3945 matches found
CVE-2024-10209 Incorrect Permission Assignment in APROL file system
An Incorrect Permission Assignment for Critical Resource vulnerability in the file system used in B&R APROL 4.4-01 may allow an authenticated local attacker to read and alter the configuration of another engineering or runtime user...
CVE-2024-10359
In danny-avila/librechat version v0.7.5-rc2, a vulnerability exists in the preset creation functionality where a user can manipulate the user ID field through mass assignment. This allows an attacker to inject a different user ID into the preset object, causing the preset to appear in the UI of...
Privilege Escalation
camaleoncms is vulnerable to Privilege Escalation. The vulnerability is due to the use of the dangerous permit! method through mass assignment, which allows all parameters to pass through without filtering...
The vulnerability of the __mt76_connac_mcu_alloc_sta_req() function in the drivers/net/wireless/mediatek/mt76/mt76_connac_mcu.c module of the Linux kernel allows a hacker to cause a service failure.
The vulnerability of the mt76connacmcuallocstareq function in the drivers/net/wireless/mediatek/mt76/mt76connacmcu.c module of the Linux kernel is related to the assignment of pointers. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the xe_devcoredump_read() function in the drivers/gpu/drm/xe/xe_devcoredump.c kernel module of the Linux operating system allows a hacker to cause a service failure.
The vulnerability of the xedevcoredumpread function in the drivers/gpu/drm/xe/xedevcoredump.c kernel module of the Linux operating system is related to the assignment of pointers. Exploiting this vulnerability can allow an attacker to cause a service failure...
The vulnerability of the dma_buf_run_device() function in the drivers/gpu/drm/xe/tests/xe_dma_buf.c module of the Linux operating system allows a hacker to cause a service failure.
The vulnerability of the dmabufrundevice function in the drivers/gpu/drm/xe/tests/xedmabuf.c file of the Linux kernel is related to the assignment of pointers. Exploiting this vulnerability could allow an attacker to cause a service failure...
The vulnerability of the dmirror_device_evict_chunk() function in the lib/test_hmm.c module of the Linux operating system allows a hacker to cause a service failure.
The vulnerability of the dmirrordeviceevictchunk function in the lib/testhmm.c module of the Linux operating system is related to the assignment of pointers. Exploiting this vulnerability could allow an attacker to cause a service failure...
CVE-2024-10359
In danny-avila/librechat version v0.7.5-rc2, a vulnerability exists in the preset creation functionality where a user can manipulate the user ID field through mass assignment. This allows an attacker to inject a different user ID into the preset object, causing the preset to appear in the UI of...
The vulnerability of the tls_ctx_create() function in the net/tls/tls_main.c module of the Linux operating system’s TLS kernel implementation allows a attacker to cause a service failure.
The vulnerability of the tlsctxcreate function in the net/tls/tlsmain.c module of the Linux operating system’s TLS implementation is related to the assignment of pointers. Exploiting this vulnerability could allow an attacker to cause a service failure...
CVE-2024-49561
Dell SmartFabric OS10 Software, versions 10.5.4.x, 10.5.5.x, 10.5.6.x, 10.6.0.x, contains an Incorrect Privilege Assignment vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges...
CVE-2025-30143
Rule 3000216 before version 2 in Akamai App & API Protector with Akamai ASE before 2024-12-10 does not properly consider JavaScript variable assignment to built-in functions and properties...
Dell SmartFabric OS10 Licensing Issues Vulnerability
Dell SmartFabric OS10 is a Linux-based network switch operating system from Dell Dell. Dell SmartFabric OS10 suffers from an authorization issue vulnerability that stems from improper privilege assignment, which can be exploited by an attacker to cause elevation of privilege...
CVE-2024-49561
Dell SmartFabric OS10 Software, versions 10.5.4.x, 10.5.5.x, 10.5.6.x, 10.6.0.x, contains an Incorrect Privilege Assignment vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges...
CVE-2024-49561
Dell SmartFabric OS10 Software, versions 10.5.4.x, 10.5.5.x, 10.5.6.x, 10.6.0.x, contains an Incorrect Privilege Assignment vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges...
CVE-2024-49561
Dell SmartFabric OS10 Software, versions 10.5.4.x, 10.5.5.x, 10.5.6.x, 10.6.0.x, contains an Incorrect Privilege Assignment vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges...
CVE-2024-49561
Dell SmartFabric OS10 Software, versions 10.5.4.x, 10.5.5.x, 10.5.6.x, 10.6.0.x, contains an Incorrect Privilege Assignment vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges...
CVE-2024-49561
Dell SmartFabric OS10 vulnerabilities affect versions 10.5.4.x–10.5.6.x and 10.6.0.x. The issue is an Incorrect Privilege Assignment that lets a low-privileged, locally authenticated attacker escalate privileges. Impact is described as HIGH for confidentiality, integrity, and availability. Root c...
CVE-2025-30143
Rule 3000216 before version 2 in Akamai App & API Protector with Akamai ASE before 2024-12-10 does not properly consider JavaScript variable assignment to built-in functions and properties...
Dell SmartFabric OS10 安全漏洞
Dell SmartFabric OS10 is a Linux-based network switch operating system from Dell Dell. Dell SmartFabric OS10 suffers from an authorization issue vulnerability that stems from improper privilege assignment, which can be exploited by an attacker to cause elevation of privilege...
CVE-2025-30143
Rule 3000216 before version 2 in Akamai App & API Protector with Akamai ASE before 2024-12-10 does not properly consider JavaScript variable assignment to built-in functions and properties...