Lucene search
K

3977 matches found

Tenable Nessus
Tenable Nessus
added 2022/02/07 12:0 a.m.30 views

Rockwell Automation MicroLogix Incorrect Permission Assignment for Critical Resource (CVE-2016-9338)

An issue was discovered in Rockwell Automation Allen-Bradley MicroLogix 1100 controller 1763-L16AWA, Series A and B, Version 14.000 and prior versions; 1763-L16BBB, Series A and B, Version 14.000 and prior versions; 1763-L16BWA, Series A and B, Version 14.000 and prior versions; and 1763-L16DWD,...

4CVSS6.1AI score0.02426EPSS
Exploits0References4
Prion
Prion
added 2022/02/04 11:15 p.m.15 views

Code injection

Incorrect Permission Assignment for Critical Resource vulnerability in OPC Server for AC 800M allows an attacker to execute arbitrary code in the node running the AC800M OPC Server...

6.5CVSS8.9AI score0.00831EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2022/02/04 10:32 p.m.56 views

CVE-2022-0227

CVE-2022-0227 entry is rejected; this candidate is not active and should not be used.

6.8AI score
Exploits0
Cvelist
Cvelist
added 2022/02/04 10:29 p.m.22 views

CVE-2021-22284 SECURITY - OPC Server for AC 800M - Remote Code Execution Vulnerability

Incorrect Permission Assignment for Critical Resource vulnerability in OPC Server for AC 800M allows an attacker to execute arbitrary code in the node running the AC800M OPC Server...

8.4CVSS9.1AI score0.00831EPSS
Exploits0References1
CVE
CVE
added 2022/02/04 10:29 p.m.69 views

CVE-2021-22284

Summary of CVE-2021-22284 (ABB OPC Server for AC 800M) Affected product: ABB OPC Server for AC 800M (versions in 5.x/6.x range affected; see advisories). Vulnerability: Incorrect Permission Assignment for Critical Resource, enabling an authenticated remote user with low privileges to insert and e...

8.8CVSS8.9AI score0.00831EPSS
Exploits0References1Affected Software1
Huntr
Huntr
added 2022/02/04 9:4 a.m.58 views

in phpipam/phpipam

Description The phpIPAM 1.4.5 incorrectly assigns a privilege to a particular actor, creating an unintended sphere of control for that actor in the Import/Export feature. A normal user with the role of User could download XLS file of IP addresses, hostfile dump and export system database that...

4CVSS6.6AI score0.01015EPSS
Exploits1References1
CNNVD
CNNVD
added 2022/02/04 12:0 a.m.4 views

ABB OPCServer for AC800M 安全漏洞

ABB OPCServer for AC800M is an OPC OLE for Process Control server for AC800M from ABB Switzerland. ABB OPCServer for AC800M contains a security vulnerability that originates from an error in the assignment of critical resource privileges in the software, which could be exploited by an attacker to...

8.8CVSS8.5AI score0.00831EPSS
Exploits0References5
NVD
NVD
added 2022/02/02 1:15 p.m.10 views

CVE-2022-22509

In Phoenix Contact FL SWITCH Series 2xxx in version 3.00 an incorrect privilege assignment allows an low privileged user to enable full access to the device configuration...

9CVSS0.0099EPSS
Exploits0References1
Prion
Prion
added 2022/02/02 1:15 p.m.19 views

Design/Logic Flaw

In Phoenix Contact FL SWITCH Series 2xxx in version 3.00 an incorrect privilege assignment allows an low privileged user to enable full access to the device configuration...

9CVSS8.5AI score0.0099EPSS
Exploits0References1Affected Software65
Cvelist
Cvelist
added 2022/02/02 12:26 p.m.23 views

CVE-2022-22509 PHOENIX CONTACT: FL SWITCH 2xxx series incorrect privilege assignment

In Phoenix Contact FL SWITCH Series 2xxx in version 3.00 an incorrect privilege assignment allows an low privileged user to enable full access to the device configuration...

