Lucene search
K

485 matches found

Positive Technologies
Positive Technologies
added 2024/09/11 12:0 a.m.3 views

PT-2024-6522 · Rockwell Automation · Rockwell Automation Pavilion8

Name of the Vulnerable Software and Affected Versions: Rockwell Automation Pavilion8 affected versions not specified Description: The issue is related to insecure privilege management, allowing a threat actor to view sensitive information and change settings due to an incorrect privilege matrix...

9.1CVSS6.7AI score0.00452EPSS
Exploits0References8
BDU FSTEC
BDU FSTEC
added 2024/08/26 12:0 a.m.5 views

The vulnerability of the Citrix Workspace App for Windows lies in its insecure handling of privileges, allowing an attacker to elevate their privileges to the SYSTEM level.

The vulnerability of the Citrix Workspace App for Windows relates to insecure management of privileges. Exploiting this vulnerability could allow an attacker to elevate their privileges to the SYSTEM level...

7.8CVSS7.7AI score0.00386EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2024/08/12 12:0 a.m.5 views

PT-2024-9165 · Nextcloud +2 · Nextcloud Enterprise Server +3

Name of the Vulnerable Software and Affected Versions: Nextcloud Server versions prior to 22.2.11 Nextcloud Server versions prior to 23.0.11 Nextcloud Server versions prior to 24.0.6 Nextcloud Enterprise Server versions prior to 22.2.11 Nextcloud Enterprise Server versions prior to 23.0.11...

9.8CVSS5.6AI score0.01041EPSS
Exploits6References93
CNNVD
CNNVD
added 2024/08/06 12:0 a.m.5 views

GL.iNet多款产品 路径遍历漏洞

GL.iNet MT300N-V2 and others are products of China's GL.iNet. GL.iNet MT300N-V2 is a mini router. GL.iNet AR750 is a router. GL.iNet AR300M is a router. A path traversal vulnerability exists in various GL.iNet products, which originates from an insecure privilege in the /cgi-bin/glc interface. Th...

9.8CVSS6.8AI score0.20561EPSS
Exploits1References3
BDU FSTEC
BDU FSTEC
added 2024/07/23 12:0 a.m.4 views

The vulnerability of the SINEMA Remote Connect VPN service lies in the insecure management of privileges, allowing a malicious actor to create a user with administrator privileges.

The vulnerability of the SINEMA Remote Connect VPN service relates to insecure management of privileges. Exploiting this vulnerability could allow a malicious actor to create a user with administrator privileges...

9CVSS7.2AI score0.00242EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2024/07/22 12:0 a.m.6 views

The vulnerability of the Brokering File System (BFS) of the Windows operating system, which allows a hacker to increase their privileges

The vulnerability of the Brokering File System BFS in the Windows operating system is related to insecure management of privileges. Exploiting this vulnerability can allow an attacker to increase their privileges...

7.8CVSS7.7AI score0.00464EPSS
Exploits0References2
Rosalinux
Rosalinux
added 2024/07/15 10:11 a.m.22 views

Advisory ROSA-SA-2024-2452

software: redis 7.0.14 OS: ROSA-CHROME packageevrstring: redis-7.0.14-1 CVE-ID: CVE-2023-41053 BDU-ID: 2023-05475 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the Redis database management system is related to insecure privilege management. Exploitation of the vulnerability could allow an...

3.3CVSS4.1AI score0.0034EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2024/07/11 12:0 a.m.7 views

PT-2024-7934 · Zohocorp · Manageengine Endpoint Central

Name of the Vulnerable Software and Affected Versions: Zohocorp ManageEngine EndPoint Central versions 11.3.2416.21 and below Zohocorp ManageEngine EndPoint Central versions 11.3.2428.9 and below Description: The issue is related to arbitrary file deletion in the agent installed machines due to...

7CVSS7.4AI score0.00316EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2024/06/18 12:0 a.m.4 views

PT-2024-9958 · Ca · Ca Client Automation

Name of the Vulnerable Software and Affected Versions: CA Client Automation ITCM affected versions not specified Description: The issue is related to insecure privilege management in the CA Client Automation software, which allows non-admin or non-root users to encrypt strings using the CAF CLI a...

8.8CVSS6.8AI score0.00228EPSS
Exploits0References12
Positive Technologies
Positive Technologies
added 2024/06/12 12:0 a.m.9 views

PT-2024-4212 · Palo Alto Networks · Palo Alto Networks Cortex Xdr Agent

Name of the Vulnerable Software and Affected Versions: Palo Alto Networks Cortex XDR Agent affected versions not specified Description: A privilege escalation vulnerability in the Palo Alto Networks Cortex XDR agent on Windows devices allows a local user to execute programs with elevated...

