6ff3dc1d06acc53977e4efec8c7efca86e4811aa115598b353e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2022-891 Malicious code in agent-assignment (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 217fcc369833f6ff3dc1d06acc53977e4efec8c7efca86e4811aa115598b353e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
VAmPI - Vulnerable REST API With OWASP Top 10 Vulnerabilities For Security Testing
The Vulnerable API Based on OpenAPI 3 VAmPI is a vulnerable API made with Flask and it includes vulnerabilities from the OWASP top 10 vulnerabilities for APIs. It was created as I wanted a vulnerable API to evaluate the efficiency of tools used to detect security issues in APIs. It includes a...
Trend Micro Proxy One Pro Incorrect Permission Assignment Local Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of Trend Micro Proxy One Pro. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the produc...
Splunk 安全漏洞
Splunk is a suite of data collection and analysis software from Splunk, Inc. The software is primarily used to collect, index, and analyze the data it generates, including data generated by all IT systems and infrastructure physical, virtual machines, and cloud.A resource privilege assignment err...
Siemens Xpedition Designer
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services |...
Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2022-1791)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP10 : kernel (EulerOS-SA-2022-1791)
According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - An issue was discovered in the Linux kernel through 5.16.11. The mixed IPID assignment method with the hash-based IPID assignment policy allows ...
CVE-2022-30832
Wedding Management System v1.0 is vulnerable to SQL Injection via /Wedding-Management/admin/clientassign.php?booking=31&userid=...
The vulnerability of the CLI component of the Cisco IOS XE operating system for Cisco Catalyst 9000 Series network devices allows a perpetrator to escalate their privileges or execute arbitrary commands.
The vulnerability of the CLI component of the Cisco IOS XE operating system for Cisco Catalyst 9000 Series network devices is related to privilege assignment errors. Exploiting this vulnerability can allow an attacker to enhance their privileges or execute arbitrary commands...
SUSE SLED15 / SLES15 Security Update : go1.17 (SUSE-SU-2022:1862-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2022:1862-1 advisory. - Go before 1.17.10 and 1.18.x before 1.18.2 has Incorrect Privilege Assignment. When called with a non-zero flags...
CVE-2022-30700
An incorrect permission assignment vulnerability in Trend Micro Apex One and Apex One as a Service could allow a local attacker to load a DLL with escalated privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target...
CVE-2022-30700
CVE-2022-30700 concerns Trend Micro Apex One and Apex One as a Service. The vulnerability is an incorrect permission assignment that lets a local attacker load a DLL with escalated privileges, requiring initial low-privilege code execution. The issue affects Apex One products and can lead to priv...
GHSA-C7RM-W2HJ-X8G3 Guard bypass in Eloquent models affecting Laravel illuminate database component
An issue was discovered in Laravel before 6.18.34 and 7.x before 7.23.2. Unvalidated values are saved to the database component in some situations in which table names are stripped during a mass assignment...
Guard bypass in Eloquent models affecting Laravel illuminate database component
An issue was discovered in Laravel before 6.18.34 and 7.x before 7.23.2. Unvalidated values are saved to the database component in some situations in which table names are stripped during a mass assignment...
GHSA-G9M2-C2X5-FR2V Moodle does not revoke role capabilities correctly
A vulnerability was found in Moodle versions 3.7.x before 3.7.3, 3.6.x before 3.6.7 and 3.5.x before 3.5.9. When a cohort role assignment was removed, the associated capabilities were not being revoked where applicable...
Moodle does not revoke role capabilities correctly
A vulnerability was found in Moodle versions 3.7.x before 3.7.3, 3.6.x before 3.6.7 and 3.5.x before 3.5.9. When a cohort role assignment was removed, the associated capabilities were not being revoked where applicable...
GHSA-H7XP-7FJP-GHHC moodle Improper Access Control
A flaw was found in moodle before versions 3.7.1, 3.6.5, 3.5.7. Teachers in an assignment group could modify group overrides for other groups in the same assignment...
moodle Improper Access Control
A flaw was found in moodle before versions 3.7.1, 3.6.5, 3.5.7. Teachers in an assignment group could modify group overrides for other groups in the same assignment...