8.8CVSS8.7AI score0.0099EPSS
Exploits0References1
CVE
CVE
added 2022/02/02 12:26 p.m.64 views

CVE-2022-22509

CVE-2022-22509 affects Phoenix Contact FL SWITCH Series 2xxx (version 3.00). The issue is an incorrect privilege assignment that lets a low-privilege user gain full access to the device configuration, exposing confidentiality, integrity, and availability (all rated high) per CVSS metrics. No expl...

9CVSS8.6AI score0.0099EPSS
Exploits0References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2022/01/24 9:15 p.m.5 views

CVE-2022-0177

DO NOT USE THIS CANDIDATE NUMBER. Reason: This CVE has been rejected as it was incorrectly assigned. All references and descriptions in this candidate have been removed to prevent accidental usage...

7AI score
Exploits0References1
OSV
OSV
added 2022/01/21 6:6 p.m.20 views

GHSA-VCGF-VMPC-PH79 Microweber Incorrect Permission Assignment for Critical Resource vulnerability

In Microweber prior to 1.2.11, a non-admin user is able to access other users' sensitive information...

6.5CVSS6.3AI score0.01121EPSS
Exploits1References4
Github Security Blog
Github Security Blog
added 2022/01/21 6:6 p.m.32 views

Microweber Incorrect Permission Assignment for Critical Resource vulnerability

In Microweber prior to 1.2.11, a non-admin user is able to access other users' sensitive information...

6.5CVSS6.2AI score0.01121EPSS
Exploits1References4Affected Software1
ATTACKERKB
ATTACKERKB
added 2022/01/21 11:15 a.m.6 views

CVE-2022-0329

DO NOT USE THIS CANDIDATE NUMBER. Reason: This CVE has been rejected as it was incorrectly assigned. All references and descriptions in this candidate have been removed to prevent accidental usage...

5.4AI score
Exploits0References1
NVD
NVD
added 2022/01/20 10:15 a.m.25 views

CVE-2022-0277

Incorrect Permission Assignment for Critical Resource in Packagist microweber/microweber prior to 1.2.11...

6.5CVSS0.01121EPSS
Exploits1References2
Cvelist
Cvelist
added 2022/01/20 12:0 a.m.25 views

CVE-2022-0277 Incorrect Permission Assignment for Critical Resource in microweber/microweber

Incorrect Permission Assignment for Critical Resource in Packagist microweber/microweber prior to 1.2.11...

6.5CVSS6.6AI score0.01121EPSS
Exploits1References2
CVE
CVE
added 2022/01/20 12:0 a.m.83 views

CVE-2022-0277

CVE-2022-0277 affects microweber/microweber prior to version 1.2.11, due to an incorrect permission assignment for a critical resource . This allows a non-admin user to access other users’ sensitive information (improper access control). The issue is documented across multiple sources, which cons...

6.5CVSS6.3AI score0.01121EPSS
Exploits1References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/01/20 12:0 a.m.2 views

The vulnerability of the systemd service initialization and management subsystem, related to improper privilege assignment, allows a malicious actor to gain access to confidential data, compromise its integrity, and cause service failures.

The vulnerability of the systemd service initialization and management subsystem is related to the improper assignment of privileges. Exploiting this vulnerability can allow an attacker to access confidential data, compromise its integrity, and cause service failures...

7.8CVSS5.8AI score0.00912EPSS
Exploits0References12Affected Software6
OSV
OSV
added 2022/01/20 12:0 a.m.24 views

CVE-2022-0277 Incorrect Permission Assignment for Critical Resource in microweber/microweber

Incorrect Permission Assignment for Critical Resource in Packagist microweber/microweber prior to 1.2.11...

6.5CVSS6.5AI score0.01121EPSS
Exploits1References4
Rows per page
Query Builder