3966 matches found
CVE-2022-34737
The application security module has a vulnerability in permission assignment. Successful exploitation of this vulnerability may affect data integrity and confidentiality...
CVE-2022-34737
The application security module has a vulnerability in permission assignment. Successful exploitation of this vulnerability may affect data integrity and confidentiality...
Security feature bypass
The application security module has a vulnerability in permission assignment. Successful exploitation of this vulnerability may affect data integrity and confidentiality...
Oracle Linux 8 : go-toolset:ol8addon (ELSA-2022-17956)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-17956 advisory. go-toolset 1.18.3-1 - Update to golang 1.18.3 golang 1.18.3-1.0.1 - Rebase to 1.18.3 by adding upstream patches to the 1.18.0 openssl-fips - Modify...
CVE-2022-34737
CVE-2022-34737 affects Huawei HarmonyOS 2.0's application security module, with a vulnerability in permission assignment. The root cause is an incorrect privilege assignment in the module, which could allow an attacker to compromise data integrity and confidentiality. Connected sources (Red Hat, ...
CVE-2022-34737
The application security module has a vulnerability in permission assignment. Successful exploitation of this vulnerability may affect data integrity and confidentiality...
Distribution of reserved tokens may run out of gas
Lines of code Vulnerability details Impact If there are enough entries in the splits array, the function that distributes the reserved tokens will run out of gas, and the reserved tokens will be un-distributable until the current cycle is over, and the splits are changed. If cycles are long, the...
The splits configuration will become frozen once enough splits are added
Lines of code Vulnerability details Impact If there are enough entries in the splits array, the checks done to ensure existing locks are respected will cause attempts to change the split to revert, preventing the existing split assignment from changing. If the project has a lock with a long...
HUAWEI HarmonyOS security module authorization issue vulnerability
HUAWEI HarmonyOS is an operating system from Huawei, China HUAWEI. HUAWEI HarmonyOS version 2.0 contains an authorization issue vulnerability that stems from an incorrect privilege assignment in the application security module, which could be exploited by an attacker to cause the device to...
The vulnerability of the Android EMUI operating system and the HarmonyOS operating system, related to pointer assignment errors, allows attackers to trigger service interruptions.
The vulnerability of the Android EMUI operating system and the HarmonyOS operating system is related to pointer assignment errors. Exploiting this vulnerability can allow attackers to cause service failures...
HUAWEI HarmonyOS 安全漏洞
HUAWEI HarmonyOS is an operating system from Huawei, China HUAWEI. HUAWEI HarmonyOS version 2.0 contains an authorization issue vulnerability that stems from an incorrect privilege assignment in the application security module, which could be exploited by an attacker to cause the device to...
CVE-2022-2282
DO NOT USE THIS CANDIDATE NUMBER. Reason: This CVE has been rejected as it was incorrectly assigned. All references and descriptions in this candidate have been removed to prevent accidental usage...
CVE-2022-2282
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. Reason: This CVE has been rejected as it was incorrectly assigned. All references and descriptions in this candidate have been removed to prevent accidental usage...
Oracle Linux 8 : go-toolset:ol8 (ELSA-2022-5337)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-5337 advisory. delve 1.7.2-1.0.1 - Disable DWARF compression which has issues Alex Burmashev 1.7.2-1 - Rebase to 1.7.2 - Related: rhbz2014088 golang 1.17.10-1 - Rebas...
Design/Logic Flaw
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2013. Notes: none...
Parallels Desktop Updater Incorrect Permission Assignment Local Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the update...
The vulnerability in the web interface of the Cisco Identity Services Engine (ISE) management platform allows a perpetrator to disclose protected information.
The vulnerability in the web interface of the Cisco Identity Services Engine ISE management platform is related to the improper assignment of privileges. Exploiting this vulnerability can allow a malicious actor to disclose protected information...
The vulnerability of the authentication mechanism for software administrators of the ImageCast X device for marking ballots allows a perpetrator to escalate their privileges.
The vulnerability of the authentication mechanism for software administrators of the ImageCast X labeling device is related to privilege assignment errors. Exploiting this vulnerability can allow attackers to enhance their privileges...
ABB REX640 Incorrect Permission Assignment for Critical Resource (CVE-2022-1596)
Incorrect Permission Assignment for Critical Resource vulnerability in ABB REX640 PCL1, REX640 PCL2, REX640 PCL3 allows an authenticated attacker to launch an attack against the user database file and try to take control of an affected system node. - Incorrect Permission Assignment for Critical...
CVE-2022-1746 2.2.8 INCORRECT PRIVILEGE ASSIGNMENT CWE-266
The authentication mechanism used by poll workers to administer voting using the tested version of Dominion Voting Systems ImageCast X can expose cryptographic secrets used to protect election information. An attacker could leverage this vulnerability to gain access to sensitive information and...