Lucene search
K

132 matches found

Cvelist
Cvelist
added 2018/07/10 2:0 p.m.24 views

CVE-2018-9853

Insecure access control in freeSSHd version 1.3.1 allows attackers to obtain the privileges of the freesshd.exe process by leveraging the ability to login to an unprivileged account on the server...

9.4AI score0.01287EPSS
Exploits0References1
CVE
CVE
added 2018/07/10 2:0 p.m.50 views

CVE-2018-9853

CVE-2018-9853 affects freeSSHd version 1.3.1. The root cause is insecure access control that lets an attacker log in to an unprivileged account and escalate to the privileges of the freesshd.exe process. This yields a high to critical impact in practice, as indicated by the CVSS metrics (high con...

9.8CVSS9.2AI score0.01287EPSS
Exploits0References1Affected Software1
Openbugbounty
Openbugbounty
added 2018/06/15 8:17 p.m.9 views

bezak.umms.med.umich.edu Improper Access Control vulnerability

Open Bug Bounty ID: OBB-632920 Description| Value ---|--- Affected Website:| bezak.umms.med.umich.edu Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| IAC Improper Access Control / CWE-284 CVSSv3 Score:| 6.5...

0.1AI score
Exploits0
Openbugbounty
Openbugbounty
added 2018/06/06 8:7 p.m.12 views

sites.lsa.umich.edu Improper Access Control vulnerability

Open Bug Bounty ID: OBB-628086 Description| Value ---|--- Affected Website:| sites.lsa.umich.edu Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Wordpress Vulnerability Type:| IAC Improper Access Control / CWE-284 CVSSv3 Score:| 6.5...

0.2AI score
Exploits0
CNVD
CNVD
added 2015/05/27 12:0 a.m.3 views

Multiple Remote Vulnerabilities in Apache HBase

Apache HBase is a database for online services with native support for Hadoop, making it an obvious choice for applications that base their data processing on the scalability and flexibility of Hadoop. HBase versions 0.98.0 - 0.98.12, 1.0.0 - 1.0.1, and 1.1.0 have logic errors that can be handled...

7.5CVSS6.7AI score0.07425EPSS
Exploits0References1
seebug.org
seebug.org
added 2010/05/21 12:0 a.m.21 views

McAfee Email Gateway systemWebAdminConfig.do不安全访问控制漏洞

BUGTRAQ ID: 40255 McAfee Email Gateway之前名为IronMail,是企业级的硬件邮件网关和管理平台。 McAfee Email Gateway的systemWebAdminConfig.do配置文件没有执行正确的权限检查,拥有只读权限的Web Access用户可以通过在服务器响应的Form字段中添加HTML代码或发送特制POST请求执行写权限操作。 0 McAfee Email Gateway 6.7.1 厂商补丁: McAfee ------ 目前厂商还没有提供补丁或者升级程序,我们建议使用此软件的用户随时关注厂商的主页以获取最新版本:...

6.9AI score
Exploits0
Positive Technologies
Positive Technologies
added 2006/03/24 12:0 a.m.4 views

PT-2006-2389 · Trend Micro · Trend Micro Interscan Messaging Security Suite

Name of the Vulnerable Software and Affected Versions: Trend Micro InterScan Messaging Security Suite versions prior to 5.7.0.1121 Description: The issue concerns the ISNTSmtp directory in Trend Micro InterScan Messaging Security Suite, which uses insecure DACLs for critical files. This allows...

7.2CVSS6.6AI score0.00359EPSS
Exploits0References6
Cvelist
Cvelist
added 2005/05/19 4:0 a.m.15 views

CVE-2003-1213

The default installation of MaxWebPortal 1.30 stores the portal database under the web document root with insecure access control, which allows remote attackers to obtain sensitive information via a direct request to database/db2000.mdb...

6.2AI score0.02773EPSS
Exploits1References4
NVD
NVD
added 2003/12/31 5:0 a.m.26 views

CVE-2003-1133

Rit Research Labs The Bat! 1.0.11 through 2.0 creates new accounts with insecure ACLs, which allows local users to read other users' email messages...

2.1CVSS6.2AI score0.00442EPSS
Exploits1References4
NVD
NVD
added 2002/12/31 5:0 a.m.16 views

CVE-2002-2324

The "System Restore" directory and subdirectories, and possibly other subdirectories in the "System Volume Information" directory on Windows XP Professional, have insecure access control list ACL permissions, which allows local users to access restricted files and modify registry settings...

7.2CVSS6.4AI score0.01772EPSS
Exploits1References3
exploitpack
exploitpack
added 2002/08/10 12:0 a.m.22 views

Midicart ASP - Remote Customer Information Retrieval

Midicart ASP - Remote Customer Information Retrieval source: https://www.securityfocus.com/bid/5438/info Midicart ASP is a commercially available e-commerce solution distributed by Coxco Support. It is available for the Microsoft Windows operating system. The default installation of Midicart ASP...

0.1AI score
Exploits0
Cvelist
Cvelist
added 2002/06/25 4:0 a.m.26 views

CVE-2002-0066

Funk Software Proxy Host 3.x before 3.09A creates a Named Pipe that does not require authentication and is installed with insecure access control, which allows local and possibly remote users to use the Proxy Host's configuration utilities and gain privileges...

6.9AI score0.01635EPSS
Exploits0References3
Rows per page
Query Builder