Lucene search
K

3978 matches found

CVE
CVE
added 2022/04/11 8:5 p.m.275 views

CVE-2022-1316

CVE-2022-1316 affects zerotier/zerotierone prior to 1.8.8, with Local Privilege Escalation caused by incorrect permission assignments on a critical resource (notably in Windows via DLL hijacking as per Huntr). Impact is local, requiring no user interaction, and confidentiality/integrity/availabil...

8.8CVSS7.5AI score0.00392EPSS
Exploits1References2Affected Software1
OSV
OSV
added 2022/04/11 8:5 p.m.28 views

CVE-2022-1316 Incorrect Permission Assignment for Critical Resource in zerotier/zerotierone

Incorrect Permission Assignment for Critical Resource in GitHub repository zerotier/zerotierone prior to 1.8.8. Local Privilege Escalation...

8.8CVSS7.5AI score0.00392EPSS
Exploits1References4
NVD
NVD
added 2022/04/11 12:15 p.m.20 views

CVE-2022-0556

A local privilege escalation vulnerability caused by incorrect permission assignment in some directories of the Zyxel AP Configurator ZAC version 1.1.4, which could allow an attacker to execute arbitrary code as a local administrator...

7.8CVSS0.00343EPSS
Exploits0References1
Prion
Prion
added 2022/04/11 12:15 p.m.22 views

Privilege escalation

A local privilege escalation vulnerability caused by incorrect permission assignment in some directories of the Zyxel AP Configurator ZAC version 1.1.4, which could allow an attacker to execute arbitrary code as a local administrator...

7.2CVSS7.9AI score0.00343EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2022/04/11 11:50 a.m.25 views

CVE-2022-0556

A local privilege escalation vulnerability caused by incorrect permission assignment in some directories of the Zyxel AP Configurator ZAC version 1.1.4, which could allow an attacker to execute arbitrary code as a local administrator...

7.3CVSS8.1AI score0.00343EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2022/04/11 12:0 a.m.6 views

The vulnerability of the gf_dashSegmenter_probe_input function in the MP4Box module of the GPAC multimedia platform allows a intruder to cause a service failure.

The vulnerability of the gfdashsegmenterprobeinput function in the MP4Box component of the GPAC multimedia platform is related to pointer assignment errors. Exploiting this vulnerability allows a remote attacker to trigger a service failure using a specially created file...

7.1CVSS5.9AI score0.00665EPSS
Exploits1References5Affected Software2
Tenable Nessus
Tenable Nessus
added 2022/04/11 12:0 a.m.39 views

Oracle Linux 7 / 8 : Unbreakable Enterprise kernel-container (ELSA-2022-9274)

The remote Oracle Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-9274 advisory. - KVM: x86/mmu: do compare-and-exchange of gPTE via the user address Paolo Bonzini Orabug: 34053807 CVE-2022-1158 - netfilter: nftables: initialize...

7.8CVSS7.6AI score0.05918EPSS
Exploits9References12
BDU FSTEC
BDU FSTEC
added 2022/04/06 12:0 a.m.5 views

The vulnerability of the DumpTrackInfo function in the MP4Box command of the GPAC multimedia platform, related to pointer assignment errors, allows a violator to trigger a service failure.

The vulnerability of the DumpTrackInfo function in the MP4Box multimedia platform’s command is related to pointer assignment errors. Exploiting this vulnerability allows a remote attacker to trigger a service failure using a specially created file...

7.1CVSS6.3AI score0.00699EPSS
Exploits1References5Affected Software2
Tenable Nessus
Tenable Nessus
added 2022/04/05 12:0 a.m.49 views

Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2022-9260)

The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-9260 advisory. - drm/i915: Flush TLBs before releasing backing store Tvrtko Ursulin Orabug: 33835812 CVE-2022-0330 - drm/i915: Reduce locking in execlist command...

