485 matches found
PT-2024-6522 · Rockwell Automation · Rockwell Automation Pavilion8
Name of the Vulnerable Software and Affected Versions: Rockwell Automation Pavilion8 affected versions not specified Description: The issue is related to insecure privilege management, allowing a threat actor to view sensitive information and change settings due to an incorrect privilege matrix...
The vulnerability of the Citrix Workspace App for Windows lies in its insecure handling of privileges, allowing an attacker to elevate their privileges to the SYSTEM level.
The vulnerability of the Citrix Workspace App for Windows relates to insecure management of privileges. Exploiting this vulnerability could allow an attacker to elevate their privileges to the SYSTEM level...
PT-2024-9165 · Nextcloud +2 · Nextcloud Enterprise Server +3
Name of the Vulnerable Software and Affected Versions: Nextcloud Server versions prior to 22.2.11 Nextcloud Server versions prior to 23.0.11 Nextcloud Server versions prior to 24.0.6 Nextcloud Enterprise Server versions prior to 22.2.11 Nextcloud Enterprise Server versions prior to 23.0.11...
GL.iNet多款产品 路径遍历漏洞
GL.iNet MT300N-V2 and others are products of China's GL.iNet. GL.iNet MT300N-V2 is a mini router. GL.iNet AR750 is a router. GL.iNet AR300M is a router. A path traversal vulnerability exists in various GL.iNet products, which originates from an insecure privilege in the /cgi-bin/glc interface. Th...
The vulnerability of the SINEMA Remote Connect VPN service lies in the insecure management of privileges, allowing a malicious actor to create a user with administrator privileges.
The vulnerability of the SINEMA Remote Connect VPN service relates to insecure management of privileges. Exploiting this vulnerability could allow a malicious actor to create a user with administrator privileges...
The vulnerability of the Brokering File System (BFS) of the Windows operating system, which allows a hacker to increase their privileges
The vulnerability of the Brokering File System BFS in the Windows operating system is related to insecure management of privileges. Exploiting this vulnerability can allow an attacker to increase their privileges...
Advisory ROSA-SA-2024-2452
software: redis 7.0.14 OS: ROSA-CHROME packageevrstring: redis-7.0.14-1 CVE-ID: CVE-2023-41053 BDU-ID: 2023-05475 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the Redis database management system is related to insecure privilege management. Exploitation of the vulnerability could allow an...
PT-2024-7934 · Zohocorp · Manageengine Endpoint Central
Name of the Vulnerable Software and Affected Versions: Zohocorp ManageEngine EndPoint Central versions 11.3.2416.21 and below Zohocorp ManageEngine EndPoint Central versions 11.3.2428.9 and below Description: The issue is related to arbitrary file deletion in the agent installed machines due to...
PT-2024-9958 · Ca · Ca Client Automation
Name of the Vulnerable Software and Affected Versions: CA Client Automation ITCM affected versions not specified Description: The issue is related to insecure privilege management in the CA Client Automation software, which allows non-admin or non-root users to encrypt strings using the CAF CLI a...
PT-2024-4212 · Palo Alto Networks · Palo Alto Networks Cortex Xdr Agent
Name of the Vulnerable Software and Affected Versions: Palo Alto Networks Cortex XDR Agent affected versions not specified Description: A privilege escalation vulnerability in the Palo Alto Networks Cortex XDR agent on Windows devices allows a local user to execute programs with elevated...
The vulnerability of Telit Cinterion modem’s microprogramming software relates to insecure privilege management, allowing attackers to escalate their privileges within the system.
The vulnerability of Telit Cinterion modem’s microprogramming software is related to insecure management of privileges. Exploiting this vulnerability can allow attackers to enhance their privileges within the system...
The vulnerability of the Core component of the Oracle VM VirtualBox software allows a hacker to gain increased privileges.
The vulnerability of the Core component of the Oracle VM VirtualBox software lies in the insecure management of privileges. Exploiting this vulnerability can allow an attacker to enhance their privileges...
PT-2024-2989 · Palo Alto Networks · Pan-Os
Name of the Vulnerable Software and Affected Versions: Palo Alto Networks PAN-OS affected versions not specified Description: The issue is related to insecure privilege management in the GlobalProtect Gateway of the PAN-OS software. It allows an authenticated attacker to impersonate another user...
PT-2024-4986 · Microsoft · Brokering File System +1
Name of the Vulnerable Software and Affected Versions: Microsoft Brokering File System affected versions not specified Description: The issue is related to insecure privilege management in the Microsoft Brokering File System, which can be exploited to elevate privileges. This could allow an...
PT-2024-3027 · Microsoft · Windows
Name of the Vulnerable Software and Affected Versions: Windows affected versions not specified Description: The issue is related to an elevation-of-privilege vulnerability in Windows Storage Services, which is caused by insecure privilege management. This vulnerability can be exploited by an...
The vulnerability of the PowerScale OneFS operating system, related to insecure privilege management, allows attackers to escalate their privileges.
The vulnerability of the PowerScale OneFS operating system is related to insecure management of privileges. Exploiting this vulnerability can allow an attacker to enhance their privileges...
The vulnerability of the web interface of the operating system PAN-OS in the centralized network switch management system of Palo Alto Networks Panorama allows a hacker to enhance their privileges.
The vulnerability of the PAN-OS operating system’s web interface in the Palo Alto Networks Panorama network switch management system is related to insecure privilege management. Exploiting this vulnerability allows a malicious actor to enhance their privileges remotely...
PT-2024-4469 · Opentext · Opentext Content Manager
Name of the Vulnerable Software and Affected Versions: OpenText Content Manager affected versions not specified Description: The issue is related to insecure privilege management in OpenText Content Manager. It allows a remote attacker to elevate privileges or perform arbitrary actions...
The vulnerability of the application programming interface of the Grafana data visualization web tool allows a perpetrator to gain unauthorized access to limited functions.
The vulnerability of the application programming interface of the Grafana data visualization web tool is related to insecure management of privileges. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to limited functions...
The vulnerability of Kaspersky Endpoint Security’s antivirus protection for Windows relates to the insecure management of privileges, allowing a malicious actor to disable the security modules.
The vulnerability of Kaspersky Endpoint Security’s antivirus protection for Windows relates to the insecure management of privileges. Exploiting this vulnerability could allow a malicious actor to temporarily disable the protection modules during product installation or reinstallation scenarios...