1224 matches found
CVE-2022-4264 Incorrect privilege assignment in M-Files Web Server
Incorrect Privilege Assignment in M-Files Web Classic in M-Files before 22.8.11691.0 allows low privilege user to change some configuration...
CVE-2022-4264
The CVE-2022-4264 issue affects M-Files Web (Classic) prior to 22.8.11691.0. Root cause: incorrect privilege assignment that lets a low‑privilege user change certain configurations. Impact: configuration changes by an unauthorized user; no evidence of broader compromise provided in the documents....
CVE-2022-4270
Incorrect privilege assignment issue in M-Files Web in M-Files Web versions before 22.5.11436.1 could have changed permissions accidentally...
CVE-2022-4270
Incorrect privilege assignment issue in M-Files Web in M-Files Web versions before 22.5.11436.1 could have changed permissions accidentally...
CVE-2022-4270
CVE-2022-4270 describes an Incorrect privilege assignment issue in M-Files Web. Affected: M-Files Web versions prior to 22.5.11436.1 (including Web Classic and Web Next). Root cause: a misconfiguration could cause permissions to be changed accidentally when handling ACLs, potentially impacting ac...
CVE-2022-4270 Incorrect privilege assignment in M-Files Web Server
Incorrect privilege assignment issue in M-Files Web in M-Files Web versions before 22.5.11436.1 could have changed permissions accidentally...
CVE-2022-1606
Incorrect privilege assignment in M-Files Server versions before 22.3.11164.0 and before 22.3.11237.1 allows user to read unmanaged objects...
CVE-2022-1606 Incorrect privilege assignment in M-Files Server
Incorrect privilege assignment in M-Files Server versions before 22.3.11164.0 and before 22.3.11237.1 allows user to read unmanaged objects...
CVE-2022-1606
M-Files Server is affected by CVE-2022-1606 due to incorrect privilege assignment that allows a user to read unmanaged objects. Affected versions are pre-22.3.11164.0 and pre-22.3.11237.1. The vulnerability stems from privilege handling in the server, enabling unintended access to objects not pro...
M-Files Server 安全漏洞
M-Files Server is a server for the M-Files system from M-Files, Inc. A security vulnerability exists in M-Files Server versions prior to 22.3.11164.0, 22.3.11237.1 and prior to 22.3.11237.1, which stems from incorrect privilege assignment. An attacker could exploit the vulnerability to read...
PT-2022-14002
Name of the Vulnerable Software and Affected Versions M-Files Server versions prior to 22.3.11164.0 M-Files Server versions prior to 22.3.11237.1 Description The issue is related to incorrect privilege assignment, allowing a user to read unmanaged objects. Recommendations For versions prior to...
IBM Robotic Process Automation Licensing Issue Vulnerability (CNVD-2022-77512)
IBM Robotic Process Automation is a robotic process automation product from International Business Machines IBM, Inc. It helps you automate more business and IT processes at scale with the ease and speed of traditional RPA. IBM Robotic Process Automation versions 21.0.1, 21.0.2, 21.0.3, 21.0.4, a...
Huawei EulerOS: Security Advisory for golang (EulerOS-SA-2022-2683)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP10 : golang (EulerOS-SA-2022-2683)
According to the versions of the golang packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Acceptance of some invalid Transfer-Encoding headers in the HTTP/1 client in net/http before Go 1.17.12 and Go 1.18.4 allows HTTP request...
EulerOS 2.0 SP10 : golang (EulerOS-SA-2022-2651)
According to the versions of the golang packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Acceptance of some invalid Transfer-Encoding headers in the HTTP/1 client in net/http before Go 1.17.12 and Go 1.18.4 allows HTTP request...
Amazon Linux 2 : golang-googlecode-net (ALAS-2022-1861)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2022-1861 advisory. 2023-05-11: CVE-2022-1996 has changed status to NOT AFFECTED for this package and has been removed from this advisory. A flaw was found in golang. The HTTP/1 client accepted invalid...
Amazon Linux 2 : golang-github-gorilla-context (ALAS-2022-1859)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2022-1859 advisory. 2023-05-11: CVE-2022-1996 has changed status to NOT AFFECTED for this package and has been removed from this advisory. A flaw was found in golang. The HTTP/1 client accepted invalid...
Amazon Linux 2 : golang-github-gorilla-mux (ALAS-2022-1860)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2022-1860 advisory. 2023-05-11: CVE-2022-1996 has changed status to NOT AFFECTED for this package and has been removed from this advisory. A flaw was found in golang. The HTTP/1 client accepted invalid...
Amazon Linux 2 : golang-github-godbus-dbus (ALAS-2022-1858)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2022-1858 advisory. 2023-05-11: CVE-2022-1996 has changed status to NOT AFFECTED for this package and has been removed from this advisory. A flaw was found in golang. The HTTP/1 client accepted invalid...
Amazon Linux 2 : golang-github-syndtr-gocapability (ALAS-2022-1865)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2022-1865 advisory. 2023-05-11: CVE-2022-1996 has changed status to NOT AFFECTED for this package and has been removed from this advisory. A flaw was found in golang. The HTTP/1 client accepted invalid...