Lucene search
+L

38 matches found

CNNVD
CNNVD
added 2025/02/12 12:0 a.m.5 views

Intel 800 Series Ethernet Driver 安全漏洞

Intel 800 Series Ethernet Driver is a driver from Intel Corporation USA. A security vulnerability exists in Intel 800 Series Ethernet Driver versions prior to 1.15.4, which arises from the implementation of incorrectly assigned privileges that could allow an authenticated user to disclose...

3.3CVSS5.7AI score0.00233EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/09/23 12:0 a.m.3 views

Acronis Cyber Protect Cloud Agent 安全漏洞

Acronis Cyber Protect Cloud Agent is a cloud agent from Acronis Switzerland. A security vulnerability exists in Acronis Cyber Protect Cloud Agent versions prior to 38565, which stems from an unnecessary privilege assignment that results in the manipulation of local active protection service...

4.7CVSS4.8AI score0.00135EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2024/09/06 12:0 a.m.6 views

The vulnerability in the web interface of the Cisco Identity Services Engine (ISE) management platform allows a perpetrator to disclose protected information.

The vulnerability in the web interface of the Cisco Identity Services Engine ISE management platform is related to the improper assignment of privileges. Exploiting this vulnerability can allow a malicious actor to disclose protected information...

6.8CVSS5.4AI score0.00477EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2024/08/21 4:3 p.m.48 views

GO-2022-1217 usememos/memos makes Incorrect Use of Privileged APIs in github.com/usememos/memos

usememos/memos makes Incorrect Use of Privileged APIs in github.com/usememos/memos...

8.1CVSS8.1AI score0.00633EPSS
Exploits1References4
OSV
OSV
added 2024/07/22 9:15 p.m.3 views

CVE-2024-6913

Execution with unnecessary privileges in PerkinElmer ProcessPlus allows an attacker to spawn a remote shell on the windows system.This issue affects ProcessPlus: through 1.11.6507.0...

8.8CVSS5.9AI score0.01372EPSS
Exploits2References2
CNNVD
CNNVD
added 2024/05/17 12:0 a.m.3 views

WordPress plugin Local Delivery Drivers for WooCommerce 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in the WordPre...

9.8CVSS8.7AI score0.00538EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/05/14 12:0 a.m.28 views

NVIDIA ChatRTX 安全漏洞

NVIDIA ChatRTX is a content personalization chatbot from NVIDIA, USA. A security vulnerability exists in NVIDIA ChatRTX. An attacker exploited the vulnerability to alter the execution process by sending user input, which could lead to mismanagement of privileges issues...

7.5CVSS6.7AI score0.00191EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/06/15 12:0 a.m.6 views

IBM Security Directory Suite 安全漏洞

IBM Security Directory Suite is a scalable, standards-based identity platform from International Business Machines IBM that simplifies identity and directory management. An information disclosure vulnerability exists in IBM Security Directory Suite VA, which could be exploited by an attacker to...

8.1CVSS5.9AI score0.00502EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2022/07/21 12:0 a.m.8 views

The vulnerability of the SNMP protocol implementation in the microprogramming software for Schneider Electric Modicon M340 programmable logic controllers allows a intruder to trigger a maintenance failure.

The vulnerability of the SNMP protocol implementation in microprogrammed software for Schneider Electric Modicon M340 programmable logic controllers is related to insecure management of privileges. Exploiting this vulnerability could allow a malicious actor to cause service interruptions by sendi...

7.8CVSS7.2AI score0.0057EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2022/02/08 2:15 a.m.15 views

Design/Logic Flaw

NATS nats-server before 2.7.2 has Incorrect Access Control. Any authenticated user can obtain the privileges of the System account by misusing the "dynamically provisioned sandbox accounts" feature...

9CVSS9.2AI score0.01305EPSS
Exploits0References2Affected Software2
BDU FSTEC
BDU FSTEC
added 2019/04/25 12:0 a.m.5 views

Vulnerability of the Server component: Security: Privileges of the MySQL database management system, which allows a hacker to cause a service failure.

The vulnerability of the Server component: Security: Privileges of the MySQL database management system is related to deficiencies in access control. Exploiting this vulnerability can allow a malicious actor to cause service interruptions remotely...

7.8CVSS6.5AI score0.02232EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2019/02/15 6:0 p.m.17 views

CVE-2019-0255

SAP NetWeaver AS ABAP Platform, Krnl64nuc 7.74, krnl64UC 7.73, 7.74, Kernel 7.73, 7.74, 7.75, fails to validate type of installation for an ABAP Server system correctly. That behavior may lead to situation, where business user achieves access to the full SAP Menu, that is 'Easy Access Menu'. The...

8.2AI score0.01653EPSS
Exploits0References3
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/16 9:44 p.m.22 views

Security Bulletin: IBM QRadar SIEM contains unnecessary privilege usage. (CVE-2016-2876)

Summary Multiple processes run by IBM QRadar SIEM use higher than necessary privileges, which can be abused due to other shell command injection vulnerabilities. Vulnerability Details CVE-ID: CVE-2016-2876 Description: IBM QRadar could allow an authenticated user to inject operating system comman...

8.5CVSS1.8AI score0.01565EPSS
Exploits0Affected Software1
RedHat Linux
RedHat Linux
added 2017/12/13 4:48 p.m.4 views

OpenJDK: incorrect privilege use when handling unreferenced objects (RMI, 8174966)

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: RMI. Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple...

9.6CVSS7.4AI score0.03143EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2017/10/23 7:44 a.m.7 views

OpenJDK: incorrect privilege use when handling unreferenced objects (RMI, 8174966)

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: RMI. Supported versions that are affected are Java SE: 6u161, 7u151, 8u144 and 9; Java SE Embedded: 8u144. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple...

9.6CVSS7.4AI score0.03143EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2013/02/13 12:0 a.m.11 views

PT-2013-2078 · Microsoft · .Net Framework

Name of the Vulnerable Software and Affected Versions: Microsoft .NET Framework versions 2.0 SP2 through 4.5 Description: The issue allows remote attackers to execute arbitrary code via a crafted XAML browser application or a crafted .NET Framework application. This is due to the improper...

10CVSS7.1AI score0.29632EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2012/08/01 12:0 a.m.39 views

Scientific Linux Security Update : java-1.6.0-openjdk on SL6.x i386/x86_64

defaultReadObject of the Serialization API could be tricked into setting a volatile field multiple times, which could allow a remote attacker to execute arbitrary code with the privileges of the user running the applet or application. CVE-2010-3569 Race condition in the way objects were...

10CVSS8.2AI score0.87264EPSS
Exploits15References20
CVE
CVE
added 2001/05/24 4:0 a.m.58 views

CVE-2001-0424

Summary: CVE-2001-0424 affects BubbleMon 1.31, where the process does not drop group privileges before executing programs. This results in a local privilege escalation where local users can run arbitrary commands with the kmem group id. Impact (as described in sources): Local users gain complete ...

7.2CVSS7.6AI score0.00389EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder