3969 matches found
The vulnerability of the WS-Security plugin in the gSOAP software development environment allows a attacker to cause a service failure.
The vulnerability of the WS-Security plugin in the gSOAP software development environment is related to errors in pointer assignment during SOAP request processing. Exploiting this vulnerability allows an attacker to cause service failures by sending specially crafted HTTP requests...
CVE-2021-43065
A incorrect permission assignment for critical resource in Fortinet FortiNAC version 9.2.0, version 9.1.3 and below, version 8.8.9 and below allows attacker to gain higher privileges via the access to sensitive system data...
Code injection
A incorrect permission assignment for critical resource in Fortinet FortiNAC version 9.2.0, version 9.1.3 and below, version 8.8.9 and below allows attacker to gain higher privileges via the access to sensitive system data...
CVE-2021-43065
A incorrect permission assignment for critical resource in Fortinet FortiNAC version 9.2.0, version 9.1.3 and below, version 8.8.9 and below allows attacker to gain higher privileges via the access to sensitive system data...
CVE-2021-43065
CVE-2021-43065 affects Fortinet FortiNAC (versions 9.2.0, 9.1.3 and below, 8.8.9 and below). Root cause: incorrect permission assignment to a critical resource, enabling an attacker with access to sensitive system data to elevate privileges. Public references describe this as improper permissions...
CVE-2021-43065
A incorrect permission assignment for critical resource in Fortinet FortiNAC version 9.2.0, version 9.1.3 and below, version 8.8.9 and below allows attacker to gain higher privileges via the access to sensitive system data...
The vulnerability of the IPPUSB discriver, a traffic analyzer for computer networks by Wireshark, allows a hacker to cause a service failure.
The vulnerability of the IPPUSB discriver and the traffic analyzer for computer networks by Wireshark is related to pointer assignment errors. Exploiting this vulnerability can allow a malicious actor, operating remotely, to cause service failures by injecting specially created packets...
The vulnerability of the Modbus analyzer component in Wireshark allows a hacker to trigger a service failure.
The vulnerability of the Modbus analyzer component in Wireshark relates to pointer assignment errors. Exploiting this vulnerability can allow a malicious actor to cause service failures by injecting specially created packets...
The vulnerability of the Adobe Media Encoder application, related to the swapping of the zero pointer, allows a perpetrator to cause service interruptions.
The vulnerability of the Adobe Media Encoder application relates to the assignment of a zero pointer. Exploiting this vulnerability could allow an attacker to cause service interruptions...
Orangescrum 1.8.0 Privilege Escalation
Exploit Title: orangescrum 1.8.0 - Privilege escalation Authenticated Date: 07/10/2021 Exploit Author: Hubert Wojciechowski Contact Author: [email protected] Company: https://redteam.pl Vendor Homepage: https://www.orangescrum.org/ Software Link: https://www.orangescrum.org/ Version: 1.8.0 Teste...
CVE-2021-28707
PoD operations on misaligned GFNs This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. x86 HVM and PVH guests may be started in populate-on-demand PoD mode, to provide a way for them to later easily have more memory assigne...
CVE-2018-13944
CVE-2018-13944 entry is rejected and not used; it does not represent an active vulnerability.
CVE-2021-26248
Philips MRI 1.5T and MRI 3T Version 5.x.x assigns an owner who is outside the intended control sphere to a resource...
CVE-2021-26248
Philips MRI 1.5T and MRI 3T Version 5.3 through 5.8.1 does not restrict or incorrectly restricts access to a resource from an unauthorized actor...
CVE-2021-26248 Philips MRI 1.5T and 3T Incorrect Ownership Assignment
Philips MRI 1.5T and MRI 3T Version 5.3 through 5.8.1 does not restrict or incorrectly restricts access to a resource from an unauthorized actor...
The vulnerability of the Windows Hyper-V Discrete Device Assignment (DDA) component of the operating system allows a hacker to trigger a service failure.
The vulnerability of the Windows Hyper-V Discrete Device Assignment DDA component of the operating system exists due to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to cause a service failure...
in janeczku/calibre-web
Description A user with no permissions about public shelves can edit his own private shelf making it public. This vulnerability is called Mass Assignment. Proof of Concept The file shelf.py at line 247 sets as public every shelf to be edited, so if the user injects the parameter ispublic=on in th...
setGuardian() Wrong implementation
Handle WatchPug Vulnerability details function setGuardianaddress guardian external onlyGovernance; governance = guardian; function setGuardianaddress guardian external onlyGovernance; governance = guardian; governance = guardian should be guardian = guardian. --- The text was updated successfull...
Samba Security Vulnerability (CVE-2013-0454)
A share configuration Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute it and/or modify i...
CVE-2021-42274
Windows Hyper-V Discrete Device Assignment DDA Denial of Service Vulnerability...