Lucene search
K

81 matches found

OSV
OSV
added 2021/02/23 12:5 p.m.6 views

SUSE-SU-2021:0563-1 Security update for avahi

This update for avahi fixes the following issues: - CVE-2021-26720: drop privileges when invoking avahi-daemon-check-dns.sh bsc1180827 - Add sudo to requires: used to drop privileges...

7.8CVSS7.5AI score0.00395EPSS
Exploits0References3
OSV
OSV
added 2021/02/22 12:55 p.m.7 views

SUSE-SU-2021:0545-1 Security update for postgresql13

This update for postgresql13 fixes the following issues: Upgrade to version 13.2: - Updating stored views and reindexing might be needed after applying this update. - CVE-2021-3393, bsc1182040: Fix information leakage in constraint-violation error messages. - CVE-2021-20229, bsc1182039: Fix failu...

4.3CVSS5.5AI score0.01466EPSS
Exploits2References5
RedHat Linux
RedHat Linux
added 2021/02/16 8:47 a.m.5 views

net-snmp: Improper Privilege Management in EXTEND MIB may lead to privileged commands execution

A flaw was found in Net-SNMP through version 5.73, where an Improper Privilege Management issue occurs due to SNMP WRITE access to the EXTEND MIB allows running arbitrary commands as root. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability...

7.8CVSS6.9AI score0.00382EPSS
Exploits0References4
CNVD
CNVD
added 2020/11/05 12:0 a.m.1 views

Apple macOS Catalina Privilege Permission and Access Control Issues Vulnerability

Apple macOS Catalina is a specialized operating system developed by Apple Inc. for Mac computers. A security vulnerability exists in Apple macOS Catalina versions prior to 10.15, which stems from a malicious application that may be able to access restricted files. No details of the vulnerability...

6.3CVSS6.5AI score0.0075EPSS
Exploits0References1
CNVD
CNVD
added 2020/09/22 12:0 a.m.1 views

Android Privilege Permission and Access Control Issues Vulnerability

Android is a Linux-based open source operating system from Google and the Open Handheld Alliance OHA. A vulnerability exists in the Android-11 version with privilege permission and access control issues. An attacker can exploit the vulnerability to cause local information about wireless data to b...

5.5CVSS6.4AI score0.00132EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2020/04/06 12:0 a.m.6 views

The vulnerability of the pg_ctlcluster script in the postgresql-common package involves insecure privilege management. This allows attackers to access confidential data, compromise its integrity, and cause service failures.

The vulnerability of the pgctlcluster script in the postgresql-common package is related to an access rights rollback error during the creation of temporary directories for sockets/stats. Exploiting this vulnerability allows an attacker to gain access to confidential data, compromise its integrit...

7.8CVSS7.2AI score0.00499EPSS
Exploits1References13Affected Software5
CNVD
CNVD
added 2020/04/02 12:0 a.m.3 views

McAfee Endpoint Security Privilege Permission and Access Control Issues Vulnerability

McAfee Endpoint Security ENS is the United States McAfee McAfee company's set of framework for providing intelligent collaboration and advanced threat defense. The framework supports the entire threat defense lifecycle of real-time communications control and actionable threat forensics and so on....

6.7CVSS7AI score0.00168EPSS
Exploits0References1
CNVD
CNVD
added 2020/02/14 12:0 a.m.2 views

Bitdefender Antivirus for Mac Permission License and Access Control Issues Vulnerability (CNVD-2020-52440)

SOFTWIN BitDefender Antivirus is a suite of antivirus programs from the Romanian company SOFTWIN. A vulnerability exists in BDLDaemon in versions prior to Bitdefender Antivirus for Mac 8.0.0 with privilege permission and access control issues. The vulnerability stems from a lack of effective...

5.5CVSS6.8AI score0.00264EPSS
Exploits0References1
CNVD
CNVD
added 2019/12/18 12:0 a.m.3 views

Linux Administrative Tools for Intel Network Adapters Privilege Permission and Access Control Issues Vulnerability

Linux Administrative Tools for Intel Network Adapters is a Linux-based administrative tool for Intel network adapters from Intel. A vulnerability exists in Linux Administrative Tools for Intel Network Adapters prior to version 24.3 for privilege permission and access control issues. The...

7.8CVSS6.9AI score0.00372EPSS
Exploits0References1
CNVD
CNVD
added 2019/10/28 12:0 a.m.3 views

Google Chrome Permissions License and Access Control Issues Vulnerability (CNVD-2019-38243)

Google Chrome is a web browser from Google, an American company. A vulnerability exists in Google Chrome prior to version 78.0.3904.70 with privilege permission and access control issues. A remote attacker can exploit this vulnerability to bypass the CSP protection mechanism and perform...

