Cisco TelePresence Collaboration Endpoint Software Arbitrary File Write Vulnerability

A vulnerability in the CLI of Cisco TelePresence Collaboration Endpoint CE Software could allow an authenticated, local attacker to write files to the /root directory of an affected device. The vulnerability is due to improper permission assignment. An attacker could exploit this vulnerability by...

CVE-2019-3765

Dell EMC Avamar Server versions 7.4.1, 7.5.0, 7.5.1, 18.2 and 19.1 and Dell EMC Integrated Data Protection Appliance IDPA versions 2.0, 2.1, 2.2, 2.3 and 2.4 contain an Incorrect Permission Assignment for Critical Resource vulnerability. A remote authenticated malicious user potentially could...

Code injection

Dell EMC Avamar Server versions 7.4.1, 7.5.0, 7.5.1, 18.2 and 19.1 and Dell EMC Integrated Data Protection Appliance IDPA versions 2.0, 2.1, 2.2, 2.3 and 2.4 contain an Incorrect Permission Assignment for Critical Resource vulnerability. A remote authenticated malicious user potentially could...

CVE-2019-3765

Summary (CVE-2019-3765): Dell EMC Avamar Server (versions 7.4.1, 7.5.0, 7.5.1, 18.2, 19.1) and Dell EMC Integrated Data Protection Appliance (IDPA) (versions 2.0–2.4) are affected by an Incorrect Permission Assignment for a Critical Resource vulnerability. A remote authenticated attacker could vi...

The vulnerability in the driver sound/usb/line6/driver.c file of the Linux operating system allows a hacker to cause a service failure.

The vulnerability in the sound/usb/line6/driver.c file of the Linux operating system is related to pointer assignment errors. Exploiting this vulnerability could allow an attacker to cause a service failure...

The vulnerability in the drivers/net/wireless/ath/ath6kl/usb.c file of Linux operating systems, related to pointer arithmetic errors, allows a hacker to cause a service failure.

The vulnerability in the drivers/net/wireless/ath/ath6kl/usb.c file of Linux operating systems is related to pointer assignment errors. Exploiting this vulnerability allows an attacker to cause service failures...

CVE-2019-10394

A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.62 and earlier related to the handling of property names in property expressions on the left-hand side of assignment expressions allowed attackers to execute arbitrary code in sandboxed scripts...

3S-Smart Software Solutions GmbH CODESYS Control V3 Online User Management

1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: 3S-Smart Software Solutions GmbH Equipment: CODESYS Control V3 online user management Vulnerability: Incorrect Permission Assignment for Critical Resource 2. RISK EVALUATION Successful exploitation...

Fedora Update for kea FEDORA-2019-0811a88d77

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

[SECURITY] Fedora 30 Update: kea-1.5.0-9.fc30

DHCP implementation from Internet Systems Consortium, Inc. that features fu lly functional DHCPv4, DHCPv6 and Dynamic DNS servers. Both DHCP servers fully support server discovery, address assignment, renew al, rebinding and release. The DHCPv6 server supports prefix delegation. Both servers...

Gamification Can Transform Company Cybersecurity Culture

Chief information security officers CISOs of Global 2000 enterprises have one of the toughest jobs in the world, defending their organization’s cyberspace and being the guardian of its assets and private information. But CISOs also have a second, even bigger problem: Their own company employees...

Design/Logic Flaw

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2016. Notes: none...

Design/Logic Flaw

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2016. Notes: none...

Design/Logic Flaw

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2014. Notes: none...

CVE-2017-18392

cPanel before 68.0.15 allows collisions because PostgreSQL databases can be assigned to multiple accounts SEC-325...

Code injection

cPanel before 68.0.15 allows collisions because PostgreSQL databases can be assigned to multiple accounts SEC-325...

Unauthorized Modification

moodle is vulnerable to unauthorized modification. The vulnerability is possible because it does not observe separate groups mode before overriding assignment group, allowing teachers in an assignment group to modify group overrides...

Design/Logic Flaw

A flaw was found in moodle before versions 3.7.1, 3.6.5, 3.5.7. Teachers in an assignment group could modify group overrides for other groups in the same assignment...

CVE-2019-10189

A flaw was found in moodle before versions 3.7.1, 3.6.5, 3.5.7. Teachers in an assignment group could modify group overrides for other groups in the same assignment...

UBUNTU-CVE-2019-10189

A flaw was found in moodle before versions 3.7.1, 3.6.5, 3.5.7. Teachers in an assignment group could modify group overrides for other groups in the same assignment...