55 matches found
ONLYOFFICE 授权问题漏洞
Ascensio System ONLYOFFICE is an office software from Ascensio System, Latvia. A security vulnerability exists in all versions of ONLYOFFICE prior to 2021-11-08, which stems from being affected by incorrect access control. Due to a weak default URL signature key, it is possible to forge a signed...
WordPress reSmush.it Image Optimizer License Issue Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. An authorization issue...
OpenHarmony 授权问题漏洞
OpenHarmony is a kind of Hongmeng operating system open source project of China OpenAtom Foundation Foundation. A security vulnerability exists in OpenHarmony-v3.1.2 version and earlier versions, which can be exploited by LAN attackers to bypass distributed privilege control...
WWBN AVideo 授权问题漏洞
WWBN AVideo is a video platform builder written in PHP by the WWBN team. A security vulnerability exists in WWBN AVideo version 11.6, which stems from an incorrect password check in the login function...
Priority Software Priority 授权问题漏洞
Priority Software Priority is an ERP solution from Priority Software, Israel. A security vulnerability exists in Priority Software Priority. An attacker could exploit the vulnerability to verify which users are in the system and which are not...
Jenkins Jianliao Notification Plugin License Issue Vulnerability
Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is an application. Jenkins Plugin is an application that provides hundreds of plugins to support building, deploying, and automating any project. An attacker with overall/read permissions could exploit this vulnerability to...
Remote Desktop License Issue with RDS Per Device CALs
Users might see the following error message. Remote Desktop License IssueThere is a problem with your Remote Desktop License, and your session will be disconnected in 60 minutes. Contact your system administrator to fix this problem Screenshot: It occurs when VDA uses RDS Per Device CALs, User...
Microsoft Windows App Store 权限许可和访问控制问题漏洞
Microsoft Windows App Store is an application store for downloading software from Microsoft Corporation USA. A vulnerability exists in the Microsoft Windows App Store with privilege license and access control issues. The following products and editions are affected: Windows 10 Version 20H2 for...
Jetbrains JetBrains IntelliJ IDEA 权限许可和访问控制问题漏洞
Jetbrains JetBrains IntelliJ IDEA is a suite of integrated development environments for the Java language from the Czech company JetBrains Jetbrains. IntelliJ IDEA suffers from a privilege license and access control issue vulnerability that stems from the application not properly imposing securit...
Hillrom Welch Allyn CardioProducts 授权问题漏洞
Hillrom Welch Allyn CardioProducts is a comprehensive cardiopulmonary data management system from Hillrom USA that works the way you do, allowing you to transform any computer or laptop into an efficient diagnostic solution. A security vulnerability exists in Hillrom Welch Allyn CardioProducts,...
ShinHer StudyOnline System License Issue Vulnerability
ShinHer StudyOnline System is a school administration system from ShinHer, China. " feature is not controlled by permissions. An attacker could use this vulnerability to access other users' message board content by setting URL parameters after logging in with user privileges...
Emlog Authorization Issues Vulnerabilities
Emlog is a PHP and MySQL based CMS builder for Emlog personal developers. A license issue vulnerability exists in Emlog, which stems from the product's lack of an effective restriction added to the admin/plugin.php file deletion feature. An attacker can exploit this vulnerability to delete...
Microsoft Win32k 权限许可和访问控制问题漏洞
Microsoft Win32k is a system file for Windows multi-user administration by Microsoft Corporation USA. Microsoft Windows Win32K is vulnerable to privilege license and access control issues. The following products and editions are affected:Windows 10 Version 21H1 for x64-based Systems,Windows 10...
Emlog 授权问题漏洞
Emlog is a PHP and MySQL based CMS builder for Emlog personal developers. A license issue vulnerability exists in Emlog, which stems from the product's lack of an effective restriction added to the admin/plugin.php file deletion feature. An attacker can exploit this vulnerability to delete...
Tenable Network Security Nessus 权限许可和访问控制问题漏洞
Tenable Network Security Nessus is an open source system vulnerability scanner from Tenable Network Security, USA. A security vulnerability exists in Nessus Agent 8.2.4 and earlier versions on Windows systems that allows authenticated local administrators to run specific Windows executables as a...
LabCup 授权问题漏洞
LabCup is a laboratory and research organization software management system from LabCup Ireland. It helps academic researchers and safety officers with chemical inventory management, risk assessment and compliance. An authorization issue vulnerability exists in LabCup, which arises from the abili...
SIEMENS DIGSI 4 Privilege License and Access Control Issues Vulnerability
SIEMENS DIGSI 4 is a driver from SIEMENS USA. Provides device driver functionality. A privilege license and access control issue vulnerability exists in SIEMENS DIGSI 4. The vulnerability stems from the fact that several folders in \%PATH\% can be written to by a normal user, and can be exploited...
Siemens Simatic Hmi License Issue Vulnerability
Siemens Simatic Hmi is a device from Siemens Germany that provides human-computer interaction for industrial automation equipment. Siemens Simatic Hmi has an authorization issue vulnerability that can be exploited by an attacker to run code via an unauthenticated Telnet exploit use...
Microsoft Windows splwow64 License Issue Vulnerability
Microsoft Windows splwow64 is a printing-related program on Windows systems from Microsoft Corporation USA. Microsoft splwow64 suffers from a License Issue vulnerability, for which no information is available at this time, please stay tuned to CNNVD or the vendor's announcement. The following...
Microsoft Windows Licensing Issues Vulnerabilities
Microsoft Windows is an operating system for personal devices from Microsoft Corporation. There is a license issue vulnerability in Microsoft Windows, no information about this vulnerability is available at this time, please stay tuned to CNNVD or vendor announcements. The following products and...