168 matches found
CVE-2023-22428
Improper privilege validation in Command Centre Server allows authenticated operators to modify Division lineage. This issue affects Command Centre: vEL8.80 prior to vEL8.80.1192 MR2, vEL8.70 prior to vEL8.70.2185 MR4, vEL8.60 prior to vEL8.60.2347 MR6, vEL8.50 prior to vEL8.50.2831MR8, vEL8.40 a...
Input validation
Improper privilege validation in Command Centre Server allows authenticated operators to modify Division lineage. This issue affects Command Centre: vEL8.80 prior to vEL8.80.1192 MR2, vEL8.70 prior to vEL8.70.2185 MR4, vEL8.60 prior to vEL8.60.2347 MR6, vEL8.50 prior to vEL8.50.2831MR8, vEL8.40 a...
CVE-2023-25074 Competency access levels not enforced in the server
Improper privilege validation in Command Centre Server allows authenticated unprivileged operators to modify and view Competencies. This issue affects Command Centre: vEL8.90 prior to vEL8.90.1318 MR1, vEL8.80 prior to vEL8.80.1192 MR2, vEL8.70 prior to vEL8.70.2185 MR4, vEL8.60 prior to...
CVE-2023-25074 Competency access levels not enforced in the server
Improper privilege validation in Command Centre Server allows authenticated unprivileged operators to modify and view Competencies. This issue affects Command Centre: vEL8.90 prior to vEL8.90.1318 MR1, vEL8.80 prior to vEL8.80.1192 MR2, vEL8.70 prior to vEL8.70.2185 MR4, vEL8.60 prior to...
CVE-2023-25074
CVE-2023-25074 affects Gallagher Command Centre Server. The issue is improper privilege validation that allows authenticated, unprivileged operators to modify and view Competencies. Affected versions (Command Centre) include vEL8.90 prior to vEL8.90.1318 (MR1), vEL8.80 prior to vEL8.80.1192 (MR2)...
CVE-2023-22428
Improper privilege validation in Command Centre Server allows authenticated operators to modify Division lineage. This issue affects Command Centre: vEL8.80 prior to vEL8.80.1192 MR2, vEL8.70 prior to vEL8.70.2185 MR4, vEL8.60 prior to vEL8.60.2347 MR6, vEL8.50 prior to vEL8.50.2831MR8, vEL8.40 a...
CVE-2023-22428
CVE-2023-22428 describes an improper privilege validation in Gallagher Command Centre Server that allows authenticated operators to modify Division lineage. Affected Command Centre versions include vEL8.80 (before 8.80.1192 MR2), vEL8.70 (before 8.70.2185 MR4), vEL8.60 (before 8.60.2347 MR6), vEL...
CVE-2023-22428
Improper privilege validation in Command Centre Server allows authenticated operators to modify Division lineage. This issue affects Command Centre: vEL8.80 prior to vEL8.80.1192 MR2, vEL8.70 prior to vEL8.70.2185 MR4, vEL8.60 prior to vEL8.60.2347 MR6, vEL8.50 prior to vEL8.50.2831MR8, vEL8.40 a...
PT-2023-18491 · Unknown · Command Centre
Name of the Vulnerable Software and Affected Versions: Command Centre versions vEL8.40 and prior Command Centre versions vEL8.50 prior to vEL8.50.2831 MR8 Command Centre versions vEL8.60 prior to vEL8.60.2347 MR6 Command Centre versions vEL8.70 prior to vEL8.70.2185 MR4 Command Centre versions...
PT-2023-19915 · Unknown · Command Centre
Name of the Vulnerable Software and Affected Versions: Command Centre versions vEL8.40 and prior Command Centre versions vEL8.50 prior to vEL8.50.2831 MR8 Command Centre versions vEL8.60 prior to vEL8.60.2347 MR6 Command Centre versions vEL8.70 prior to vEL8.70.2185 MR4 Command Centre versions...
Gallagher Command Centre Server 安全漏洞
Gallagher Command Center Server is a management system from Gallagher New Zealand for monitoring and managing infrastructure in buildings. A security vulnerability exists in Gallagher Command Centre Server versions v8.80 through v8.80.1192 MR2, v8.70 through v8.70.2185 MR4, v8.60 through v8.60.23...
Artifex Software Ghostscript 安全漏洞
Artifex Software Ghostscript is an open source parser for Postscript a page description language and programming language used in the electronics industry and desktop publishing from Artifex Software, Inc. The product can display Postscript files as well as print Postscript files on non-Postscrip...
Ubuntu: Security Advisory (USN-6146-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Kiwi TCMS 安全漏洞
Kiwi TCMS is a leading open source test management system for manual and automated testing from Kiwi TCMS Open Source. A security vulnerability exists in versions of Kiwi TCMS prior to 12.2, which originated from allowing users to change their email per-addresses via the My profile page without...
Bhima 安全漏洞
BHIMA is a free, open source accounting and hospital information management system HIMS open source from IMAWorldHealth.org in Congo. A security vulnerability exists in Bhima version 1.27.0 that stems from not properly validating a user's privileges for certain actions that the user can perform...
WordPress plugin Gallery Blocks with Lightbox 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed using the PHP language, which supports personal blogs on PHP and MySQL servers.WordPress plugin is an...
XWiki Platform 安全漏洞
XWiki Platform is a suite of Wiki platforms for creating Web collaboration applications from the French company XWiki. A security vulnerability exists in XWiki Platform that stems from insufficient privilege validation...
CVE-2022-27677
Failure to validate privileges during installation of AMD Ryzen™ Master may allow an attacker with low privileges to modify files potentially leading to privilege escalation and code execution by the lower privileged user...
Design/Logic Flaw
Failure to validate privileges during installation of AMD Ryzen™ Master may allow an attacker with low privileges to modify files potentially leading to privilege escalation and code execution by the lower privileged user...
AMD Ryzen 安全漏洞
AMD Ryzen is a central processing unit CPU from Ultraviolet Semiconductor AMD. AMD Ryzen Master suffers from a security vulnerability that stems from insufficient privilege validation, which can be exploited by an attacker to modify files in a way that could lead to elevation of privilege and cod...