CVE-2021-21981

VMware NSX-T contains a privilege escalation vulnerability due to an issue with RBAC Role based access control role assignment. Successful exploitation of this issue may allow attackers with local guest user account to assign privileges higher than their own permission level...

GPAC 输入验证错误漏洞

GPAC is an open source multimedia framework. GPAC 1.0.1 is vulnerable to integer overflow, which can be exploited by attackers to cause assignment failures...

SUSE: Security Advisory (SUSE-SU-2021:0241-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2021:0246-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2021-21096 Adobe Bridge Genuine Software Service Incorrect Permission Assignment could lead to Denial-of-Service

Adobe Bridge versions 10.1.1 and earlier and 11.0.1 and earlier are affected by an Improper Authorization vulnerability in the Genuine Software Service. A low-privileged attacker could leverage this vulnerability to achieve application denial-of-service in the context of the current user...

Adobe Bridge Genuine Software Service Incorrect Permission Assignment Denial-of-Service Vulnerability

This vulnerability allows local attackers to create a denial-of-service condition on affected installations of Adobe Bridge. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the...

CVE-2021-22716

A CWE-732: Incorrect Permission Assignment for Critical Resource vulnerability exists that could allow remote code execution when an unprivileged user modifies a file. Affected Product: C-Bus Toolkit V1.15.9 and prior...

Remote code execution

A CWE-732: Incorrect Permission Assignment for Critical Resource vulnerability exists that could allow remote code execution when an unprivileged user modifies a file. Affected Product: C-Bus Toolkit V1.15.9 and prior...

CVE-2021-22716

The CVE-2021-22716 entry concerns Schneider Electric C-Bus Toolkit (versions up to v1.15.9) with an Improper Permission Assignment for Critical Resource vulnerability that could allow remote code execution when an unprivileged user modifies a file. The root cause is incorrect permissions on criti...

CVE-2021-28645

An incorrect permission assignment vulnerability in Trend Micro Apex One, Apex One as a Service and OfficeScan XG SP1 could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target...

Design/Logic Flaw

An incorrect permission assignment vulnerability in Trend Micro Apex One, Apex One as a Service and OfficeScan XG SP1 could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target...

CVE-2021-28645

An incorrect permission assignment vulnerability in Trend Micro Apex One, Apex One as a Service and OfficeScan XG SP1 could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target...

Advantech WebAccessSCADA

1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Exploitable remotely/low attack complexity Vendor: Advantech Equipment: WebAccess/SCADA Vulnerability: Incorrect Permission Assignment for Critical Resource 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to...

Trend Micro Apex One Incorrect Permission Assignment Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Trend Micro Apex One. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the ApexOne...

Design/Logic Flaw

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none...

The vulnerability of the GPU Nouveau driver for the Linux operating system, which allows a hacker to trigger a service failure

The vulnerability of the GPU Nouveau driver for the Linux operating system is related to pointer assignment errors. Exploiting this vulnerability can allow an attacker to trigger a service failure by calling the ioctl DRMIOCTLNOUVEAUCHANNELALLOC function...

The vulnerability of Moxa VPORT 06EC-2V series IP cameras’ microprogramming software is related to errors in pointer assignment. This vulnerability allows attackers to circumvent existing security restrictions through brute-force attacks.

The vulnerability of Moxa VPORT 06EC-2V series IP cameras’ microprogramming software is related to pointer assignment errors. Exploiting this vulnerability can allow a malicious actor to bypass existing security restrictions through brute-force attacks...

CVE-2021-22311

There is an improper permission assignment vulnerability in Huawei ManageOne product. Due to improper security hardening, the process can run with a higher privilege. Successful exploit could allow certain users to do certain operations with improper permissions. Affected product versions include...

Design/Logic Flaw

There is an improper permission assignment vulnerability in Huawei ManageOne product. Due to improper security hardening, the process can run with a higher privilege. Successful exploit could allow certain users to do certain operations with improper permissions. Affected product versions include...

CVE-2021-22311

Summary: CVE-2021-22311 affects Huawei ManageOne, specifically version 8.0.0 and 8.0.1, due to an improper permission assignment vulnerability from weak security hardening. The issue allows a process to run with higher privileges, enabling affected users to perform operations with improper permis...