869 matches found
Improper access control
Improper access control in mumcontainerpolicy service prior to SMR Oct-2022 Release 1 allows allows unauthorized read of configuration data...
CVE-2022-39849
Improper access control in knoxvpnpolicy service prior to SMR Oct-2022 Release 1 allows allows unauthorized read of configuration data...
PT-2022-25038 · Samsung · Knox Vpn Policy
Name of the Vulnerable Software and Affected Versions: knox vpn policy versions prior to SMR Oct-2022 Release 1 Description: The issue is related to improper access control in the knox vpn policy service, which allows unauthorized read access to configuration data. Recommendations: For versions...
SAMSUNG Mobile devices 安全漏洞
SAMSUNG Mobile devices are a range of Samsung mobile devices, including cell phones, tablets, etc., from the South Korean company Samsung SAMSUNG. A security vulnerability exists in SAMSUNG Mobile devices SMR Oct-2022 Release 1 version, which stems from incorrect access control in the knoxvpnpoli...
CVE-2022-39850
Improper access control in mumcontainerpolicy service prior to SMR Oct-2022 Release 1 allows allows unauthorized read of configuration data...
SAMSUNG Mobile devices 安全漏洞
SAMSUNG Mobile devices are a range of Samsung mobile devices, including cell phones, tablets, etc., from the South Korean company Samsung SAMSUNG. A security vulnerability exists in SAMSUNG Mobile devices SMR Oct-2022 Release 1 version, which stems from incorrect access control in the...
USN-5661-1: LibreOffice vulnerabilities
It was discovered that LibreOffice incorrectly validated macro signatures. If a user were tricked into opening a specially crafted document, a remote attacker could possibly use this issue to execute arbitrary macros. CVE-2022-26305 It was discovered that Libreoffice incorrectly handled encryptin...
Dell SmartFabric OS10 Trust Management Issue Vulnerability
Dell Networking OS10 is a Linux-based network switch operating system from Dell DELL. A security vulnerability exists in Support Assist in Dell Networking OS10 version 10.5.3.4. An unauthenticated, remote attacker could exploit this vulnerability to access limited switch configuration data and...
PT-2022-7401 · Glpi +2 · Glpi +2
Name of the Vulnerable Software and Affected Versions: GLPI versions prior to 10.0.3 Description: The issue concerns the exposure of private information defined in the setup of GLPI, such as smtp or cas hosts, to unauthorized individuals. This exposure can be exploited remotely, allowing attacker...
CVE-2022-35413
WAPPLES through 6.0 has a hardcoded systemi account. A threat actor could use this account to access the system configuration and confidential information such as SSL keys via an HTTPS request to the /webapi/ URI on port 443 or 5001...
Security Bulletin: Potential Security Vulnerabilities fixed in IBM WebSphere Application Server 8.5.5.5
Summary Cross reference list for security vulnerabilites fixed in IBM WebSphere Application Server 8.5.5.5, IBM WebSphere Application Server Hypervisor 8.5.5.5 and IBM HTTP Server 8.5.5.5 Vulnerability Details CVEID:CVE-2015-0174APAR PI21072 DESCRIPTION: IBM WebSphere Application Server using SNM...
Security Bulletin: Potential Security Vulnerabilities fixed in IBM WebSphere Application Server 7.0.0.35
Summary Cross reference list for security vulnerabilites fixed in IBM WebSphere Application Server 7.0.0.35, IBM WebSphere Application Server Hypervisor 7.0.0.35 and IBM HTTP Server 7.0.0.35. Vulnerability Details CVE ID:CVE-2014-3021 APAR PI08268 DESCRIPTION: IBM WebSphere Application Server cou...
CVE-2022-25625
A malicious unauthorized PAM user can access the administration configuration data and change the values...
CVE-2022-25625
A malicious unauthorized PAM user can access the administration configuration data and change the values...
PT-2022-17417 · Broadcom · Symantec Privileged Access Management
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned. Description: A malicious unauthorized PAM user can access the administration configuration data and change the values. Recommendations: At the moment, there is no information about a newer versi...
Apache OpenOffice 安全特征问题特征问题漏洞
Apache OpenOffice is an open source office software suite from the U.S. Apache Apache Foundation. The suite contains text documents, spreadsheets, presentations, drawings, databases, and more. A security signature issue vulnerability exists in Apache OpenOffice versions prior to 4.1.13, which ste...
CVE-2022-29952
Bently Nevada condition monitoring equipment through 2022-04-29 mishandles authentication. It utilizes the TDI command and data protocols 60005/TCP, 60007/TCP for communications between the monitoring controller and System 1 and/or Bently Nevada Monitor Configuration BNMC software. These protocol...
DEBIAN-CVE-2022-26306
LibreOffice supports the storage of passwords for web connections in the user’s configuration database. The stored passwords are encrypted with a single master key provided by the user. A flaw in LibreOffice existed where the required initialization vector for encryption was always the same which...
CVE-2022-26306
LibreOffice supports the storage of passwords for web connections in the user’s configuration database. The stored passwords are encrypted with a single master key provided by the user. A flaw in LibreOffice existed where the required initialization vector for encryption was always the same which...
CVE-2022-34049
An access control issue in Wavlink WN530HG4 M30HG4.V5030.191116 allows unauthenticated attackers to download log files and configuration data...