89 matches found
PT-2024-5003 · Dell · Dell Powerscale Onefs
Name of the Vulnerable Software and Affected Versions: Dell PowerScale OneFS versions 8.2.2.x through 9.8.0.0 Description: The issue is related to an incorrect privilege assignment, which could be exploited by a high-privileged attacker with local access. This could lead to Denial of service and...
esMind MosP 安全漏洞
esMind MosP is an open source attendance management system from esMind. A security vulnerability exists in esMind MosP kintai kanri 4.6.6 and prior versions, which stems from incorrect privilege assignments and could allow an unauthenticated, remote attacker with privileged access to the product ...
Siemens Spectrum Power 安全漏洞
Spectrum Power 7 provides the essential components of SCADA, communications and data modeling for control and monitoring systems. Application suites can be added to optimize network and generation management in all areas of energy management. Siemens Spectrum Power 7 suffers from a misassigned...
CVE-2023-51433
Some Honor products are affected by incorrect privilege assignment vulnerability, successful exploitation could cause information leak...
CVE-2023-23438
Some Honor products are affected by incorrect privilege assignment vulnerability, successful exploitation could cause device service exceptions...
CVE-2023-23429
Some Honor products are affected by incorrect privilege assignment vulnerability, successful exploitation could cause device service exceptions...
Honor LGE-AN00 Security Vulnerability
Honor LGE-AN00 is a smartphone from China-based Honor Honor. The Honor LGE-AN00 suffers from a security vulnerability that stems from a misassignment of privileges vulnerability, which can be successfully exploited to cause the device to service abnormality...
PT-2023-18936
Name of the Vulnerable Software and Affected Versions Honor products affected versions not specified Description The issue is related to incorrect privilege assignment, which could lead to device service exceptions if successfully exploited. Recommendations At the moment, there is no information...
IBM Robotic Process Automation 安全漏洞
IBM Robotic Process Automation is a robotic process automation product from International Business Machines IBM. It helps you automate more business and IT processes at scale with the ease and speed of traditional RPA. A security vulnerability exists in IBM Robotic Process Automation versions...
Huawei HiLink AI Life 安全漏洞
Huawei HiLink AI Life is a whole-house smart solution from Huawei, a Chinese company. A security vulnerability exists in Huawei HiLink AI Life. The vulnerability stems from a misassignment of privileges in the software, which allows an attacker to access restricted functionality and affects the...
M-Files Web 安全漏洞
M-Files Web is an intelligent information management platform from M-Files USA, Inc. It is used to optimally support users in their daily work. A security vulnerability exists in M-Files Web versions prior to 22.8.11691.0 that stems from incorrect privilege assignment. An attacker exploiting the...
PT-2022-26503
Name of the Vulnerable Software and Affected Versions M-Files versions prior to 22.8.11691.0 Description The issue allows a low privilege user to change some configuration due to incorrect privilege assignment in M-Files Web Classic. Recommendations For versions prior to 22.8.11691.0, update to...
PT-2022-26509
Name of the Vulnerable Software and Affected Versions M-Files Web versions before 22.5.11436.1 Description The issue is related to an incorrect privilege assignment in M-Files Web, which could have resulted in accidental changes to permissions. Recommendations For M-Files Web versions before...
CVE-2022-1606
Incorrect privilege assignment in M-Files Server versions before 22.3.11164.0 and before 22.3.11237.1 allows user to read unmanaged objects...
CVE-2022-1606
Incorrect privilege assignment in M-Files Server versions before 22.3.11164.0 and before 22.3.11237.1 allows user to read unmanaged objects...
Amazon Linux 2022 : golist (ALAS2022-2022-192)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2022-2022-192 advisory. A flaw was found in golang. The HTTP/1 client accepted invalid Transfer-Encoding headers indicating chunked encoding. This issue could allow request smuggling, but only if combined with an...
AZL-35283 CVE-2022-29526 affecting package sriov-network-device-plugin for versions less than 3.7.0-1
Go before 1.17.10 and 1.18.x before 1.18.2 has Incorrect Privilege Assignment. When called with a non-zero flags parameter, the Faccessat function could incorrectly report that a file is accessible...
AZL-45402 CVE-2022-29526 affecting package delve 1.5.0-16
Go before 1.17.10 and 1.18.x before 1.18.2 has Incorrect Privilege Assignment. When called with a non-zero flags parameter, the Faccessat function could incorrectly report that a file is accessible...
AZL-43900 CVE-2022-29526 affecting package delve 1.5.0-20
Go before 1.17.10 and 1.18.x before 1.18.2 has Incorrect Privilege Assignment. When called with a non-zero flags parameter, the Faccessat function could incorrectly report that a file is accessible...
CVE-2022-1225
Incorrect Privilege Assignment in GitHub repository phpipam/phpipam prior to 1.4.6...