4.3CVSS8.6AI score0.00926EPSS
Exploits0References1
CNVD
CNVD
added 2019/08/27 12:0 a.m.3 views

WordPress advanced-ajax-page-loader plugin permissions permission and access control issues vulnerability

WordPress is the WordPress Foundation's set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on PHP and MySQL servers. advanced-ajax-page-loader is an AJAX page loading plugin used in it. The WordPress advanced-ajax-page-loader plugin is...

5.3CVSS6.8AI score0.01332EPSS
Exploits0References1
CNVD
CNVD
added 2019/08/16 12:0 a.m.2 views

Zoho ManageEngine OpManager Permission License and Access Control Issues Vulnerability

Zoho ManageEngine OpManager is a suite of network, server and virtualization monitoring software from Zoho. A vulnerability exists in Zoho ManageEngine OpManager due to privilege permission and access control issues. An attacker could use this vulnerability to execute commands on the server...

9.8CVSS7.3AI score0.25482EPSS
Exploits1References1
CNVD
CNVD
added 2019/06/11 12:0 a.m.1 views

Rancher Labs Rancher Privilege Permission and Access Control Issues Vulnerability (CNVD-2019-43042)

Rancher Labs Rancher is the United States Rancher Labs, Inc. of a set of open source enterprise-class container management platform. A vulnerability exists in Rancher Labs Rancher with privilege permission and access control issues. An attacker can exploit this vulnerability to gain administrator...

8.8CVSS7.1AI score0.01143EPSS
Exploits0References1
CNVD
CNVD
added 2019/05/22 12:0 a.m.6 views

Intel Quartus Software Privilege License and Access Control Issues Vulnerability

Intel Quartus Software is a suite of software for hardware programming from the American company Intel Intel. A vulnerability exists in Intel Quartus Software due to a privilege license and access control issue. The vulnerability arises from a lack of effective privilege permission and access...

7.8CVSS6.8AI score0.00319EPSS
Exploits0References1
CNVD
CNVD
added 2019/04/03 12:0 a.m.4 views

Synology SSL VPN Client Privilege Permission and Access Control Issues Vulnerability

Synology SSL VPN Client is a VPN client software for secure connection to Synology NAS from Synology, Taiwan, China. A vulnerability exists in Synology SSL VPN Client with privilege permission and access control issues. An attacker can exploit this vulnerability to conduct a man-in-the-middle...

8.8CVSS6.8AI score0.01384EPSS
Exploits0References1
CNVD
CNVD
added 2019/04/03 12:0 a.m.4 views

Synology Router Manager Privilege Permission and Access Control Issues Vulnerability

Synology Router Manager SRM is a software for configuring and managing Synology routers from Synology Inc. of Taiwan, China. A vulnerability exists in Synology Router Manager with privilege permission and access control issues. An attacker could exploit this vulnerability to obtain sensitive...

6.5CVSS6.7AI score0.0133EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2018/12/03 12:0 a.m.5 views

PT-2018-2000 · Kubernetes · Minikube

Name of the Vulnerable Software and Affected Versions: minikube versions 0.3.0 through 0.29.0 Description: The issue is related to privilege management errors in the minikube command-line utility. It allows a remote attacker to execute arbitrary code. In certain VM environments where the IP is ea...

9.4CVSS8AI score0.00702EPSS
Exploits1References9
OSV
OSV
added 2015/08/17 9:36 a.m.6 views

SUSE-SU-2015:1511-1 Security update for libgcrypt

This update fixes the following issues: Security: Fixed data-dependent timing variations in modular exponentiation related to CVE-2015-0837, Last-Level Cache Side-Channel Attacks are Practical bsc920057 Bugfixes: don't drop privileges when locking secure memory bsc938343...

5.9CVSS5.9AI score0.01952EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2014/02/21 12:0 a.m.28 views

FreeBSD : PostgreSQL -- multiple privilege issues (42d42090-9a4d-11e3-b029-08002798f6ff)

PostgreSQL Project reports : This update fixes CVE-2014-0060, in which PostgreSQL did not properly enforce the WITH ADMIN OPTION permission for ROLE management. Before this fix, any member of a ROLE was able to grant others access to the same ROLE regardless if the member was given the WITH ADMIN...

6.5CVSS6.8AI score0.06666EPSS
Exploits6References9
RedHat Linux
RedHat Linux
added 2013/02/20 10:45 a.m.6 views

OpenJDK: MBeanServer insufficient privilege restrictions (JMX, 8006446)

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 13 and earlier, 6 Update 39 and earlier, and 5.0 Update 39 and earlier allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JMX...

10CVSS7.4AI score0.06917EPSS
Exploits0References5
Rows per page
Query Builder