212 matches found
CVE-2024-38496 Symantec Privileged Access Manager Insecure Direct Object Reference vulnerability
The vulnerability allows a malicious low-privileged PAM user to access information about other PAM users and their group memberships...
CVE-2022-48732 drm/nouveau: fix off by one in BIOS boundary checking
In the Linux kernel, the following vulnerability has been resolved: drm/nouveau: fix off by one in BIOS boundary checking Bounds checking when parsing init scripts embedded in the BIOS reject access to the last byte. This causes driver initialization to fail on Apple eMac's with GeForce 2 MX GPUs...
Intel idxd 安全漏洞
Intel idxd is a driver from Intel Corporation USA. A security vulnerability exists in Intel idxd that stems from a potential security issue with hardware errata allowing untrusted applications direct access...
CVE-2024-2441
CVE-2024-2441 (VikBooking plugin) : The VikBooking Hotel Booking Engine & PMS for WordPress (before 1.6.8) suffers an insecure direct object reference (IDOR) flaw in its access control, allowing an authenticated user with subscriber privileges or higher to directly access menus and plugin setting...
Elber Reble610 M/ODU XPIC IP-ASI-SDH Microwave Link - Authentication Bypass
Elber Reble610 M/ODU XPIC IP-ASI-SDH Microwave Link Authentication Bypass Vendor: Elber S.r.l. Product web page: https://www.elber.it Affected version: 0.01 Revision 0 Summary: The REBLE610 features an accurate hardware design, absence of internal cabling and full modularity. The unit is composed...
Scalable Vector Graphics (SVG) <= 3.4 - Author+ Stored XSS via SVG
Description The plugin does not sanitize uploaded SVG files, which could allow users with a role as low as Author to upload a malicious SVG containing XSS payloads. Upload an SVG with the following code: alert"xss"; Access the uploaded file directly to see the XSS...
CVE-2024-0842
The Backuply – Backup, Restore, Migrate and Clone plugin for WordPress is vulnerable to Denial of Service in all versions up to, and including, 1.2.5. This is due to direct access of the backuply/restoreins.php file and. This makes it possible for unauthenticated attackers to make excessive...
CVE-2024-0842 Backuply - Backup, Restore, Migrate and Clone <= 1.2.6 - Denial of Service
The Backuply – Backup, Restore, Migrate and Clone plugin for WordPress is vulnerable to Denial of Service in all versions up to, and including, 1.2.6. This is due to direct access of the backuply/restoreins.php file and. This makes it possible for unauthenticated attackers to make excessive...
WordPress Plugin Backuply Security Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in the...
Add SVG Support for Media Uploader | inventivo <= 1.0.5 - Author+ Stored XSS via SVG
Description The plugin does not sanitize uploaded SVG files, which could allow users with a role as low as Author to upload a malicious SVG containing XSS payloads. Upload an SVG with the following code: alert"xss"; Access the uploaded file directly to see the XSS...
CVE-2023-5090 Kernel: kvm: svm: improper check in svm_set_x2apic_msr_interception allows direct access to host x2apic msrs
A flaw was found in KVM. An improper check in svmsetx2apicmsrinterception may allow direct access to host x2apic msrs when the guest resets its apic, potentially leading to a denial of service condition...
CVE-2023-43271
Incorrect access control in 70mai a500s v1.2.119 allows attackers to directly access and delete the video files of the driving recorder through ftp and other protocols...
PT-2023-28754 · 70Mai · 70Mai A500S
Name of the Vulnerable Software and Affected Versions: 70mai a500s version 1.2.119 Description: The issue is related to incorrect access control, allowing attackers to directly access and delete video files of the driving recorder through ftp and other protocols. Recommendations: For version...
WordPress plugin Super Store Finder security vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...
GHSA-J2R7-3RVW-G7GX Apache Pulsar Broker's Rest Producer vulnerable to Incorrect Authorization
Incorrect Authorization vulnerability in Apache Software Foundation Apache Pulsar Broker's Rest Producer allows authenticated user with a custom HTTP header to produce a message to any topic using the broker's admin role. This issue affects Apache Pulsar Brokers: from 2.9.0 through 2.9.5, from...
GHSA-5CC8-PGP5-7MPM Keycloak Untrusted Certificate Validation vulnerability
A flaw was found in keycloak-core. This flaw considers the scenario when using X509 Client Certificate Authenticatior with the option "Revalidate Client Certificate". A user may be able to choose, if directly connect to keycloak not passing via reverse proxy a specific certificate. If there's a...
TeslaMate 信息泄露漏洞
TeslaMate is an open source project, a self-hosted data logger for Tesla. A security vulnerability exists in TeslaMate version v1.27.1, which stems from a vulnerability that allows an attacker to obtain sensitive information by directly accessing the teslamate link...
CVE-2023-29857
An issue in Teslamate v1.27.1 allows attackers to obtain sensitive information via directly accessing the teslamate link...
Evasys 安全漏洞
Evasys is a platform for fully automated surveys and exam solutions for online, paper-based and mixed use from Evasys Germany. A security vulnerability exists in Evasys versions prior to v8.2 Build 2286 and v9.x prior to v9.0 Build 2401, which stems from a vulnerability in multiple components tha...
CVE-2023-31435
Multiple components such as Onlinetemplate-Verwaltung, Liste aller Teilbereiche, Umfragen anzeigen, and questionnaire previews in evasys before 8.2 Build 2286 and 9.x before 9.0 Build 2401 allow authenticated attackers to read and write to unauthorized data by accessing functions directly...