IBM Security Directory Suite VA Information Disclosure Vulnerability

IBM Security Directory Suite is a scalable, standards-based identity platform from International Business Machines IBM that simplifies identity and directory management. An information disclosure vulnerability exists in IBM Security Directory Suite VA, which could be exploited by an attacker to...

Siemens SICAM Q200 Privilege Assignment Error Vulnerability

The SICAM Q200 is a multifunctional device for detecting, reporting and analyzing measured values and events. A privilege assignment error vulnerability exists in the Siemens SICAM Q200, which can be exploited by an attacker to impersonate a legitimate application user...

Siemens POWER METER SICAM 安全漏洞

The SICAM Q200 is a multifunctional device for detecting, reporting and analyzing measured values and events. A privilege assignment error vulnerability exists in the Siemens SICAM Q200, which can be exploited by an attacker to impersonate a legitimate application user...

CVE-2023-2485 Incorrect Privilege Assignment in GitLab

An issue has been discovered in GitLab CE/EE affecting all versions starting from 14.1 before 15.10.8, all versions starting from 15.11 before 15.11.7, all versions starting from 16.0 before 16.0.2. A malicious maintainer in a project can escalate other users to Owners in that project if they...

The vulnerability of the microprogrammed software of the wireless VoIP router ICOM SR-7100VN, related to improper privilege assignment, allows a hacker to elevate their privileges.

The vulnerability of the microprogrammed software of the wireless VoIP router ICOM SR-7100VN is related to the improper assignment of privileges. Exploiting this vulnerability can allow a malicious actor to enhance their privileges remotely...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : go1.18-openssl (SUSE-SU-2023:2312-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:2312-1 advisory. - Acceptance of some invalid Transfer-Encoding headers in the HTTP/1 client in net/http before G...

The vulnerability of the /etc/init.d/openfire file in the PBX server of the corporate IP telephony management system CoreDial sipXcom sipXopenfire allows a attacker to escalate their privileges or execute arbitrary commands.

The vulnerability of the /etc/init.d/openfire file in the CoreDial sipXcom sipXopenfire server of the corporate IP-telephony management system is related to improper privilege assignment. Exploiting this vulnerability could allow an attacker to enhance their privileges or execute arbitrary comman...

Fortinet FortiClientWindows 安全漏洞

Fortinet FortiClientWindows is a Windows-based mobile endpoint security solution from Fortinet. The solution provides IPsec and SSL encryption, WAN optimization, endpoint compliance and two-factor authentication when connected to a FortiGate firewall appliance. Fortinet FortiClientWindows has an...

Amazon Linux 2023 : compat-golang-github-cpuguy83-md2man-2-devel, golang-github-cpuguy83-md2man, golang-github-cpuguy83-md2man-devel (ALAS2023-2023-047)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2023-047 advisory. 2023-05-11: CVE-2022-1996 has changed status to NOT AFFECTED for this package and has been removed from this advisory. A flaw was found in golang. The HTTP/1 client accepted invalid...

Amazon Linux 2023 : golist (ALAS2023-2023-046)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2023-046 advisory. 2023-05-11: CVE-2022-1996 has changed status to NOT AFFECTED for this package and has been removed from this advisory. A flaw was found in golang. The HTTP/1 client accepted invalid...

Amazon Linux 2023 : golang, golang-bin, golang-misc (ALAS2023-2023-048)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2023-048 advisory. A vulnerability was found in archive/zip of the Go standard library. Applications written in Go can panic or potentially exhaust system memory when parsing malformed ZIP files. CVE-2021-33196 A...

CVE-2022-48284

A piece of Huawei whole-home intelligence software has an Incorrect Privilege Assignment vulnerability. Successful exploitation of this vulnerability could allow attackers to access restricted functions...

CVE-2022-48284

A piece of Huawei whole-home intelligence software has an Incorrect Privilege Assignment vulnerability. Successful exploitation of this vulnerability could allow attackers to access restricted functions...

CVE-2022-48283

A piece of Huawei whole-home intelligence software has an Incorrect Privilege Assignment vulnerability. Successful exploitation of this vulnerability could allow attackers to access restricted functions...

CVE-2022-48283

A piece of Huawei whole-home intelligence software has an Incorrect Privilege Assignment vulnerability. Successful exploitation of this vulnerability could allow attackers to access restricted functions...

CVE-2022-48283

A piece of Huawei whole-home intelligence software has an Incorrect Privilege Assignment vulnerability. Successful exploitation of this vulnerability could allow attackers to access restricted functions...

CVE-2022-48284

A piece of Huawei whole-home intelligence software has an Incorrect Privilege Assignment vulnerability. Successful exploitation of this vulnerability could allow attackers to access restricted functions...

CVE-2022-48283

CVE-2022-48283 concerns Huawei’s whole-home intelligence software with an Incorrect Privilege Assignment vulnerability. The available sources state that exploitation could allow attackers to access restricted functions, implying a potentially high impact on confidentiality, integrity, and availab...

CVE-2022-48284

CVE-2022-48284 affects Huawei’s whole-home intelligence software (Huawei HiLink AI Life) with an Incorrect Privilege Assignment vulnerability in authorization/privilege handling. Root cause is a permission assignment error that can allow an attacker to access restricted functions. Documented impa...

CVE-2022-48284

A piece of Huawei whole-home intelligence software has an Incorrect Privilege Assignment vulnerability. Successful exploitation of this vulnerability could allow attackers to access restricted functions...