KLA89270 Multiple vulnerabilities in Microsoft Azure

Multiple vulnerabilities were found in Microsoft Azure. Malicious users can exploit these vulnerabilities to gain privileges. Below is a complete list of vulnerabilities: 1. An elevation of privilege vulnerability in Azure Monitor Agent can be exploited remotely to gain privileges. 2. An elevatio...

Linux Distros Unpatched Vulnerability : CVE-2016-3744

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Buffer overflow in the createpbuf function in btif/src/btifhh.c in Bluetooth in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before...

Linux Distros Unpatched Vulnerability : CVE-2016-6211

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The User module in Drupal 7.x before 7.44 allows remote authenticated users to gain privileges via vectors involving contributed or custom code that triggers a...

PT-2024-20280 · Ruijie · Ruijie Rg-Nbs2009G-P Rgos

Name of the Vulnerable Software and Affected Versions: Ruijie RG-NBS2009G-P RGOS version 10.41P2 Release 9736 Description: The issue allows a remote attacker to gain privileges via the login check state component. This is due to an Insecure Permissions vulnerability. A remote attacker can exploit...

CVE-2023-42325

Cross Site Scripting XSS vulnerability in Netgate pfSense v.2.7.0 allows a remote attacker to gain privileges via a crafted url to the statuslogsfilterdynamic.php page...

CVE-2023-42327

Cross Site Scripting XSS vulnerability in Netgate pfSense v.2.7.0 allows a remote attacker to gain privileges via a crafted URL to the getserviceproviders.php page...

CVE-2023-27846

SQL injection vulnerability found in PrestaShop themevolty v.4.0.8 and before allow a remote attacker to gain privileges via the tvcmsblog, tvcmsvideotab, tvcmswishlist, tvcmsbrandlist, tvcmscategorychainslider, tvcmscategoryproduct, tvcmscategoryslider, tvcmspaymenticon, tvcmstestimonial...

CVE-2023-36213

SQL injection vulnerability in MotoCMS v.3.4.3 allows a remote attacker to gain privileges via the keyword parameter of the search function...

CVE-2023-36082

An isssue in GatesAIr Flexiva FM Transmitter/Exiter Fax 150W allows a remote attacker to gain privileges via the LDAP and SMTP credentials...

CVE-2023-26864

SQL injection vulnerability found in PrestaShop smplredirectionsmanager v.1.1.19 and before allow a remote attacker to gain privileges via the SmplTools::getMatchingRedirectionsFromPartscomponent...

PT-2022-18506 · Sick · Sick Sim2000St

Name of the Vulnerable Software and Affected Versions: SICK SIM2000ST versions =1.7.0 Description: A password recovery issue allows an unprivileged remote attacker to invoke the password recovery mechanism method, gaining access to the user level defined as RecoverableUserLevel. This results in...

CVE-2021-40579

https://www.sourcecodester.com/ Online Enrollment Management System in PHP and PayPal Free Source Code 1.0 is affected by: Incorrect Access Control. The impact is: gain privileges remote...

CVE-2021-40579

The CVE-2021-40579 entry concerns the PayPal Free Source Code Online Enrollment Management System in PHP (version 1.0) and related components, affected by Incorrect Access Control. The underlying impact is remote privilege gain through improper privilege validation when obtaining PHP and PayPal F...

CVE-2020-18964

Cross Site Request Forgery CSRF Vulnerability in ForestBlog latest version via the website Management background, which could let a remote malicious gain privileges...

CVE-2021-29054

Certain Papoo products are affected by: Cross Site Request Forgery CSRF in the admin interface. This affects Papoo CMS Light through 21.02 and Papoo CMS Pro through 6.0.1. The impact is: gain privileges remote...

CVE-2020-18714

SQL Injection in Rockoa v1.8.7 allows remote attackers to gain privileges due to loose filtering of parameters in wordModel.php's getdata function...

CVE-2020-23448

This CVE concerns the NewBee-Mall application where all versions are affected by an incorrect access control flaw in AdminLoginInterceptor.java that allows bypassing authentication for the /admin area, enabling privilege escalation. The root cause is the bypass of the system’s authentication logi...

CVE-2020-23448

newbee-mall all versions are affected by incorrect access control to remotely gain privileges through AdminLoginInterceptor.java. The authentication logic of the system's background /admin is in code AdminLoginInterceptor, which can be bypassed...

CELSYS CLIP STUDIO PAINT, CLIP STUDIO ACTION and CLIP STUDIO MODELER DLL Search Path Vulnerabilities

CELSYS CLIP STUDIO PAINT, CLIP STUDIO ACTION and CLIP STUDIO MODELER are all products of CELSYS Japan.CELSYS CLIP STUDIO PAINT is a set of tools for making comics and illustrations.CLIP STUDIO ACTION is a set of software for 3D animation. CLIP STUDIO MODELER is a 3D modeling plug-in. A security...

VulnCheck KEV: CVE-2014-9222

AllegroSoft RomPager 4.34 and earlier, as used in Huawei Home Gateway products and other vendors and products, allows remote attackers to gain privileges via a crafted cookie that triggers memory corruption, aka the "Misfortune Cookie" vulnerability...