3985 matches found
CVE-2022-1225 Incorrect Privilege Assignment in phpipam/phpipam
Incorrect Privilege Assignment in GitHub repository phpipam/phpipam prior to 1.4.6...
phpIPAM 安全漏洞
phpIPAM is an open source PHP and MySQL based IP address management application IPAM. A security vulnerability exists in versions prior to phpipam 1.4.6 that stems from incorrect privilege assignment in the application...
The vulnerability of the trak_box_size function in the MP4Box command of the GPAC multimedia platform allows a perpetrator to cause a service failure.
The vulnerability of the trakboxsize function in the MP4Box multimedia platform’s command set is related to pointer assignment errors. Exploiting this vulnerability allows a remote attacker to trigger a service failure using a specially created file...
CLSA-2022-1647550845 Fix of CVE: CVE-2021-21708
CVE-2021-21708: move releasing of zval, so it is released only after assignment of a new zval...
CLSA-2022-1647550779 Fix of CVE: CVE-2021-21708
CVE-2021-21708: move releasing of zval, so it will be after assigning a new zval...
CVE-2022-21946
A Incorrect Permission Assignment for Critical Resource vulnerability in the sudoers configuration in cscreen of openSUSE Factory allows any local users to gain the privileges of the tty and dialout groups and access and manipulate any running cscreen seesion. This issue affects: openSUSE Factory...
Code injection
A Incorrect Permission Assignment for Critical Resource vulnerability in the sudoers configuration in cscreen of openSUSE Factory allows any local users to gain the privileges of the tty and dialout groups and access and manipulate any running cscreen seesion. This issue affects: openSUSE Factory...
CVE-2022-21946 suddoers configuration for cscreen not restrictive enough
A Incorrect Permission Assignment for Critical Resource vulnerability in the sudoers configuration in cscreen of openSUSE Factory allows any local users to gain the privileges of the tty and dialout groups and access and manipulate any running cscreen seesion. This issue affects: openSUSE Factory...
CVE-2022-21946
CVE-2022-21946 is a local privilege vulnerability in openSUSE Factory cscreen caused by an incorrect permission assignment in the sudoers configuration, letting any local user gain tty and dialout group privileges and manipulate running cscreen sessions. Affected: cscreen versions 1.2–1.3 and ear...
CVE-2022-20051
In ims service, there is a possible unexpected application behavior due to incorrect privilege assignment. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06219127; Issue ID: ALPS06219127...
CVE-2022-20051
In ims service, there is a possible unexpected application behavior due to incorrect privilege assignment. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06219127; Issue ID: ALPS06219127...
CVE-2022-20051
In ims service, there is a possible unexpected application behavior due to incorrect privilege assignment. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06219127; Issue ID: ALPS06219127...
Privilege escalation
In ims service, there is a possible unexpected application behavior due to incorrect privilege assignment. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06219127; Issue ID: ALPS06219127...
CVE-2022-20051
In ims service, there is a possible unexpected application behavior due to incorrect privilege assignment. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06219127; Issue ID: ALPS06219127...
CVE-2022-20051
CVE-2022-20051 affects the ims service and is linked to incorrect privilege assignment that can cause unexpected application behavior and local denial of service without requiring user interaction or additional privileges. The vulnerability is mitigated by patch ALPS06219127 (Issue ALPS06219127);...
CVE-2021-4199
Incorrect Permission Assignment for Critical Resource vulnerability in the crash handling component BDReinit.exe as used in Bitdefender Total Security, Internet Security, Antivirus Plus, Endpoint Security Tools for Windows allows a remote attacker to escalate local privileges to SYSTEM. This issu...
Code injection
Incorrect Permission Assignment for Critical Resource vulnerability in the crash handling component BDReinit.exe as used in Bitdefender Total Security, Internet Security, Antivirus Plus, Endpoint Security Tools for Windows allows a remote attacker to escalate local privileges to SYSTEM. This issu...
CVE-2021-24977
The Use Any Font | Custom Font Uploader WordPress plugin before 6.2.1 does not have any authorisation checks when assigning a font, allowing unauthenticated users to sent arbitrary CSS which will then be processed by the frontend for all users. Due to the lack of sanitisation and escaping in the...
PT-2022-9543 · WordPress · Use Any Font | Custom Font Uploader
Name of the Vulnerable Software and Affected Versions: Use Any Font | Custom Font Uploader WordPress plugin versions prior to 6.2.1 Description: The issue allows unauthenticated users to send arbitrary CSS, which will be processed by the frontend for all users. This is due to the lack of...
CVE-2020-36516
An issue was discovered in the Linux kernel through 5.16.11. The mixed IPID assignment method with the hash-based IPID assignment policy allows an off-path attacker to inject data into a victim's TCP session or terminate that session...