Lucene search
K

168 matches found

NVD
NVD
added 2023/07/24 11:15 p.m.22 views

CVE-2023-22428

Improper privilege validation in Command Centre Server allows authenticated operators to modify Division lineage. This issue affects Command Centre: vEL8.80 prior to vEL8.80.1192 MR2, vEL8.70 prior to vEL8.70.2185 MR4, vEL8.60 prior to vEL8.60.2347 MR6, vEL8.50 prior to vEL8.50.2831MR8, vEL8.40 a...

7.6CVSS7.5AI score0.00303EPSS
Exploits0References1
Prion
Prion
added 2023/07/24 11:15 p.m.12 views

Input validation

Improper privilege validation in Command Centre Server allows authenticated operators to modify Division lineage. This issue affects Command Centre: vEL8.80 prior to vEL8.80.1192 MR2, vEL8.70 prior to vEL8.70.2185 MR4, vEL8.60 prior to vEL8.60.2347 MR6, vEL8.50 prior to vEL8.50.2831MR8, vEL8.40 a...

4CVSS6.4AI score0.00303EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/07/24 11:5 p.m.29 views

CVE-2023-25074 Competency access levels not enforced in the server

Improper privilege validation in Command Centre Server allows authenticated unprivileged operators to modify and view Competencies. This issue affects Command Centre: vEL8.90 prior to vEL8.90.1318 MR1, vEL8.80 prior to vEL8.80.1192 MR2, vEL8.70 prior to vEL8.70.2185 MR4, vEL8.60 prior to...

7.1CVSS7.1AI score0.00264EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/07/24 11:5 p.m.13 views

CVE-2023-25074 Competency access levels not enforced in the server

Improper privilege validation in Command Centre Server allows authenticated unprivileged operators to modify and view Competencies. This issue affects Command Centre: vEL8.90 prior to vEL8.90.1318 MR1, vEL8.80 prior to vEL8.80.1192 MR2, vEL8.70 prior to vEL8.70.2185 MR4, vEL8.60 prior to...

7.1CVSS6.8AI score0.00264EPSS
Exploits0References1
CVE
CVE
added 2023/07/24 11:5 p.m.49 views

CVE-2023-25074

CVE-2023-25074 affects Gallagher Command Centre Server. The issue is improper privilege validation that allows authenticated, unprivileged operators to modify and view Competencies. Affected versions (Command Centre) include vEL8.90 prior to vEL8.90.1318 (MR1), vEL8.80 prior to vEL8.80.1192 (MR2)...

7.1CVSS6AI score0.00264EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/07/24 10:44 p.m.13 views

CVE-2023-22428

Improper privilege validation in Command Centre Server allows authenticated operators to modify Division lineage. This issue affects Command Centre: vEL8.80 prior to vEL8.80.1192 MR2, vEL8.70 prior to vEL8.70.2185 MR4, vEL8.60 prior to vEL8.60.2347 MR6, vEL8.50 prior to vEL8.50.2831MR8, vEL8.40 a...

7.6CVSS6.8AI score0.00303EPSS
Exploits0References1
CVE
CVE
added 2023/07/24 10:44 p.m.43 views

CVE-2023-22428

CVE-2023-22428 describes an improper privilege validation in Gallagher Command Centre Server that allows authenticated operators to modify Division lineage. Affected Command Centre versions include vEL8.80 (before 8.80.1192 MR2), vEL8.70 (before 8.70.2185 MR4), vEL8.60 (before 8.60.2347 MR6), vEL...

7.6CVSS6.5AI score0.00303EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/07/24 10:44 p.m.23 views

CVE-2023-22428

Improper privilege validation in Command Centre Server allows authenticated operators to modify Division lineage. This issue affects Command Centre: vEL8.80 prior to vEL8.80.1192 MR2, vEL8.70 prior to vEL8.70.2185 MR4, vEL8.60 prior to vEL8.60.2347 MR6, vEL8.50 prior to vEL8.50.2831MR8, vEL8.40 a...

7.6CVSS7.7AI score0.00303EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/07/24 12:0 a.m.4 views

PT-2023-18491 · Unknown · Command Centre

Name of the Vulnerable Software and Affected Versions: Command Centre versions vEL8.40 and prior Command Centre versions vEL8.50 prior to vEL8.50.2831 MR8 Command Centre versions vEL8.60 prior to vEL8.60.2347 MR6 Command Centre versions vEL8.70 prior to vEL8.70.2185 MR4 Command Centre versions...

