Lucene search
K

1224 matches found

Vulnrichment
Vulnrichment
added 2022/12/09 2:8 p.m.14 views

CVE-2022-4264 Incorrect privilege assignment in M-Files Web Server

Incorrect Privilege Assignment in M-Files Web Classic in M-Files before 22.8.11691.0 allows low privilege user to change some configuration...

6.5CVSS6.9AI score0.00516EPSS
Exploits0References3
CVE
CVE
added 2022/12/09 2:8 p.m.72 views

CVE-2022-4264

The CVE-2022-4264 issue affects M-Files Web (Classic) prior to 22.8.11691.0. Root cause: incorrect privilege assignment that lets a low‑privilege user change certain configurations. Impact: configuration changes by an unauthorized user; no evidence of broader compromise provided in the documents....

6.5CVSS5.1AI score0.00516EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2022/12/02 1:15 p.m.5 views

CVE-2022-4270

Incorrect privilege assignment issue in M-Files Web in M-Files Web versions before 22.5.11436.1 could have changed permissions accidentally...

2.6CVSS5.8AI score0.00514EPSS
Exploits0References3
NVD
NVD
added 2022/12/02 1:15 p.m.19 views

CVE-2022-4270

Incorrect privilege assignment issue in M-Files Web in M-Files Web versions before 22.5.11436.1 could have changed permissions accidentally...

2.6CVSS0.00514EPSS
Exploits0References3
CVE
CVE
added 2022/12/02 12:20 p.m.62 views

CVE-2022-4270

CVE-2022-4270 describes an Incorrect privilege assignment issue in M-Files Web. Affected: M-Files Web versions prior to 22.5.11436.1 (including Web Classic and Web Next). Root cause: a misconfiguration could cause permissions to be changed accidentally when handling ACLs, potentially impacting ac...

2.6CVSS3.8AI score0.00514EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2022/12/02 12:20 p.m.23 views

CVE-2022-4270 Incorrect privilege assignment in M-Files Web Server

Incorrect privilege assignment issue in M-Files Web in M-Files Web versions before 22.5.11436.1 could have changed permissions accidentally...

2CVSS4.3AI score0.00514EPSS
Exploits0References3
NVD
NVD
added 2022/11/30 3:15 p.m.26 views

CVE-2022-1606

Incorrect privilege assignment in M-Files Server versions before 22.3.11164.0 and before 22.3.11237.1 allows user to read unmanaged objects...

4.3CVSS0.00454EPSS
Exploits0References3
Cvelist
Cvelist
added 2022/11/30 2:5 p.m.26 views

CVE-2022-1606 Incorrect privilege assignment in M-Files Server

Incorrect privilege assignment in M-Files Server versions before 22.3.11164.0 and before 22.3.11237.1 allows user to read unmanaged objects...

2.4CVSS4.9AI score0.00454EPSS
Exploits0References3
CVE
CVE
added 2022/11/30 2:5 p.m.58 views

CVE-2022-1606

M-Files Server is affected by CVE-2022-1606 due to incorrect privilege assignment that allows a user to read unmanaged objects. Affected versions are pre-22.3.11164.0 and pre-22.3.11237.1. The vulnerability stems from privilege handling in the server, enabling unintended access to objects not pro...

4.3CVSS4AI score0.00454EPSS
Exploits0References3Affected Software1
CNNVD
CNNVD
added 2022/11/30 12:0 a.m.4 views

M-Files Server 安全漏洞

M-Files Server is a server for the M-Files system from M-Files, Inc. A security vulnerability exists in M-Files Server versions prior to 22.3.11164.0, 22.3.11237.1 and prior to 22.3.11237.1, which stems from incorrect privilege assignment. An attacker could exploit the vulnerability to read...

4.3CVSS5.2AI score0.00454EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2022/11/30 12:0 a.m.24 views

PT-2022-14002

Name of the Vulnerable Software and Affected Versions M-Files Server versions prior to 22.3.11164.0 M-Files Server versions prior to 22.3.11237.1 Description The issue is related to incorrect privilege assignment, allowing a user to read unmanaged objects. Recommendations For versions prior to...

