Lucene search
K

104 matches found

BDU FSTEC
BDU FSTEC
added 2022/07/08 12:0 a.m.8 views

Vulnerability in the Jupiter Theme and JupiterX Core plugins of the WordPress content management system, allowing attackers to increase their privileges

The vulnerability in the Jupiter Theme and JupiterX Core plugins of the WordPress content management system is related to insecure handling of privileges. Exploiting this vulnerability could allow a malicious actor to increase their privileges remotely...

10CVSS7.5AI score0.01498EPSS
Exploits1References2Affected Software2
BDU FSTEC
BDU FSTEC
added 2022/05/05 12:0 a.m.8 views

The vulnerability of the Bind Filter Driver for Windows operating systems allows attackers to increase their privileges.

The vulnerability of the Bind Filter Driver for Windows operating systems is related to insecure management of privileges. Exploiting this vulnerability can allow attackers to enhance their privileges...

7.8CVSS7.3AI score0.00456EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2022/05/05 12:0 a.m.7 views

The vulnerability of the Log4j Java logging library lies in its insecure handling of privileges, allowing attackers to escalate their privileges.

The vulnerability of the Log4j Java logging library lies in the insecure management of privileges. Exploiting this vulnerability can allow an attacker to enhance their privileges...

8.8CVSS7.8AI score0.00361EPSS
Exploits1References4Affected Software1
OSV
OSV
added 2022/05/04 2:15 p.m.3 views

CVE-2022-25782

Improper Handling of Insufficient Privileges vulnerability in Web UI of Secomea GateManager allows logged in user to access and update privileged information. This issue affects: Secomea GateManager versions prior to 9.7...

5.4CVSS6.1AI score0.00466EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2022/05/04 2:15 p.m.2 views

CVE-2022-25782

Improper Handling of Insufficient Privileges vulnerability in Web UI of Secomea GateManager allows logged in user to access and update privileged information. This issue affects: Secomea GateManager versions prior to 9.7...

5.5CVSS6.1AI score0.00466EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2022/03/16 12:0 a.m.9 views

The vulnerability of the Windows Common Log File System Driver in the Windows operating system allows a hacker to gain increased privileges.

The vulnerability of the Windows Common Log File System Driver in the operating system is related to insecure management of privileges. Exploiting this vulnerability can allow an attacker to enhance their privileges...

7.8CVSS7.4AI score0.03072EPSS
Exploits1References4
BDU FSTEC
BDU FSTEC
added 2022/03/09 12:0 a.m.10 views

The vulnerability of the Cryptographic Services in the Microsoft Windows operating system allows a perpetrator to enhance their privileges.

The vulnerability of the Cryptographic Services in the Microsoft Windows operating system is related to the insecure management of privileges. Exploiting this vulnerability can allow attackers to enhance their privileges...

7.8CVSS7.3AI score0.00669EPSS
Exploits0References3
OSV
OSV
added 2022/03/04 1:51 p.m.9 views

SUSE-SU-2022:0735-1 Security update for zsh

This update for zsh fixes the following issues: - CVE-2021-45444: Fixed a vulnerability where arbitrary shell commands could be executed related to prompt expansion bsc1196435. - CVE-2019-20044: Fixed a vulnerability where shell privileges would not be properly dropped when unsetting the PRIVILEG...

7.8CVSS7.8AI score0.0198EPSS
Exploits0References5
Github Security Blog
Github Security Blog
added 2022/02/09 10:37 p.m.44 views

Improper privilege handling in Apache Accumulo

Apache Accumulo versions 1.5.0 through 1.10.0 and version 2.0.0 do not properly check the return value of some policy enforcement functions before permitting an authenticated user to perform certain administrative operations. Specifically, the return values of the 'canFlush' and...

8.1CVSS7.8AI score0.03655EPSS
Exploits0References8Affected Software1
CNNVD
CNNVD
added 2021/11/16 12:0 a.m.7 views

Microsoft Windows Update Assistant 权限许可和访问控制问题漏洞

Microsoft Windows Update Assistant, a system update tool from Microsoft Corporation, contains an elevation of privilege vulnerability that stems from a lack of filtering and restriction on privilege handling, which could be exploited by an attacker to The vulnerability is caused by a lack of...

