Microsoft Windows Ancillary Function Driver for WinSock 权限许可和访问控制问题漏洞

Microsoft Windows Ancillary Function Driver for WinSock is a helper function driver for Winsock from Microsoft Corporation USA. A vulnerability exists in Microsoft Windows Ancillary Function Driver for WinSock due to privilege-granting and access control issues. The following products and edition...

The vulnerability of the Modbus protocol implementation in microprogrammed software for programmable logic controllers like Modicon Quantum allows a intruder to trigger malfunctions in the equipment or unauthorized changes to its configuration.

The vulnerability of the Modbus protocol implementation in microprogrammed logic controllers like Modicon Quantum is related to errors in privilege management. Exploiting this vulnerability could allow an attacker to cause service failures or unauthorized changes to the PLC’s configuration...

Apple macOS 权限许可和访问控制问题漏洞

Apple macOS is a suite of specialized operating systems developed for Mac computers by Apple Inc. in the United States. A vulnerability exists in Apple macOS Monterey prior to version 12.0.1 with privilege permission and access control issues that could allow a malicious application to bypass...

Sapphire IMS 权限许可和访问控制问题漏洞

Tecknodreams SapphireIMS is an ITIL 2011 certified Enterprise Service Management System from Tecknodreams India. Sapphire IMS 5.0 suffers from a Privilege Permission and Access Control Issues vulnerability that stems from the fact that in SapphireIMS 5.0, local administrators can be created on an...

HMI3 Control Panel 信任管理问题漏洞

Swisslog Healthcare Nexus Panel is a medical device from Swisslog Healthcare.A security vulnerability exists in the HMI3 Control Panel, which stems from an insecure privilege issue in the HMI3 Control Panel of the Swisslog Healthcare Nexus. No details of the vulnerability are currently available...

Apple macOS Big Sur 权限许可和访问控制问题漏洞

Apple macOS Big Sur is a mobile application app from Apple USA. Apple macOS Big Sur 11.5 suffers from a Permission Permission and Access Control Issue vulnerability that stems from an incorrect security restriction in Sandbox. The vulnerability allows a native application to bypass pre-existing...

SolarWinds DameWare Mini Remote Control 权限许可和访问控制问题漏洞

Solarwinds SolarWinds DameWare Mini Remote Control is a remote control software and desktop sharing tool from SolarWinds USA. A privilege permission and access control issue vulnerability exists in SolarWinds DameWare Mini Remote Control Server, which stems from insecure file permissions that all...

IBM Security Access Manager 输入验证错误漏洞

IBM Security Access Manager is a product for information security management applications from IBM, USA. The product enables access management control through integrated devices for web, mobile and cloud computing. IBM Security Access Manager Docker is vulnerable to a privilege permission and...

Joomla 权限许可和访问控制问题漏洞

Joomla is an open source, cross-platform content management system CMS developed using PHP and MySQL by the U.S. Open Source Matters team. A vulnerability exists in Joomla! Core 1.5.15 and prior versions 1.5.x in regards to privilege permission and access control issues. The vulnerability arises...

SAP Process Integration 资源管理错误漏洞

SAP Process Integration is a middleware provided by SAP Germany that enables SAP to seamlessly integrate with non-SAP applications in the company or with systems external to the company. A privilege permission and access control issue vulnerability exists in SAP Process Integration versions 7.10,...

Centreon Web 安全漏洞

Centreon Web is a set of open source system monitoring tools from the French company Centreon . The product mainly provides monitoring functions on the network , system and application resources . An upload bypass vulnerability exists in Centreon Web versions 19.10.18, 20.04.8, and 20.10.2, which...

CVE-2021-24197

The wpDataTables – Tables & Table Charts premium WordPress plugin before 3.4.2 has Improper Access Control. A low privilege authenticated user that visits the page where the table is published can tamper the parameters to access the data of another user that are present in the same table by takin...

OTRS AG OTRSCIsInCustomerFrontend 权限许可和访问控制问题漏洞

OTRS AG OTRSCIsInCustomerFrontend is a management system from OTRS USA. It provides modern, flexible ticket and process management services. A security vulnerability exists in OTRSCIsInCustomerFrontend that originates from viewing linked configuration items, which are defined in a common director...

OTRS AG OTRSCIsInCustomerFrontend 权限许可和访问控制问题漏洞

OTRS AG OTRSCIsInCustomerFrontend is a management system from OTRS USA. It provides modern, flexible ticket and process management services. A privilege permission and access control issue vulnerability exists in OTRS AG OTRSCIsInCustomerFrontend, which stems from an agent being able to view and...

Oracle Hospitality Reporting and Analytics Installation Privilege Permission and Access Control Issues Vulnerability

Oracle Hospitality Reporting and Analytics is a suite of restaurant sales management solutions from Oracle. A privilege permission and access control issue vulnerability exists in Oracle Hospitality Reporting and Analytics Installation version 9.1.0, which allows a low-privileged attacker to log ...

EulerOS 2.0 SP2 : ipmitool (EulerOS-SA-2020-1649)

According to the version of the ipmitool package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - It's been found that multiple functions in ipmitool before 1.8.19 neglect proper checking of the data received from a remote LAN party, which may...

ABB Ability System 800xA Privilege License and Access Control Issues Vulnerability

ABB Ability System 800xA is a distributed control system from ABB Switzerland for the industrial control industry. A privilege permission and access control issue vulnerability exists in ABB System 800xA all versions, which can be exploited by a local attacker to inject data and affect the view o...

Moderate: Red Hat Security Advisory: OpenShift Container Platform 3.11 openshift-enterprise-apb-base-container security update

An update for openshift-enterprise-apb-base-container is now available for Red Hat OpenShift Container Platform 3.11. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

ZTE E8820V3 Privilege and Access Control Vulnerability

The ZTE E8820V3 is a Gigabit Dual Band 1200M with WiFi Smart Router. A privilege and access control vulnerability exists in ZTE E8820V3 V3.1.0.1000.4 and earlier versions. An attacker can exploit this vulnerability to tamper with DDNS parameters and conduct denial of service attacks via a specifi...

Cisco Unified Customer Voice Portal Privilege Permission and Access Control Issues Vulnerability

Cisco Unified Customer Voice Portal CVP is a solution that provides automated Internet Protocol IP-based customer self-service and call routing as a stand-alone Interactive Voice Response IVR system or integrated with a contact center. Operations, Administration, Maintenance and Provisioning OAMP...