3977 matches found
Rockwell Automation MicroLogix Incorrect Permission Assignment for Critical Resource (CVE-2016-9338)
An issue was discovered in Rockwell Automation Allen-Bradley MicroLogix 1100 controller 1763-L16AWA, Series A and B, Version 14.000 and prior versions; 1763-L16BBB, Series A and B, Version 14.000 and prior versions; 1763-L16BWA, Series A and B, Version 14.000 and prior versions; and 1763-L16DWD,...
Code injection
Incorrect Permission Assignment for Critical Resource vulnerability in OPC Server for AC 800M allows an attacker to execute arbitrary code in the node running the AC800M OPC Server...
CVE-2022-0227
CVE-2022-0227 entry is rejected; this candidate is not active and should not be used.
CVE-2021-22284 SECURITY - OPC Server for AC 800M - Remote Code Execution Vulnerability
Incorrect Permission Assignment for Critical Resource vulnerability in OPC Server for AC 800M allows an attacker to execute arbitrary code in the node running the AC800M OPC Server...
CVE-2021-22284
Summary of CVE-2021-22284 (ABB OPC Server for AC 800M) Affected product: ABB OPC Server for AC 800M (versions in 5.x/6.x range affected; see advisories). Vulnerability: Incorrect Permission Assignment for Critical Resource, enabling an authenticated remote user with low privileges to insert and e...
in phpipam/phpipam
Description The phpIPAM 1.4.5 incorrectly assigns a privilege to a particular actor, creating an unintended sphere of control for that actor in the Import/Export feature. A normal user with the role of User could download XLS file of IP addresses, hostfile dump and export system database that...
ABB OPCServer for AC800M 安全漏洞
ABB OPCServer for AC800M is an OPC OLE for Process Control server for AC800M from ABB Switzerland. ABB OPCServer for AC800M contains a security vulnerability that originates from an error in the assignment of critical resource privileges in the software, which could be exploited by an attacker to...
CVE-2022-22509
In Phoenix Contact FL SWITCH Series 2xxx in version 3.00 an incorrect privilege assignment allows an low privileged user to enable full access to the device configuration...
Design/Logic Flaw
In Phoenix Contact FL SWITCH Series 2xxx in version 3.00 an incorrect privilege assignment allows an low privileged user to enable full access to the device configuration...
CVE-2022-22509 PHOENIX CONTACT: FL SWITCH 2xxx series incorrect privilege assignment
In Phoenix Contact FL SWITCH Series 2xxx in version 3.00 an incorrect privilege assignment allows an low privileged user to enable full access to the device configuration...
CVE-2022-22509
CVE-2022-22509 affects Phoenix Contact FL SWITCH Series 2xxx (version 3.00). The issue is an incorrect privilege assignment that lets a low-privilege user gain full access to the device configuration, exposing confidentiality, integrity, and availability (all rated high) per CVSS metrics. No expl...
CVE-2022-0177
DO NOT USE THIS CANDIDATE NUMBER. Reason: This CVE has been rejected as it was incorrectly assigned. All references and descriptions in this candidate have been removed to prevent accidental usage...
GHSA-VCGF-VMPC-PH79 Microweber Incorrect Permission Assignment for Critical Resource vulnerability
In Microweber prior to 1.2.11, a non-admin user is able to access other users' sensitive information...
Microweber Incorrect Permission Assignment for Critical Resource vulnerability
In Microweber prior to 1.2.11, a non-admin user is able to access other users' sensitive information...
CVE-2022-0329
DO NOT USE THIS CANDIDATE NUMBER. Reason: This CVE has been rejected as it was incorrectly assigned. All references and descriptions in this candidate have been removed to prevent accidental usage...
CVE-2022-0277
Incorrect Permission Assignment for Critical Resource in Packagist microweber/microweber prior to 1.2.11...
CVE-2022-0277 Incorrect Permission Assignment for Critical Resource in microweber/microweber
Incorrect Permission Assignment for Critical Resource in Packagist microweber/microweber prior to 1.2.11...
CVE-2022-0277
CVE-2022-0277 affects microweber/microweber prior to version 1.2.11, due to an incorrect permission assignment for a critical resource . This allows a non-admin user to access other users’ sensitive information (improper access control). The issue is documented across multiple sources, which cons...
The vulnerability of the systemd service initialization and management subsystem, related to improper privilege assignment, allows a malicious actor to gain access to confidential data, compromise its integrity, and cause service failures.
The vulnerability of the systemd service initialization and management subsystem is related to the improper assignment of privileges. Exploiting this vulnerability can allow an attacker to access confidential data, compromise its integrity, and cause service failures...
CVE-2022-0277 Incorrect Permission Assignment for Critical Resource in microweber/microweber
Incorrect Permission Assignment for Critical Resource in Packagist microweber/microweber prior to 1.2.11...