7.1CVSS5.7AI score0.00743EPSS
Exploits0References5
BDU FSTEC
BDU FSTEC
added 2021/10/13 12:0 a.m.12 views

The vulnerability of Visual Studio Code’s source editor lies in its insecure handling of privileges, allowing attackers to elevate their privileges.

The vulnerability of Visual Studio Code’s source editor is related to the insecure management of privileges. Exploiting this vulnerability could allow an attacker to enhance their privileges...

7.8CVSS7.2AI score0.00491EPSS
Exploits0References2
CNNVD
CNNVD
added 2021/10/07 12:0 a.m.7 views

Johnson Controls exacqVision Web Service 安全漏洞

Johnson Controls exacqVision Web Service is a Johnson Controls, Inc. program that supports viewing live video, searching and playing video using a Web browser. A security vulnerability exists in Johnson Controls exacqVision Web Service that stems from the software not properly assigning, modifyin...

9.8CVSS8.3AI score0.01504EPSS
Exploits0References6
CNNVD
CNNVD
added 2021/09/23 12:0 a.m.19 views

PHP 路径遍历漏洞

PHP is a scripting language that executes on the server side. A security vulnerability exists in PHP that arises from a lack of effective privilege-granting and access-control measures in a networked system or product...

6.5CVSS7.1AI score0.01337EPSS
Exploits0References7
OSV
OSV
added 2021/05/25 5:15 p.m.5 views

CVE-2020-10072

Improper Handling of Insufficient Permissions or Privileges in zephyr. Zephyr versions = v1.14.2, = v2.2.0 contain Improper Handling of Insufficient Permissions or Privileges CWE-280. For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-vf79-hqwm-w4xc...

5.3CVSS5.5AI score0.00201EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2021/03/30 12:0 a.m.8 views

The vulnerability of the Windows operating system, related to insecure management of privileges, allows a perpetrator to elevate their privileges.

The vulnerability of the Win32k component of the Windows operating system is related to insecure management of privileges. Exploiting this vulnerability can allow an attacker to enhance their privileges...

7.8CVSS7.1AI score0.12233EPSS
Exploits1References4
OSV
OSV
added 2021/02/23 8:32 a.m.6 views

SUSE-SU-2021:0551-1 Security update for avahi

This update for avahi fixes the following issues: - CVE-2021-26720: drop privileges when invoking avahi-daemon-check-dns.sh bsc1180827 - Update avahi-daemon-check-dns.sh from Debian. Our previous version relied on ifconfig, route, and init.d. - Add sudo to requires: used to drop privileges...

7.8CVSS7.6AI score0.00395EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2021/02/23 12:0 a.m.5 views

The vulnerability of the Spring Framework software platform, related to insecure management of privileges, allows attackers to compromise the confidentiality and integrity of protected information.

The vulnerability of the Spring Framework software platform is related to insecure management of privileges. Exploiting this vulnerability allows a malicious actor to compromise the confidentiality and integrity of the protected information...

8.7CVSS7AI score0.10736EPSS
Exploits1References21Affected Software7
OSV
OSV
added 2020/12/27 2:15 a.m.3 views

CVE-2020-8290

Backblaze for Windows and Backblaze for macOS before 7.0.0.439 suffer from improper privilege management in bztransmit helper due to lack of permission handling and validation before creation of client update directories allowing for local escalation of privilege via rogue client update binary...

7.8CVSS7.1AI score0.00582EPSS
Exploits2References3
BDU FSTEC
BDU FSTEC
added 2020/11/26 12:0 a.m.6 views

The vulnerability of the Print Configuration configuration implementation in Windows operating systems allows attackers to exploit their privileges.

The vulnerability of the Print Configuration configuration on Windows operating systems is related to insecure management of privileges. Exploiting this vulnerability can allow an attacker to enhance their privileges...

7.8CVSS7.2AI score0.00975EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2020/11/24 12:0 a.m.7 views

The vulnerability of the Port Class Library in the Windows operating system allows attackers to enhance their privileges.

The vulnerability of the Port Class Library in the Windows operating system is related to insecure management of privileges. Exploiting this vulnerability can allow an attacker to enhance their privileges...

7.8CVSS7.1AI score0.01026EPSS
Exploits0References3
Rows per page
Query Builder