Mass Assignment Leading to (Limited) Password Confirmation Bypasses at UsersController

Description Hello there! Hope you are having an amazing day! 🤗 Just found out, while testing one of diaspora\ open servers, that the /user/edit endpoint has a limited case of "mass assignment", which enables an authenticated user to change their password and disable 2FA or change its secret witho...

Cross-site Scripting (XSS) - Stored

Description Stored XSS found due to long name summarize Proof of Concept 1.First, access the latest version of the demo environment. https://www.rosariosis.org/demonstration/index.php 2.Then log in with your teacher account teacher/teacher 3.After logging in, access to add an assignment. 4.Then...

Privilege Escalation

com.liferay.portal is vulnerable to privilege escalation. Remote authenticated attackers are able to gain access to view sensitive user information by accessing a list of sites and groups via the site membership assignment UI, due to improper validations of user permissions...

The vulnerability in the web interface of the Cisco Identity Services Engine, which allows a perpetrator to disclose protected information

The vulnerability of the Cisco Identity Services Engine’s network policy management web interface is related to the improper assignment of privileges. Exploiting this vulnerability could allow a malicious actor to disclose protected information...

Code injection

Liferay Portal 7.3.7, 7.4.0, and 7.4.1, and Liferay DXP 7.2 fix pack 13, and 7.3 fix pack 2 does not properly check user permission when accessing a list of sites/groups, which allows remote authenticated users to view sites/groups via the user's site membership assignment UI...

CVE-2022-22189

An Incorrect Ownership Assignment vulnerability in Juniper Networks Contrail Service Orchestration CSO allows a locally authenticated user to have their permissions elevated without authentication thereby taking control of the local system they are currently authenticated to. This issue affects:...

Design/Logic Flaw

An Incorrect Ownership Assignment vulnerability in Juniper Networks Contrail Service Orchestration CSO allows a locally authenticated user to have their permissions elevated without authentication thereby taking control of the local system they are currently authenticated to. This issue affects:...

CVE-2022-22189 Contrail Service Orchestration: An authenticated local user may have their permissions elevated via the device via management interface without authentication

An Incorrect Ownership Assignment vulnerability in Juniper Networks Contrail Service Orchestration CSO allows a locally authenticated user to have their permissions elevated without authentication thereby taking control of the local system they are currently authenticated to. This issue affects:...

The vulnerability of the avi.c component of the VLC Media Player allows a hacker to cause a service failure.

The vulnerability of the avi.c component of the VLC Media Player media player is related to pointer assignment errors. Exploiting this vulnerability allows a remote attacker to cause service interruptions...

Code injection

A vulnerability has been identified in SIMATIC Energy Manager Basic All versions V7.3 Update 1, SIMATIC Energy Manager PRO All versions V7.3 Update 1. Affected applications improperly assign permissions to critical directories and files used by the application processes. This could allow a local...

CVE-2022-1316

Incorrect Permission Assignment for Critical Resource in GitHub repository zerotier/zerotierone prior to 1.8.8. Local Privilege Escalation...

CVE-2022-1316

CVE-2022-1316 affects zerotier/zerotierone prior to 1.8.8, with Local Privilege Escalation caused by incorrect permission assignments on a critical resource (notably in Windows via DLL hijacking as per Huntr). Impact is local, requiring no user interaction, and confidentiality/integrity/availabil...

CVE-2022-1316 Incorrect Permission Assignment for Critical Resource in zerotier/zerotierone

Incorrect Permission Assignment for Critical Resource in GitHub repository zerotier/zerotierone prior to 1.8.8. Local Privilege Escalation...

CVE-2022-0556

A local privilege escalation vulnerability caused by incorrect permission assignment in some directories of the Zyxel AP Configurator ZAC version 1.1.4, which could allow an attacker to execute arbitrary code as a local administrator...

Privilege escalation

A local privilege escalation vulnerability caused by incorrect permission assignment in some directories of the Zyxel AP Configurator ZAC version 1.1.4, which could allow an attacker to execute arbitrary code as a local administrator...

CVE-2022-0556

A local privilege escalation vulnerability caused by incorrect permission assignment in some directories of the Zyxel AP Configurator ZAC version 1.1.4, which could allow an attacker to execute arbitrary code as a local administrator...

The vulnerability of the gf_dashSegmenter_probe_input function in the MP4Box module of the GPAC multimedia platform allows a intruder to cause a service failure.

The vulnerability of the gfdashsegmenterprobeinput function in the MP4Box component of the GPAC multimedia platform is related to pointer assignment errors. Exploiting this vulnerability allows a remote attacker to trigger a service failure using a specially created file...

Oracle Linux 7 / 8 : Unbreakable Enterprise kernel-container (ELSA-2022-9274)

The remote Oracle Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-9274 advisory. - KVM: x86/mmu: do compare-and-exchange of gPTE via the user address Paolo Bonzini Orabug: 34053807 CVE-2022-1158 - netfilter: nftables: initialize...

The vulnerability of the DumpTrackInfo function in the MP4Box command of the GPAC multimedia platform, related to pointer assignment errors, allows a violator to trigger a service failure.

The vulnerability of the DumpTrackInfo function in the MP4Box multimedia platform’s command is related to pointer assignment errors. Exploiting this vulnerability allows a remote attacker to trigger a service failure using a specially created file...

Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2022-9260)

The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-9260 advisory. - drm/i915: Flush TLBs before releasing backing store Tvrtko Ursulin Orabug: 33835812 CVE-2022-0330 - drm/i915: Reduce locking in execlist command...