7CVSS7.4AI score0.0013EPSS
Exploits0References7
BDU FSTEC
BDU FSTEC
added 2024/05/20 12:0 a.m.6 views

The vulnerability of Telit Cinterion modem’s microprogramming software relates to insecure privilege management, allowing attackers to escalate their privileges within the system.

The vulnerability of Telit Cinterion modem’s microprogramming software is related to insecure management of privileges. Exploiting this vulnerability can allow attackers to enhance their privileges within the system...

7.8CVSS7.4AI score0.00209EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2024/05/06 12:0 a.m.7 views

The vulnerability of the Core component of the Oracle VM VirtualBox software allows a hacker to gain increased privileges.

The vulnerability of the Core component of the Oracle VM VirtualBox software lies in the insecure management of privileges. Exploiting this vulnerability can allow an attacker to enhance their privileges...

7.8CVSS7.2AI score0.004EPSS
Exploits0References7Affected Software2
Positive Technologies
Positive Technologies
added 2024/04/10 12:0 a.m.4 views

PT-2024-2989 · Palo Alto Networks · Pan-Os

Name of the Vulnerable Software and Affected Versions: Palo Alto Networks PAN-OS affected versions not specified Description: The issue is related to insecure privilege management in the GlobalProtect Gateway of the PAN-OS software. It allows an authenticated attacker to impersonate another user...

5CVSS6.3AI score0.00349EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2024/04/09 12:0 a.m.5 views

PT-2024-4986 · Microsoft · Brokering File System +1

Name of the Vulnerable Software and Affected Versions: Microsoft Brokering File System affected versions not specified Description: The issue is related to insecure privilege management in the Microsoft Brokering File System, which can be exploited to elevate privileges. This could allow an...

7.8CVSS8.9AI score0.00464EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2024/04/09 12:0 a.m.6 views

PT-2024-3027 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Windows affected versions not specified Description: The issue is related to an elevation-of-privilege vulnerability in Windows Storage Services, which is caused by insecure privilege management. This vulnerability can be exploited by an...

7.8CVSS8.9AI score0.00582EPSS
Exploits0References8
BDU FSTEC
BDU FSTEC
added 2024/04/02 12:0 a.m.8 views

The vulnerability of the PowerScale OneFS operating system, related to insecure privilege management, allows attackers to escalate their privileges.

The vulnerability of the PowerScale OneFS operating system is related to insecure management of privileges. Exploiting this vulnerability can allow an attacker to enhance their privileges...

6CVSS5.5AI score0.00158EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/03/22 12:0 a.m.5 views

The vulnerability of the web interface of the operating system PAN-OS in the centralized network switch management system of Palo Alto Networks Panorama allows a hacker to enhance their privileges.

The vulnerability of the PAN-OS operating system’s web interface in the Palo Alto Networks Panorama network switch management system is related to insecure privilege management. Exploiting this vulnerability allows a malicious actor to enhance their privileges remotely...

4.3CVSS5.4AI score0.00563EPSS
Exploits0References4Affected Software1
Positive Technologies
Positive Technologies
added 2024/03/21 12:0 a.m.3 views

PT-2024-4469 · Opentext · Opentext Content Manager

Name of the Vulnerable Software and Affected Versions: OpenText Content Manager affected versions not specified Description: The issue is related to insecure privilege management in OpenText Content Manager. It allows a remote attacker to elevate privileges or perform arbitrary actions...

8.5CVSS7.2AI score0.00377EPSS
Exploits0References9
BDU FSTEC
BDU FSTEC
added 2024/03/13 12:0 a.m.8 views

The vulnerability of the application programming interface of the Grafana data visualization web tool allows a perpetrator to gain unauthorized access to limited functions.

The vulnerability of the application programming interface of the Grafana data visualization web tool is related to insecure management of privileges. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to limited functions...

8CVSS6.9AI score0.00802EPSS
Exploits0References4Affected Software2
BDU FSTEC
BDU FSTEC
added 2024/02/22 12:0 a.m.5 views

The vulnerability of Kaspersky Endpoint Security’s antivirus protection for Windows relates to the insecure management of privileges, allowing a malicious actor to disable the security modules.

The vulnerability of Kaspersky Endpoint Security’s antivirus protection for Windows relates to the insecure management of privileges. Exploiting this vulnerability could allow a malicious actor to temporarily disable the protection modules during product installation or reinstallation scenarios...

3.3CVSS5.5AI score
Exploits0References1Affected Software1
Rows per page
Query Builder