74 matches found
The vulnerability of the Windows Setup application installation process allows a hacker to exploit their privileges.
The vulnerability of the Windows Setup application’s installation service is related to errors in the use of standard permissions. Exploiting this vulnerability can allow an attacker to increase their privileges...
The vulnerability of software for configuring devices and monitoring SoMove metrics, related to errors in using standard permissions, allows a perpetrator to increase their privileges.
The vulnerability of software for configuring devices and monitoring SoMove metrics is related to errors in the use of standard permissions. Exploiting this vulnerability can allow an attacker to enhance their privileges...
The vulnerability of the software for general access to openstack-manila files, related to errors in using standard permissions, allows a perpetrator to gain unauthorized access to common files.
The vulnerability of the openstack-manila software for general access to files is related to errors in the use of standard permissions. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to common files, provided that the value of the UUID...
The vulnerability of Firefox browsers, related to errors in permission settings, allows attackers to gain access to confidential data and compromise its integrity.
The vulnerability of Firefox browsers is related to errors in permission settings. Exploiting this vulnerability can allow a remote attacker to access confidential data and compromise its integrity...
The vulnerability of the libzypp library in software developed for the SUSE CaaS Platform and SUSE Linux Enterprise Server allows a perpetrator to gain unauthorized access to information.
The vulnerability of the libzypp library in SUSE CaaS Platform and SUSE Linux Enterprise Server software is related to errors in the use of standard permissions. Exploiting this vulnerability can allow an attacker to gain unauthorized access to information...
The vulnerability of the baseURI component in browsers such as Firefox ESR, Firefox, and the email client Thunderbird allows attackers to influence the integrity of protected information.
The vulnerability of the baseURI component in browsers such as Firefox ESR, Firefox, and the email client Thunderbird is related to permission handling errors. Exploiting this vulnerability can allow a malicious actor to influence the integrity of protected information from a remote location...
The vulnerability of the Web interface of the Cisco Data Center Network Manager system allows a perpetrator to gain unauthorized access to protected information.
The vulnerability of the Web interface of the Cisco Data Center Network Manager DCNM system is related to errors in permission processing. Exploiting this vulnerability could allow a malicious actor to gain access to the protected files of the vulnerable device remotely...
Target Credential Issues by Authentication Protocol - No Issues Found
Valid credentials were provided for an authentication protocol on the remote target and Nessus did not log any subsequent errors or failures for the authentication protocol. When possible, Nessus tracks errors or failures related to otherwise valid credentials in order to highlight issues that ma...
CVE-2016-10086
RESTful web services in CA Service Desk Manager 12.9 and CA Service Desk Management 14.1 might allow remote authenticated users to read or modify task information by leveraging incorrect permissions applied to a RESTful request...
Users getting "XSRF Security Token Missing" when Creating Issues
When trying to use our JIRA instance we keep getting lots of permissions errors which makes JIRA very difficult to use. If we keep trying then eventually it works. This has been happening for about the last week or so. It's very annoying as you keep having to enter the issues of the JIRA you're...
Users getting "XSRF Security Token Missing" when Creating Issues
When trying to use our JIRA instance we keep getting lots of permissions errors which makes JIRA very difficult to use. If we keep trying then eventually it works. This has been happening for about the last week or so. It's very annoying as you keep having to enter the issues of the JIRA you're...
Moderate: Red Hat Security Advisory: openstack-swift security and bug fix update
Updated openstack-swift packages that fix one security issue and one bug are now available for Red Hat OpenStack 3.0 Grizzly Preview. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a...
[CVE-REQUEST] Plone XSS and permission errors
Hello all, As a member of the Plone security response team I hereby notify you that we have been made aware of three distinct security holes in Plone and are requesting CVE identifiers. 1. Reflected XSS attack A crafted URL can display arbitrary HTML output 2. Persistent XSS attack Certain valid...
Dovecot mail_extra_groups setting is often used insecurely
mailextragroups=mail setting is often used insecurely to give Dovecot access to create dotlocks to /var/mail directory. If you don't use mboxes in /var/mail, make sure this setting is cleared. If you do use /var/mail mboxes and Dovecot gives permission errors without it, do one of the following i...