CVE-2024-47748

...

The vulnerability of HashiCorp’s Vault and Vault Enterprise storage platforms, which involve improper privilege assignment, allows attackers to escalate their privileges.

The vulnerability of the HashiCorp Vault and Vault Enterprise archiving platforms for corporate information lies in improper privilege assignment. Exploiting this vulnerability can allow a malicious actor, operating remotely, to enhance their privileges...

The vulnerability of the web server of the microprogramming software for communication modules of SIMATIC CP, TIM 1531 IRC, allows a perpetrator to cause service failures.

The vulnerability of the web server of the microprogramming software for communication modules of SIMATIC CP, TIM 1531 IRC, is related to errors in pointer assignment. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...

CVE-2024-20484

A vulnerability in the External Agent Assignment Service EAAS feature of Cisco Enterprise Chat and Email ECE could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to insufficient validation of Media Routing...

CVE-2024-20484

CVE-2024-20484 affects Cisco Enterprise Chat and Email (ECE) External Agent Assignment Service (EAAS). The root cause is insufficient validation of MR PIM traffic, allowing an unauthenticated remote attacker to trigger a MR PIM connection failure between ECE and Cisco Unified Contact Center Enter...

SUSE CVE-2024-49940

In the Linux kernel, the following vulnerability has been resolved: l2tp: prevent possible tunnel refcount underflow When a session is created, it sets a backpointer to its tunnel. When the session refcount drops to 0, l2tpsessionfree drops the tunnel refcount if session-tunnel is non-NULL...

Citrix Virtual Desktop - Printers cannot be created if one of printer server is offline

There are 2 printer servers, each with 6 printers. Apply the printers with Citrix policy "Printer Assignment". If one printer server is offline, other online printers cannot be created in the ICA session desktop...

CVE-2024-50506

CVE-2024-50506 affects WordPress Marketing Automation by AZEXO plugin (versions

PT-2024-34281 · Unknown · Matt Whiteman Bulk Change Role

Name of the Vulnerable Software and Affected Versions: Matt Whiteman Bulk Change Role versions n/a through 1.1 Description: The issue is related to an Incorrect Privilege Assignment vulnerability that allows Privilege Escalation in Matt Whiteman Bulk Change Role. Recommendations: For Matt Whitema...

WordPress plugin Marketing Automation by AZEXO 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...

PT-2024-34282 · Azexo · Marketing Automation

Name of the Vulnerable Software and Affected Versions: Marketing Automation by AZEXO versions 1.27.80 and earlier Description: The issue is related to an Incorrect Privilege Assignment, which allows Privilege Escalation. Recommendations: For versions 1.27.80 and earlier, at the moment, there is n...

WordPress plugin Bulk Change Role 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...

CVE-2024-50550

Incorrect Privilege Assignment vulnerability in LiteSpeed Technologies LiteSpeed Cache allows Privilege Escalation.This issue affects LiteSpeed Cache: from n/a through 6.5.1...

CVE-2024-50550 WordPress LiteSpeed Cache plugin <= 6.5.1 - Privilege Escalation vulnerability

Incorrect Privilege Assignment vulnerability in LiteSpeed Technologies LiteSpeed Cache litespeed-cache allows Privilege Escalation.This issue affects LiteSpeed Cache: from n/a through = 6.5.1...

CVE-2024-50485

Incorrect Privilege Assignment vulnerability in Udit Rawat Exam Matrix exam-matrix allows Privilege Escalation.This issue affects Exam Matrix: from n/a through = 1.5...

CVE-2024-50481

Incorrect Privilege Assignment vulnerability in stackthemes Bstone Demo Importer bstone-demo-importer allows Privilege Escalation.This issue affects Bstone Demo Importer: from n/a through = 1.0.1...

PT-2024-34258 · Unknown · Bstone Demo Importer

Name of the Vulnerable Software and Affected Versions: Bstone Demo Importer versions 1.0.1 and earlier Description: The issue is related to an Incorrect Privilege Assignment vulnerability, which allows for Privilege Escalation. Recommendations: For Bstone Demo Importer versions 1.0.1 and earlier,...

CVE-2022-30356

OvalEdge 5.2.8.0 and earlier is affected by a Privilege Escalation vulnerability via a POST request to /user/assignuserrole via the userid and role parameters . Authentication is required with OEADMIN role privilege...

CVE-2022-30356

OvalEdge 5.2.8.0 and earlier is affected by a Privilege Escalation vulnerability via a POST request to /user/assignuserrole via the userid and role parameters . Authentication is required with OEADMIN role privilege...

OvalEdge 安全漏洞

OvalEdge is a solution from US-based OvalEdge that helps users create, manage and use data from a variety of sources through AI and human intelligence. A security vulnerability exists in OvalEdge version 5.2.8.0 and earlier, which stems from a POST request to /user/assignuserrole via the userid a...