7.6CVSS6.4AI score0.00303EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2023/07/24 12:0 a.m.6 views

PT-2023-19915 · Unknown · Command Centre

Name of the Vulnerable Software and Affected Versions: Command Centre versions vEL8.40 and prior Command Centre versions vEL8.50 prior to vEL8.50.2831 MR8 Command Centre versions vEL8.60 prior to vEL8.60.2347 MR6 Command Centre versions vEL8.70 prior to vEL8.70.2185 MR4 Command Centre versions...

7.1CVSS5.4AI score0.00264EPSS
Exploits0References4
CNNVD
CNNVD
added 2023/07/24 12:0 a.m.4 views

Gallagher Command Centre Server 安全漏洞

Gallagher Command Center Server is a management system from Gallagher New Zealand for monitoring and managing infrastructure in buildings. A security vulnerability exists in Gallagher Command Centre Server versions v8.80 through v8.80.1192 MR2, v8.70 through v8.70.2185 MR4, v8.60 through v8.60.23...

7.6CVSS6.5AI score0.00303EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/06/25 12:0 a.m.3 views

Artifex Software Ghostscript 安全漏洞

Artifex Software Ghostscript is an open source parser for Postscript a page description language and programming language used in the electronics industry and desktop publishing from Artifex Software, Inc. The product can display Postscript files as well as print Postscript files on non-Postscrip...

7.8CVSS7.8AI score0.03236EPSS
Exploits3References13
OpenVAS
OpenVAS
added 2023/06/09 12:0 a.m.24 views

Ubuntu: Security Advisory (USN-6146-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.1AI score0.18903EPSS
Exploits1References2
CNNVD
CNNVD
added 2023/04/24 12:0 a.m.5 views

Kiwi TCMS 安全漏洞

Kiwi TCMS is a leading open source test management system for manual and automated testing from Kiwi TCMS Open Source. A security vulnerability exists in versions of Kiwi TCMS prior to 12.2, which originated from allowing users to change their email per-addresses via the My profile page without...

4.3CVSS5AI score0.00419EPSS
Exploits0References4
CNNVD
CNNVD
added 2023/04/05 12:0 a.m.4 views

Bhima 安全漏洞

BHIMA is a free, open source accounting and hospital information management system HIMS open source from IMAWorldHealth.org in Congo. A security vulnerability exists in Bhima version 1.27.0 that stems from not properly validating a user's privileges for certain actions that the user can perform...

4.3CVSS5AI score0.00477EPSS
Exploits1References3
CNNVD
CNNVD
added 2023/03/27 12:0 a.m.7 views

WordPress plugin Gallery Blocks with Lightbox 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed using the PHP language, which supports personal blogs on PHP and MySQL servers.WordPress plugin is an...

8.1CVSS7.6AI score0.00731EPSS
Exploits2References2
CNNVD
CNNVD
added 2023/03/02 12:0 a.m.8 views

XWiki Platform 安全漏洞

XWiki Platform is a suite of Wiki platforms for creating Web collaboration applications from the French company XWiki. A security vulnerability exists in XWiki Platform that stems from insufficient privilege validation...

9.9CVSS7.9AI score0.01107EPSS
Exploits1References4
NVD
NVD
added 2023/03/01 8:15 a.m.21 views

CVE-2022-27677

Failure to validate privileges during installation of AMD Ryzen™ Master may allow an attacker with low privileges to modify files potentially leading to privilege escalation and code execution by the lower privileged user...

7.8CVSS8.1AI score0.00224EPSS
Exploits0References1
Prion
Prion
added 2023/03/01 8:15 a.m.18 views

Design/Logic Flaw

Failure to validate privileges during installation of AMD Ryzen™ Master may allow an attacker with low privileges to modify files potentially leading to privilege escalation and code execution by the lower privileged user...

4.3CVSS7.9AI score0.00224EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2023/03/01 12:0 a.m.3 views

AMD Ryzen 安全漏洞

AMD Ryzen is a central processing unit CPU from Ultraviolet Semiconductor AMD. AMD Ryzen Master suffers from a security vulnerability that stems from insufficient privilege validation, which can be exploited by an attacker to modify files in a way that could lead to elevation of privilege and cod...

7.8CVSS7.6AI score0.00224EPSS
Exploits0References2
Rows per page
Query Builder