1219 matches found
CVE-2024-37132
Dell PowerScale OneFS versions 8.2.2.x through 9.8.0.0 contain an incorrect privilege assignment vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Denial of service and Elevation of privileges...
CVE-2024-37132
Dell PowerScale OneFS
The vulnerability of the Anti-Malware Service component of VIPRE Advanced Security software allows a hacker to increase their privileges.
The vulnerability of the Anti-Malware Service component in VIPRE Advanced Security software is related to improper privilege assignment. Exploiting this vulnerability allows attackers to enhance their privileges and circumvent security restrictions...
CVE-2024-31912
IBM MQ 9.3 LTS and 9.3 CD could allow an authenticated user to escalate their privileges under certain configurations due to incorrect privilege assignment. IBM X-Force ID: 289894...
CVE-2024-31912 IBM MQ privilege escalation
IBM MQ 9.3 LTS and 9.3 CD could allow an authenticated user to escalate their privileges under certain configurations due to incorrect privilege assignment. IBM X-Force ID: 289894...
The vulnerability of the NVIDIA Virtual GPU Manager driver, which allows a hacker to elevate their privileges or cause service interruptions.
The vulnerability of the NVIDIA Virtual GPU Manager driver relates to the improper assignment of privileges. Exploiting this vulnerability allows an attacker to enhance their privileges or cause service interruptions...
The vulnerability of the XWiki platform, which is related to incorrect privilege assignment, allows a perpetrator to execute arbitrary code.
The XWiki platform has a vulnerability related to incorrect privilege assignment. Exploiting this vulnerability allows an attacker to execute arbitrary code remotely...
VulnCheck KEV: CVE-2024-35700
Incorrect Privilege Assignment vulnerability in DeluxeThemes Userpro userpro.This issue affects Userpro: from n/a through = 5.1.8...
Siemens SIMATIC RTLS Locating Manager Incorrectly Assigns Critical Resource Privileges Vulnerability
SIMATIC RTLS Locating Manager is used to configure, operate and maintain the SIMATIC RTLS unit, a real-time wireless positioning system that provides locating solutions. Siemens SIMATIC RTLS Locating Manager suffers from an incorrect assignment of critical resource privileges vulnerability, which...
Security Bulletin: IBM Storage Fusion HCI is vulnerable to denial of service, authentication bypass, and incorrect privilege assignment due to Golang vulnerabilities.
Summary IBM Storage Fusion HCI uses Golang packages that may cause Fusion to be vulnerable to denial of service, authentication bypass, and incorrect privilege assignment. CVE-2018-20699, CVE-2023-48795, CVE-2022-21698, CVE-2021-41190, CVE-2023-39325, CVE-2022-29526, CVE-2023-45288. Vulnerability...
RHEL 8 : golang (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - golang: crypto/elliptic: incorrect operations on the P-224 curve CVE-2021-3114 - golang: html/template:...
Fedora 40 : chisel (2023-b29031a7aa)
The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-b29031a7aa advisory. Automatic update for chisel-1.9.0-1.fc40. Changelog Sun Aug 20 2023 Filipe Rosset - 1.9.0-1 - Update to 1.9.0 fixes rhbz2113146 rhbz2163065...
GHSA-R76G-G87F-VW8F Kubelet Incorrect Privilege Assignment
In kubelet v1.13.6 and v1.14.2, containers for pods that do not specify an explicit runAsUser attempt to run as uid 0 root on container restart, or if the image was previously pulled to the node. If the pod specified mustRunAsNonRoot: true, the kubelet will refuse to start the container as root. ...
Kubelet Incorrect Privilege Assignment
In kubelet v1.13.6 and v1.14.2, containers for pods that do not specify an explicit runAsUser attempt to run as uid 0 root on container restart, or if the image was previously pulled to the node. If the pod specified mustRunAsNonRoot: true, the kubelet will refuse to start the container as root. ...
VulnCheck KEV: CVE-2024-32959
Incorrect Privilege Assignment vulnerability in Sirv CDN and Image Hosting Sirv sirv.This issue affects Sirv: from n/a through = 7.2.2...
The vulnerability in the set of VMware Tools relates to improper privilege assignment, allowing a malicious actor to circumvent existing security restrictions.
The vulnerability of the VMware Tools set is related to the vulnerability of handling the file descriptor in the vmware-user-suid-wrapper layer. Exploiting this vulnerability allows a malicious actor to bypass existing security restrictions remotely...
BIT-GOLANG-2022-29526
Go before 1.17.10 and 1.18.x before 1.18.2 has Incorrect Privilege Assignment. When called with a non-zero flags parameter, the Faccessat function could incorrectly report that a file is accessible...
The vulnerability of Fortify ScanCentral DAST, a web application security scanner, relates to improper privilege assignment, allowing attackers to elevate their privileges.
The vulnerability of Fortify ScanCentral DAST, a security scanner for web applications, is related to improper privilege assignment. Exploiting this vulnerability can allow an attacker, operating remotely, to increase their privileges...
CVE-2023-6815
Incorrect Privilege Assignment vulnerability in Mitsubishi Electric Corporation MELSEC iQ-R Series Safety CPU R08/16/32/120SFCPU all versions and MELSEC iQ-R Series SIL2 Process CPU R08/16/32/120PSFCPU all versions allows a remote authenticated attacker who has logged into the product as a...
Mitsubishi Electric MELSEC iQ-R Series Safety CPU and SIL2 Process CPU (Update A)
View CSAF 1. EXECUTIVE SUMMARY CVSS v3 6.5 ATTENTION : Exploitable remotely/low attack complexity Vendor : Mitsubishi Electric Equipment : MELSEC iQ-R Series Safety CPU and SIL2 Process CPU Vulnerability : Incorrect Privilege Assignment 2. RISK EVALUATION Successful exploitation of this...