7.8CVSS6.8AI score0.06902EPSS
Exploits0References6
NVD
NVD
added 2022/04/04 11:15 a.m.16 views

CVE-2022-1225

Incorrect Privilege Assignment in GitHub repository phpipam/phpipam prior to 1.4.6...

6.5CVSS0.01015EPSS
Exploits1References2
Prion
Prion
added 2022/04/04 11:15 a.m.14 views

Privilege escalation

Incorrect Privilege Assignment in GitHub repository phpipam/phpipam prior to 1.4.6...

4CVSS6.5AI score0.01015EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2022/04/04 10:50 a.m.98 views

CVE-2022-1225

CVE-2022-1225 affects phpIPAM prior to 1.4.6, where an incorrect privilege assignment could allow a normal user to access export endpoints (e.g., generate-xls.php, generate-hosts.php, generate-mysql.php) and leak sensitive data. The connected Huntr entry details real-world paths and impact, indic...

6.5CVSS6.5AI score0.01015EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2022/04/04 10:50 a.m.30 views

CVE-2022-1225 Incorrect Privilege Assignment in phpipam/phpipam

Incorrect Privilege Assignment in GitHub repository phpipam/phpipam prior to 1.4.6...

6.5CVSS7.3AI score0.01015EPSS
Exploits1References2
OSV
OSV
added 2022/04/04 10:50 a.m.20 views

CVE-2022-1225 Incorrect Privilege Assignment in phpipam/phpipam

Incorrect Privilege Assignment in GitHub repository phpipam/phpipam prior to 1.4.6...

6.5CVSS6.9AI score0.01015EPSS
Exploits1References4
CNNVD
CNNVD
added 2022/04/04 12:0 a.m.4 views

phpIPAM 安全漏洞

phpIPAM is an open source PHP and MySQL based IP address management application IPAM. A security vulnerability exists in versions prior to phpipam 1.4.6 that stems from incorrect privilege assignment in the application...

6.5CVSS6.8AI score0.01015EPSS
Exploits1References3
BDU FSTEC
BDU FSTEC
added 2022/04/01 12:0 a.m.6 views

The vulnerability of the trak_box_size function in the MP4Box command of the GPAC multimedia platform allows a perpetrator to cause a service failure.

The vulnerability of the trakboxsize function in the MP4Box multimedia platform’s command set is related to pointer assignment errors. Exploiting this vulnerability allows a remote attacker to trigger a service failure using a specially created file...

6.5CVSS6.3AI score0.00807EPSS
Exploits1References5Affected Software2
OSV
OSV
added 2022/03/17 9:0 p.m.4 views

CLSA-2022-1647550845 Fix of CVE: CVE-2021-21708

CVE-2021-21708: move releasing of zval, so it is released only after assignment of a new zval...

9.8CVSS6.9AI score0.03002EPSS
Exploits1References1
OSV
OSV
added 2022/03/17 8:59 p.m.3 views

CLSA-2022-1647550779 Fix of CVE: CVE-2021-21708

CVE-2021-21708: move releasing of zval, so it will be after assigning a new zval...

9.8CVSS6.9AI score0.03002EPSS
Exploits1References1
OSV
OSV
added 2022/03/16 10:15 a.m.28 views

CVE-2022-21946

A Incorrect Permission Assignment for Critical Resource vulnerability in the sudoers configuration in cscreen of openSUSE Factory allows any local users to gain the privileges of the tty and dialout groups and access and manipulate any running cscreen seesion. This issue affects: openSUSE Factory...

5.3CVSS6.9AI score
Exploits0References1
Prion
Prion
added 2022/03/16 10:15 a.m.31 views

Code injection

A Incorrect Permission Assignment for Critical Resource vulnerability in the sudoers configuration in cscreen of openSUSE Factory allows any local users to gain the privileges of the tty and dialout groups and access and manipulate any running cscreen seesion. This issue affects: openSUSE Factory...

4.6CVSS5.4AI score0.00256EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder