Lucene search
K

869 matches found

Prion
Prion
added 2022/10/07 3:15 p.m.16 views

Improper access control

Improper access control in mumcontainerpolicy service prior to SMR Oct-2022 Release 1 allows allows unauthorized read of configuration data...

1.7CVSS4.1AI score0.00081EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2022/10/07 12:0 a.m.17 views

CVE-2022-39849

Improper access control in knoxvpnpolicy service prior to SMR Oct-2022 Release 1 allows allows unauthorized read of configuration data...

4.2AI score0.00081EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2022/10/07 12:0 a.m.3 views

PT-2022-25038 · Samsung · Knox Vpn Policy

Name of the Vulnerable Software and Affected Versions: knox vpn policy versions prior to SMR Oct-2022 Release 1 Description: The issue is related to improper access control in the knox vpn policy service, which allows unauthorized read access to configuration data. Recommendations: For versions...

3.3CVSS3.8AI score0.00081EPSS
Exploits0References2
CNNVD
CNNVD
added 2022/10/07 12:0 a.m.3 views

SAMSUNG Mobile devices 安全漏洞

SAMSUNG Mobile devices are a range of Samsung mobile devices, including cell phones, tablets, etc., from the South Korean company Samsung SAMSUNG. A security vulnerability exists in SAMSUNG Mobile devices SMR Oct-2022 Release 1 version, which stems from incorrect access control in the knoxvpnpoli...

3.3CVSS4.9AI score0.00081EPSS
Exploits0References2
Cvelist
Cvelist
added 2022/10/07 12:0 a.m.19 views

CVE-2022-39850

Improper access control in mumcontainerpolicy service prior to SMR Oct-2022 Release 1 allows allows unauthorized read of configuration data...

4.2AI score0.00081EPSS
Exploits0References1
CNNVD
CNNVD
added 2022/10/07 12:0 a.m.2 views

SAMSUNG Mobile devices 安全漏洞

SAMSUNG Mobile devices are a range of Samsung mobile devices, including cell phones, tablets, etc., from the South Korean company Samsung SAMSUNG. A security vulnerability exists in SAMSUNG Mobile devices SMR Oct-2022 Release 1 version, which stems from incorrect access control in the...

3.3CVSS4.9AI score0.00081EPSS
Exploits0References2
Ubuntu
Ubuntu
added 2022/10/06 1:28 p.m.62 views

USN-5661-1: LibreOffice vulnerabilities

It was discovered that LibreOffice incorrectly validated macro signatures. If a user were tricked into opening a specially crafted document, a remote attacker could possibly use this issue to execute arbitrary macros. CVE-2022-26305 It was discovered that Libreoffice incorrectly handled encryptin...

8.8CVSS7.9AI score0.0113EPSS
Exploits0
CNVD
CNVD
added 2022/09/30 12:0 a.m.16 views

Dell SmartFabric OS10 Trust Management Issue Vulnerability

Dell Networking OS10 is a Linux-based network switch operating system from Dell DELL. A security vulnerability exists in Support Assist in Dell Networking OS10 version 10.5.3.4. An unauthenticated, remote attacker could exploit this vulnerability to access limited switch configuration data and...

3.7CVSS4.2AI score0.00349EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2022/09/14 12:0 a.m.6 views

PT-2022-7401 · Glpi +2 · Glpi +2

Name of the Vulnerable Software and Affected Versions: GLPI versions prior to 10.0.3 Description: The issue concerns the exposure of private information defined in the setup of GLPI, such as smtp or cas hosts, to unauthorized individuals. This exposure can be exploited remotely, allowing attacker...

10CVSS6.3AI score0.99628EPSS
Exploits40References205
ATTACKERKB
ATTACKERKB
added 2022/09/13 10:15 p.m.2 views

CVE-2022-35413

WAPPLES through 6.0 has a hardcoded systemi account. A threat actor could use this account to access the system configuration and confidential information such as SSL keys via an HTTPS request to the /webapi/ URI on port 443 or 5001...

9.8CVSS7.3AI score0.12476EPSS
Exploits0References6
IBM Security Bulletins
IBM Security Bulletins
added 2022/09/08 12:26 a.m.72 views

Security Bulletin: Potential Security Vulnerabilities fixed in IBM WebSphere Application Server 8.5.5.5

Summary Cross reference list for security vulnerabilites fixed in IBM WebSphere Application Server 8.5.5.5, IBM WebSphere Application Server Hypervisor 8.5.5.5 and IBM HTTP Server 8.5.5.5 Vulnerability Details CVEID:CVE-2015-0174APAR PI21072 DESCRIPTION: IBM WebSphere Application Server using SNM...

9.3CVSS4.2AI score0.99999EPSS
Exploits7Affected Software3
IBM Security Bulletins
IBM Security Bulletins
added 2022/09/08 12:26 a.m.80 views

Security Bulletin: Potential Security Vulnerabilities fixed in IBM WebSphere Application Server 7.0.0.35

Summary Cross reference list for security vulnerabilites fixed in IBM WebSphere Application Server 7.0.0.35, IBM WebSphere Application Server Hypervisor 7.0.0.35 and IBM HTTP Server 7.0.0.35. Vulnerability Details CVE ID:CVE-2014-3021 APAR PI08268 DESCRIPTION: IBM WebSphere Application Server cou...

6.8CVSS6.4AI score0.85744EPSS
Exploits7Affected Software3
ATTACKERKB
ATTACKERKB
added 2022/08/26 4:15 p.m.3 views

CVE-2022-25625

A malicious unauthorized PAM user can access the administration configuration data and change the values...

8.8CVSS5.3AI score0.00728EPSS
Exploits0References2
OSV
OSV
added 2022/08/26 4:15 p.m.2 views

CVE-2022-25625

A malicious unauthorized PAM user can access the administration configuration data and change the values...

8.8CVSS5.8AI score0.00728EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2022/08/26 12:0 a.m.3 views

PT-2022-17417 · Broadcom · Symantec Privileged Access Management

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned. Description: A malicious unauthorized PAM user can access the administration configuration data and change the values. Recommendations: At the moment, there is no information about a newer versi...

8.8CVSS8.6AI score0.00728EPSS
Exploits0References4
CNNVD
CNNVD
added 2022/08/15 12:0 a.m.2 views

Apache OpenOffice 安全特征问题特征问题漏洞

Apache OpenOffice is an open source office software suite from the U.S. Apache Apache Foundation. The suite contains text documents, spreadsheets, presentations, drawings, databases, and more. A security signature issue vulnerability exists in Apache OpenOffice versions prior to 4.1.13, which ste...

8.8CVSS7.8AI score0.0082EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2022/07/26 10:15 p.m.2 views

CVE-2022-29952

Bently Nevada condition monitoring equipment through 2022-04-29 mishandles authentication. It utilizes the TDI command and data protocols 60005/TCP, 60007/TCP for communications between the monitoring controller and System 1 and/or Bently Nevada Monitor Configuration BNMC software. These protocol...

9.1CVSS7.2AI score0.00863EPSS
Exploits0References3
OSV
OSV
added 2022/07/25 3:15 p.m.1 views

DEBIAN-CVE-2022-26306

LibreOffice supports the storage of passwords for web connections in the user’s configuration database. The stored passwords are encrypted with a single master key provided by the user. A flaw in LibreOffice existed where the required initialization vector for encryption was always the same which...

7.5CVSS7.8AI score0.00798EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2022/07/25 12:0 a.m.42 views

CVE-2022-26306

LibreOffice supports the storage of passwords for web connections in the user’s configuration database. The stored passwords are encrypted with a single master key provided by the user. A flaw in LibreOffice existed where the required initialization vector for encryption was always the same which...

7.5CVSS7.6AI score0.00798EPSS
Exploits0
OSV
OSV
added 2022/07/20 5:15 p.m.3 views

CVE-2022-34049

An access control issue in Wavlink WN530HG4 M30HG4.V5030.191116 allows unauthenticated attackers to download log files and configuration data...

5.3CVSS5.8AI score0.02176EPSS
Exploits1References2
Rows per page
Query Builder