3978 matches found
CVE-2022-1316
CVE-2022-1316 affects zerotier/zerotierone prior to 1.8.8, with Local Privilege Escalation caused by incorrect permission assignments on a critical resource (notably in Windows via DLL hijacking as per Huntr). Impact is local, requiring no user interaction, and confidentiality/integrity/availabil...
CVE-2022-1316 Incorrect Permission Assignment for Critical Resource in zerotier/zerotierone
Incorrect Permission Assignment for Critical Resource in GitHub repository zerotier/zerotierone prior to 1.8.8. Local Privilege Escalation...
CVE-2022-0556
A local privilege escalation vulnerability caused by incorrect permission assignment in some directories of the Zyxel AP Configurator ZAC version 1.1.4, which could allow an attacker to execute arbitrary code as a local administrator...
Privilege escalation
A local privilege escalation vulnerability caused by incorrect permission assignment in some directories of the Zyxel AP Configurator ZAC version 1.1.4, which could allow an attacker to execute arbitrary code as a local administrator...
CVE-2022-0556
A local privilege escalation vulnerability caused by incorrect permission assignment in some directories of the Zyxel AP Configurator ZAC version 1.1.4, which could allow an attacker to execute arbitrary code as a local administrator...
The vulnerability of the gf_dashSegmenter_probe_input function in the MP4Box module of the GPAC multimedia platform allows a intruder to cause a service failure.
The vulnerability of the gfdashsegmenterprobeinput function in the MP4Box component of the GPAC multimedia platform is related to pointer assignment errors. Exploiting this vulnerability allows a remote attacker to trigger a service failure using a specially created file...
Oracle Linux 7 / 8 : Unbreakable Enterprise kernel-container (ELSA-2022-9274)
The remote Oracle Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-9274 advisory. - KVM: x86/mmu: do compare-and-exchange of gPTE via the user address Paolo Bonzini Orabug: 34053807 CVE-2022-1158 - netfilter: nftables: initialize...
The vulnerability of the DumpTrackInfo function in the MP4Box command of the GPAC multimedia platform, related to pointer assignment errors, allows a violator to trigger a service failure.
The vulnerability of the DumpTrackInfo function in the MP4Box multimedia platform’s command is related to pointer assignment errors. Exploiting this vulnerability allows a remote attacker to trigger a service failure using a specially created file...
Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2022-9260)
The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-9260 advisory. - drm/i915: Flush TLBs before releasing backing store Tvrtko Ursulin Orabug: 33835812 CVE-2022-0330 - drm/i915: Reduce locking in execlist command...
CVE-2022-1225
Incorrect Privilege Assignment in GitHub repository phpipam/phpipam prior to 1.4.6...
Privilege escalation
Incorrect Privilege Assignment in GitHub repository phpipam/phpipam prior to 1.4.6...
CVE-2022-1225
CVE-2022-1225 affects phpIPAM prior to 1.4.6, where an incorrect privilege assignment could allow a normal user to access export endpoints (e.g., generate-xls.php, generate-hosts.php, generate-mysql.php) and leak sensitive data. The connected Huntr entry details real-world paths and impact, indic...
CVE-2022-1225 Incorrect Privilege Assignment in phpipam/phpipam
Incorrect Privilege Assignment in GitHub repository phpipam/phpipam prior to 1.4.6...
CVE-2022-1225 Incorrect Privilege Assignment in phpipam/phpipam
Incorrect Privilege Assignment in GitHub repository phpipam/phpipam prior to 1.4.6...
phpIPAM 安全漏洞
phpIPAM is an open source PHP and MySQL based IP address management application IPAM. A security vulnerability exists in versions prior to phpipam 1.4.6 that stems from incorrect privilege assignment in the application...
The vulnerability of the trak_box_size function in the MP4Box command of the GPAC multimedia platform allows a perpetrator to cause a service failure.
The vulnerability of the trakboxsize function in the MP4Box multimedia platform’s command set is related to pointer assignment errors. Exploiting this vulnerability allows a remote attacker to trigger a service failure using a specially created file...
CLSA-2022-1647550845 Fix of CVE: CVE-2021-21708
CVE-2021-21708: move releasing of zval, so it is released only after assignment of a new zval...
CLSA-2022-1647550779 Fix of CVE: CVE-2021-21708
CVE-2021-21708: move releasing of zval, so it will be after assigning a new zval...
CVE-2022-21946
A Incorrect Permission Assignment for Critical Resource vulnerability in the sudoers configuration in cscreen of openSUSE Factory allows any local users to gain the privileges of the tty and dialout groups and access and manipulate any running cscreen seesion. This issue affects: openSUSE Factory...
Code injection
A Incorrect Permission Assignment for Critical Resource vulnerability in the sudoers configuration in cscreen of openSUSE Factory allows any local users to gain the privileges of the tty and dialout groups and access and manipulate any running cscreen seesion. This issue affects: openSUSE Factory...