Lucene search
+L

259 matches found

CNVD
CNVD
added 2022/12/14 12:0 a.m.56 views

Siemens Simcenter STAR-CCM Privilege Elevation Vulnerability

Siemens Simcenter STAR-CCM is a complete multi-physics field solution from Siemens Germany that simulates products and designs working under real-world conditions. a security vulnerability exists in Siemens Simcenter STAR-CCM, which stems from improperly assigning file permissions to installation...

7.8CVSS3.5AI score0.00206EPSS
Exploits0References1
NVD
NVD
added 2022/12/13 4:15 p.m.29 views

CVE-2022-43517

A vulnerability has been identified in Simcenter STAR-CCM+ All versions V2306. The affected application improperly assigns file permissions to installation folders. This could allow a local attacker with an unprivileged account to override or modify the service executables and subsequently gain...

7.8CVSS0.00206EPSS
Exploits0References1
Prion
Prion
added 2022/12/13 4:15 p.m.16 views

Design/Logic Flaw

A vulnerability has been identified in Simcenter STAR-CCM+ All versions V2306. The affected application improperly assigns file permissions to installation folders. This could allow a local attacker with an unprivileged account to override or modify the service executables and subsequently gain...

4.3CVSS7.4AI score0.00206EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2022/12/13 12:0 a.m.22 views

PT-2022-26953 · Siemens · Simcenter Star-Ccm+

Name of the Vulnerable Software and Affected Versions: Simcenter STAR-CCM+ versions prior to V2306 Description: A vulnerability has been identified in the affected application, where it improperly assigns file permissions to installation folders. This could allow a local attacker with an...

7.8CVSS7.5AI score0.00206EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2022/12/13 12:0 a.m.7 views

CVE-2022-43517

A vulnerability has been identified in Simcenter STAR-CCM+ All versions V2306. The affected application improperly assigns file permissions to installation folders. This could allow a local attacker with an unprivileged account to override or modify the service executables and subsequently gain...

7.8CVSS7.4AI score0.00206EPSS
Exploits0References1
CVE
CVE
added 2022/12/13 12:0 a.m.57 views

CVE-2022-43517

CVE-2022-43517 – Simcenter STAR-CCM+ affects all versions prior to V2306. The vulnerability arises from incorrect file/installation-folder permissions, enabling a local unprivileged user to override or modify service executables and gain elevated privileges (CVSS v3.1 base score 7.8). Public refe...

7.8CVSS7.4AI score0.00206EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2022/12/13 12:0 a.m.32 views

CVE-2022-43517

A vulnerability has been identified in Simcenter STAR-CCM+ All versions V2306. The affected application improperly assigns file permissions to installation folders. This could allow a local attacker with an unprivileged account to override or modify the service executables and subsequently gain...

7.8CVSS7.6AI score0.00206EPSS
Exploits0References1
ICS
ICS
added 2022/12/13 12:0 a.m.41 views

Siemens Simcenter STAR-CCM+

​​As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories CERT Services | Services ...

7.8CVSS7.8AI score0.00206EPSS
Exploits0References12
Oracle linux
Oracle linux
added 2022/11/29 12:0 a.m.53 views

kubernetes security update

kubernetes 1.22.16-1 - Added Oracle specific build files for Kubernetes - Add preBuildOL8Commands to Jenkinsfile kubernetes 1.23.14-1 - Added Oracle specific build files for Kubernetes kubernetes 1.24.8-1 - Added Oracle specific build files for Kubernetes olcne 1.5.8-4 - Fix 1.21 kubernetes versi...

10CVSS0.2AI score0.02701EPSS
Exploits2
NVD
NVD
added 2022/10/19 10:15 p.m.29 views

CVE-2022-41983

On specific hardware platforms, on BIG-IP versions 16.1.x before 16.1.3.1, 15.1.x before 15.1.7, 14.1.x before 14.1.5.1, and all versions of 13.1.x, while Intel QAT QuickAssist Technology and the AES-GCM/CCM cipher is in use, undisclosed conditions can cause BIG-IP to send data unencrypted even...