4.3CVSS5AI score0.00454EPSS
Exploits0References6
CNVD
CNVD
added 2022/11/05 12:0 a.m.28 views

IBM Robotic Process Automation Licensing Issue Vulnerability (CNVD-2022-77512)

IBM Robotic Process Automation is a robotic process automation product from International Business Machines IBM, Inc. It helps you automate more business and IT processes at scale with the ease and speed of traditional RPA. IBM Robotic Process Automation versions 21.0.1, 21.0.2, 21.0.3, 21.0.4, a...

7.5CVSS2.5AI score0.0046EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2022/11/03 12:0 a.m.25 views

Huawei EulerOS: Security Advisory for golang (EulerOS-SA-2022-2683)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS8.9AI score0.02593EPSS
Exploits7References2
Tenable Nessus
Tenable Nessus
added 2022/11/02 12:0 a.m.42 views

EulerOS 2.0 SP10 : golang (EulerOS-SA-2022-2683)

According to the versions of the golang packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Acceptance of some invalid Transfer-Encoding headers in the HTTP/1 client in net/http before Go 1.17.12 and Go 1.18.4 allows HTTP request...

7.5CVSS7.3AI score0.02593EPSS
Exploits7References14
Tenable Nessus
Tenable Nessus
added 2022/11/02 12:0 a.m.32 views

EulerOS 2.0 SP10 : golang (EulerOS-SA-2022-2651)

According to the versions of the golang packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Acceptance of some invalid Transfer-Encoding headers in the HTTP/1 client in net/http before Go 1.17.12 and Go 1.18.4 allows HTTP request...

7.5CVSS7.3AI score0.02593EPSS
Exploits7References14
Tenable Nessus
Tenable Nessus
added 2022/10/21 12:0 a.m.31 views

Amazon Linux 2 : golang-googlecode-net (ALAS-2022-1861)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2022-1861 advisory. 2023-05-11: CVE-2022-1996 has changed status to NOT AFFECTED for this package and has been removed from this advisory. A flaw was found in golang. The HTTP/1 client accepted invalid...

9.3CVSS7.2AI score0.05416EPSS
Exploits7References32
Tenable Nessus
Tenable Nessus
added 2022/10/21 12:0 a.m.48 views

Amazon Linux 2 : golang-github-gorilla-context (ALAS-2022-1859)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2022-1859 advisory. 2023-05-11: CVE-2022-1996 has changed status to NOT AFFECTED for this package and has been removed from this advisory. A flaw was found in golang. The HTTP/1 client accepted invalid...

9.3CVSS7.2AI score0.05416EPSS
Exploits7References32
Tenable Nessus
Tenable Nessus
added 2022/10/21 12:0 a.m.39 views

Amazon Linux 2 : golang-github-gorilla-mux (ALAS-2022-1860)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2022-1860 advisory. 2023-05-11: CVE-2022-1996 has changed status to NOT AFFECTED for this package and has been removed from this advisory. A flaw was found in golang. The HTTP/1 client accepted invalid...

9.3CVSS7.2AI score0.05416EPSS
Exploits7References32
Tenable Nessus
Tenable Nessus
added 2022/10/21 12:0 a.m.39 views

Amazon Linux 2 : golang-github-godbus-dbus (ALAS-2022-1858)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2022-1858 advisory. 2023-05-11: CVE-2022-1996 has changed status to NOT AFFECTED for this package and has been removed from this advisory. A flaw was found in golang. The HTTP/1 client accepted invalid...

9.3CVSS7.2AI score0.05416EPSS
Exploits7References32
Tenable Nessus
Tenable Nessus
added 2022/10/21 12:0 a.m.38 views

Amazon Linux 2 : golang-github-syndtr-gocapability (ALAS-2022-1865)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2022-1865 advisory. 2023-05-11: CVE-2022-1996 has changed status to NOT AFFECTED for this package and has been removed from this advisory. A flaw was found in golang. The HTTP/1 client accepted invalid...

9.3CVSS7.2AI score0.05416EPSS
Exploits7References32
Rows per page
Query Builder