3979 matches found
Incorrect Privilege Assignment in Jenkins Script Security Plugin
A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.61 and earlier related to the handling of type casts allowed attackers to execute arbitrary code in sandboxed scripts...
CVE-2019-3849
A vulnerability was found in moodle before versions 3.6.3, 3.5.5 and 3.4.8. Users could assign themselves an escalated role within courses or content accessed via LTI, by modifying the request to the LTI publisher site...
CVE-2019-14828
A vulnerability was found in Moodle where users with the capability to create courses were assigned as a teacher in those courses, regardless of whether they had the capability to be automatically assigned that role...
Spree does not properly restrict the use of a hash to provide values for a model's attributes
Spree 0.2.0 does not properly restrict the use of a hash to provide values for a model's attributes, which allows remote attackers to set the Order state value and bypass the intended payment step via a modified URL, related to a "mass assignment" vulnerability...
GHSA-7H48-M3RW-VR27 Spree does not properly restrict the use of a hash to provide values for a model's attributes
Spree 0.2.0 does not properly restrict the use of a hash to provide values for a model's attributes, which allows remote attackers to set the Order state value and bypass the intended payment step via a modified URL, related to a "mass assignment" vulnerability...
spree_auth_devise allows remote authenticated users to assign themselves arbitrary roles
app/models/spree/user.rb in spreeauthdevise in Spree 1.1.x before 1.1.6, 1.2.x, and 1.3.x does not perform mass assignment safely when updating a user, which allows remote authenticated users to assign arbitrary roles to themselves...
GHSA-5FJ8-WH3G-QVQ2 TYPO3 is vulnerable to Mass Assignment in the Extension table administration library
The creating record functionality in Extension table administration library feuseradminLib.inc in TYPO3 4.5.0 through 4.5.31, 4.7.0 through 4.7.16, and 6.0.0 through 6.0.11 allows remote attackers to write to arbitrary fields in the configuration database table via crafted links, aka "Mass...
TYPO3 is vulnerable to Mass Assignment in the Extension table administration library
The creating record functionality in Extension table administration library feuseradminLib.inc in TYPO3 4.5.0 through 4.5.31, 4.7.0 through 4.7.16, and 6.0.0 through 6.0.11 allows remote attackers to write to arbitrary fields in the configuration database table via crafted links, aka "Mass...
Moodle Cross-site Scripting in assignment submission page
In Moodle 3.x, there is Cross-site Scripting in the assignment submission page...
GHSA-6R76-F8C8-FH7P Moodle Cross-site Scripting in assignment submission page
In Moodle 3.x, there is Cross-site Scripting in the assignment submission page...
The vulnerability of the Redis database management system, related to pointer assignment errors, allows attackers to trigger a service failure.
The vulnerability of the Redis database management system is related to errors in pointer assignment. Exploiting this vulnerability can allow an attacker to trigger a service failure using a specially crafted Lua script...
Incorrect Privilege Assignment in Jinja2
The default configuration for bccache.FileSystemBytecodeCache in Jinja2 before 2.7.2 does not properly create temporary files, which allows local users to gain privileges via a crafted .cache file with a name starting with jinja2 in /tmp...
GHSA-8R7Q-CVJQ-X353 Incorrect Privilege Assignment in Jinja2
The default configuration for bccache.FileSystemBytecodeCache in Jinja2 before 2.7.2 does not properly create temporary files, which allows local users to gain privileges via a crafted .cache file with a name starting with jinja2 in /tmp...
Incorrect Privilege Assignment in RESTEasy
RESTEasy 2.3.1 before 2.3.8.SP2 and 3.x before 3.0.9, as used in Red Hat JBoss Enterprise Application Platform EAP 6.3.0, does not disable external entities when the resteasy.document.expand.entity.references parameter is set to false, which allows remote attackers to read arbitrary files and hav...
GHSA-QJPQ-5PQ3-43RR Incorrect Privilege Assignment in RESTEasy
RESTEasy 2.3.1 before 2.3.8.SP2 and 3.x before 3.0.9, as used in Red Hat JBoss Enterprise Application Platform EAP 6.3.0, does not disable external entities when the resteasy.document.expand.entity.references parameter is set to false, which allows remote attackers to read arbitrary files and hav...
Incorrect Permission Assignment for Critical Resource in NPM
An issue was discovered in an npm 5.7.0 2018-02-21 pre-release marked as "next: 5.7.0" and therefore automatically installed by an "npm upgrade -g npm" command, and also announced in the vendor's blog without mention of pre-release status. It might allow local users to bypass intended filesystem...
GHSA-PH34-PC88-72GC Incorrect Permission Assignment for Critical Resource in NPM
An issue was discovered in an npm 5.7.0 2018-02-21 pre-release marked as "next: 5.7.0" and therefore automatically installed by an "npm upgrade -g npm" command, and also announced in the vendor's blog without mention of pre-release status. It might allow local users to bypass intended filesystem...
Phusion Passenger incorrect permission assignment
An issue was discovered in switchGroup in agent/ExecHelper/ExecHelperMain.cpp in Phusion Passenger before 5.3.2. The set of groups gidset is not set correctly, leaving it up to randomness i.e., uninitialized memory which supplementary groups are actually being set while lowering privileges...
GHSA-4284-JFHC-F854 Phusion Passenger incorrect permission assignment
An issue was discovered in switchGroup in agent/ExecHelper/ExecHelperMain.cpp in Phusion Passenger before 5.3.2. The set of groups gidset is not set correctly, leaving it up to randomness i.e., uninitialized memory which supplementary groups are actually being set while lowering privileges...
GHSA-XJX9-7C29-PWMM Moodle Improper Privilege Management
An issue was discovered in Moodle 3.x. Students who submitted assignments and exported them to portfolios can download any stored Moodle file by changing the download URL...