3.7CVSS0.00249EPSS
Exploits0References1
Prion
Prion
added 2022/10/19 10:15 p.m.24 views

Race condition

On specific hardware platforms, on BIG-IP versions 16.1.x before 16.1.3.1, 15.1.x before 15.1.7, 14.1.x before 14.1.5.1, and all versions of 13.1.x, while Intel QAT QuickAssist Technology and the AES-GCM/CCM cipher is in use, undisclosed conditions can cause BIG-IP to send data unencrypted even...

2.6CVSS4.2AI score0.00249EPSS
Exploits0References1Affected Software19
CVE
CVE
added 2022/10/19 9:26 p.m.85 views

CVE-2022-41983

CVE-2022-41983 describes a BIG-IP TMM vulnerability where, on certain hardware with Intel QAT and AES-GCM/CCM, data may be sent unencrypted despite an SSL profile. Affected BIG-IP branches: 16.x (vuln up to 16.1.3; fix in 16.1.3.1), 15.x (up to 15.1.6; fix in 15.1.7), 14.x (up to 14.1.5; fix in 1...

3.7CVSS4.5AI score0.00249EPSS
Exploits0References1Affected Software19
Cvelist
Cvelist
added 2022/10/19 9:26 p.m.33 views

CVE-2022-41983 BIG-IP TMM Vulnerability CVE-2022-41983

On specific hardware platforms, on BIG-IP versions 16.1.x before 16.1.3.1, 15.1.x before 15.1.7, 14.1.x before 14.1.5.1, and all versions of 13.1.x, while Intel QAT QuickAssist Technology and the AES-GCM/CCM cipher is in use, undisclosed conditions can cause BIG-IP to send data unencrypted even...

3.7CVSS4.5AI score0.00249EPSS
Exploits0References1
CNNVD
CNNVD
added 2022/10/19 12:0 a.m.5 views

F5 BIG-IP 安全漏洞

F5 BIG-IP is an application delivery platform that integrates network traffic management, application security management, load balancing, and other features from F5 USA. A security vulnerability exists in the F5 BIG-IP that stems from the fact that although it uses Intel QAT QuickAssist Technolo...

3.7CVSS5.1AI score0.00249EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2022/10/03 12:0 a.m.42 views

Oracle Linux 7 : kubernetes (ELSA-2022-9855)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2022-9855 advisory. - Resolve Kubernetes CVE-2022-3172 for version 1.21 - Resolve Kubernetes CVE-2022-3172 for version 1.22 - Resolve Kubernetes CVE-2022-3172 for version 1.23 -...

10CVSS6.8AI score0.02701EPSS
Exploits2References2
ATTACKERKB
ATTACKERKB
added 2022/09/07 10:15 p.m.6 views

CVE-2022-38254

Nagios XI before v5.8.7 was discovered to contain a cross-site scripting XSS vulnerability via the ajax.php script in CCM 3.1.5...

6.1CVSS5.6AI score0.01781EPSS
Exploits0References2
NVD
NVD
added 2022/09/07 10:15 p.m.36 views

CVE-2022-38254

Nagios XI before v5.8.7 was discovered to contain a cross-site scripting XSS vulnerability via the ajax.php script in CCM 3.1.5...

6.1CVSS0.01781EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2022/09/07 10:15 p.m.36 views

CVE-2022-38254

Nagios XI before v5.8.7 was discovered to contain a cross-site scripting XSS vulnerability via the ajax.php script in CCM 3.1.5...

6.1CVSS6.3AI score0.01781EPSS
Exploits0References2
OSV
OSV
added 2022/09/07 10:15 p.m.49 views

UBUNTU-CVE-2022-38254

Nagios XI before v5.8.7 was discovered to contain a cross-site scripting XSS vulnerability via the ajax.php script in CCM 3.1.5...

6.1CVSS6.3AI score0.01781EPSS
Exploits0References3
Cvelist
Cvelist
added 2022/09/07 9:14 p.m.38 views

CVE-2022-38254

Nagios XI before v5.8.7 was discovered to contain a cross-site scripting XSS vulnerability via the ajax.php script in CCM 3.1.5...

6.2AI score0.01781EPSS
Exploits0References1
Rows per page
Query Builder