Lucene search
K

3977 matches found

NVD
NVD
added 2021/11/19 7:15 p.m.16 views

CVE-2021-26248

Philips MRI 1.5T and MRI 3T Version 5.3 through 5.8.1 does not restrict or incorrectly restricts access to a resource from an unauthorized actor...

5.9CVSS0.00226EPSS
Exploits0References2
OSV
OSV
added 2021/11/19 7:15 p.m.5 views

CVE-2021-26248

Philips MRI 1.5T and MRI 3T Version 5.x.x assigns an owner who is outside the intended control sphere to a resource...

5.5CVSS6.1AI score0.00226EPSS
Exploits0References2
Cvelist
Cvelist
added 2021/11/19 6:37 p.m.17 views

CVE-2021-26248 Philips MRI 1.5T and 3T Incorrect Ownership Assignment

Philips MRI 1.5T and MRI 3T Version 5.3 through 5.8.1 does not restrict or incorrectly restricts access to a resource from an unauthorized actor...

5.9CVSS6.5AI score0.00226EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2021/11/18 12:0 a.m.3 views

The vulnerability of the Windows Hyper-V Discrete Device Assignment (DDA) component of the operating system allows a hacker to trigger a service failure.

The vulnerability of the Windows Hyper-V Discrete Device Assignment DDA component of the operating system exists due to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to cause a service failure...

6.5CVSS6.6AI score0.00606EPSS
Exploits0References3
Huntr
Huntr
added 2021/11/16 8:17 p.m.8 views

in janeczku/calibre-web

Description A user with no permissions about public shelves can edit his own private shelf making it public. This vulnerability is called Mass Assignment. Proof of Concept The file shelf.py at line 247 sets as public every shelf to be edited, so if the user injects the parameter ispublic=on in th...

0.3AI score
Exploits0
Code423n4
Code423n4
added 2021/11/16 12:0 a.m.11 views

setGuardian() Wrong implementation

Handle WatchPug Vulnerability details function setGuardianaddress guardian external onlyGovernance; governance = guardian; function setGuardianaddress guardian external onlyGovernance; governance = guardian; governance = guardian should be guardian = guardian. --- The text was updated successfull...

7.1AI score
Exploits0
OpenVAS
OpenVAS
added 2021/11/11 12:0 a.m.18 views

Samba Security Vulnerability (CVE-2013-0454)

A share configuration Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute it and/or modify i...

4CVSS6.6AI score0.02981EPSS
Exploits0References1
OSV
OSV
added 2021/11/10 1:19 a.m.2 views

CVE-2021-42274

Windows Hyper-V Discrete Device Assignment DDA Denial of Service Vulnerability...

6.8CVSS5.8AI score0.00606EPSS
Exploits0References1
Microsoft CVE
Microsoft CVE
added 2021/11/09 8:0 a.m.34 views

Windows Hyper-V Discrete Device Assignment (DDA) Denial of Service Vulnerability

...

6.8CVSS6.8AI score0.00606EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2021/11/09 12:0 a.m.4 views

PT-2021-4806 · Microsoft · Windows Hyper-V +1

Name of the Vulnerable Software and Affected Versions: Windows Hyper-V affected versions not specified Description: The issue exists due to insufficient input validation in the Windows Hyper-V Discrete Device Assignment DDA component. This can be exploited to cause a denial of service...

6.8CVSS6.3AI score0.00606EPSS
Exploits0References7
OSV
OSV
added 2021/11/01 9:15 a.m.5 views

CVE-2018-25019

The LearnDash LMS WordPress plugin before 2.5.4 does not have any authorisation and validation of the file to be uploaded in the learndashassignmentprocessinit function, which could allow unauthenticated users to upload arbitrary files to the web server...

7.5CVSS5.8AI score0.01531EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2021/10/27 12:0 a.m.44 views

NewStart CGSL MAIN 6.02 : firefox Multiple Vulnerabilities (NS-SA-2021-0120)

The remote NewStart CGSL host, running version MAIN 6.02, has firefox packages installed that are affected by multiple vulnerabilities: - Uninitialized Use in V8 in Google Chrome prior to 87.0.4280.88 allowed a remote attacker to obtain potentially sensitive information from process memory via a...

8.8CVSS8.4AI score0.01891EPSS
Exploits0References43
Tenable Nessus
Tenable Nessus
added 2021/10/27 12:0 a.m.215 views

NewStart CGSL CORE 5.05 / MAIN 5.05 : thunderbird Multiple Vulnerabilities (NS-SA-2021-0177)

The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has thunderbird packages installed that are affected by multiple vulnerabilities: - Use after free in WebRTC in Google Chrome prior to 88.0.4324.96 allowed a remote attacker to potentially exploit heap corruption via a crafted...

8.8CVSS7.7AI score0.01569EPSS
Exploits1References23
BDU FSTEC
BDU FSTEC
added 2021/10/27 12:0 a.m.4 views

The vulnerability of the QEMU hardware emulation software, related to pointer swapping errors, allows a hacker to trigger a service failure.

The vulnerability of the QEMU hardware emulation software is related to pointer assignment errors. Exploiting this vulnerability can allow a remote attacker to cause a service failure...

7.5CVSS7AI score0.02823EPSS
Exploits0References6Affected Software2
BDU FSTEC
BDU FSTEC
added 2021/10/22 12:0 a.m.31 views

The vulnerability of the software-hardware complex for protecting information from unauthorized access—“Akord-V”—is related to the violation of established role assignments. This allows an intruder to bypass the access restrictions for resources of the ABI/AVI system for the system administrators and execute arbitrary code on behalf of the system.

The vulnerability of the software-hardware complex for protecting information from unauthorized access, “Akord-V,” is related to the violation of established role assignments. Exploiting this vulnerability allows an intruder to bypass the access restrictions for ARMs of types ABI/AVI for ARM...

7.4CVSS6AI score
Exploits0Affected Software1
NVD
NVD
added 2021/10/21 8:15 a.m.15 views

CVE-2021-42011

An incorrect permission assignment vulnerability in Trend Micro Apex One and Apex One as a Service could allow a local attacker to load a DLL with escalated privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target...

7.8CVSS0.00338EPSS
Exploits0References2
Prion
Prion
added 2021/10/21 8:15 a.m.16 views

Design/Logic Flaw

An incorrect permission assignment vulnerability in Trend Micro Apex One and Apex One as a Service could allow a local attacker to load a DLL with escalated privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target...

4.6CVSS7.6AI score0.00338EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2021/10/21 7:46 a.m.18 views

CVE-2021-42011

An incorrect permission assignment vulnerability in Trend Micro Apex One and Apex One as a Service could allow a local attacker to load a DLL with escalated privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target...

7.8AI score0.00338EPSS
Exploits0References2
CVE
CVE
added 2021/10/21 7:46 a.m.51 views

CVE-2021-42011

CVE-2021-42011 refers to an incorrect permission assignment vulnerability in Trend Micro Apex One and Apex One as a Service. The issue allows a local attacker who already has low-privilege code execution to load a DLL with escalated privileges, compromising affected installations. Supported detai...

7.8CVSS7.6AI score0.00338EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2021/10/19 7:15 p.m.16 views

CVE-2021-31377

An Incorrect Permission Assignment for Critical Resource vulnerability of a certain file in the filesystem of Junos OS allows a local authenticated attacker to cause routing process daemon RPD to crash and restart, causing a Denial of Service DoS. Repeated actions by the attacker will create a...

5.5CVSS0.00191EPSS
Exploits0References1
Rows per page
Query Builder