The vulnerability of the Android operating system from the CAF repository exists due to errors in pointer assignment, allowing attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the Android operating system from the CAF repository is related to errors in pointer assignment at certain times. Exploiting this vulnerability can allow a remote attacker to compromise the confidentiality, integrity, and accessibility of the protected information...

CVE-2017-12711

An Incorrect Privilege Assignment issue was discovered in Advantech WebAccess versions prior to V8.220170817. A built-in user account has been granted a sensitive privilege that may allow a user to elevate to administrative privileges...

CVE-2017-12713

An Incorrect Permission Assignment for Critical Resource issue was discovered in Advantech WebAccess versions prior to V8.220170817. Multiple files and folders with ACLs that affect other users are allowed to be modified by non-administrator accounts...

Privilege escalation

An Incorrect Privilege Assignment issue was discovered in Advantech WebAccess versions prior to V8.220170817. A built-in user account has been granted a sensitive privilege that may allow a user to elevate to administrative privileges...

CVE-2017-12711

CVE-2017-12711 affects Advantech WebAccess prior to V8.2_20170817. The root cause is an Incorrect Privilege Assignment where a built-in user account has been granted a sensitive privilege, potentially allowing elevation to administrative privileges. Impact is elevated access with high severity (p...

CVE-2017-12713

Advantech WebAccess before version V8.2_20170817 is affected by CVE-2017-12713: Incorrect Permission Assignment for Critical Resource, where non-administrator accounts can modify multiple files/folders with ACLs that affect other users. This is a local-privilege-escalation issue rooted in access ...

CVE-2017-12711

An Incorrect Privilege Assignment issue was discovered in Advantech WebAccess versions prior to V8.220170817. A built-in user account has been granted a sensitive privilege that may allow a user to elevate to administrative privileges...

CVE-2017-12713

An Incorrect Permission Assignment for Critical Resource issue was discovered in Advantech WebAccess versions prior to V8.220170817. Multiple files and folders with ACLs that affect other users are allowed to be modified by non-administrator accounts...

CVE-2015-5293

Red Hat Enterprise Virtualization Manager 3.6 and earlier gives valid SLAAC IPv6 addresses to interfaces when "boot protocol" is set to None, which might allow remote attackers to communicate with a system designated to be unreachable...

The vulnerability of the ReadOneJNGImage function in the coder/png.c file of the console image editing tool ImageMagick allows a hacker to cause a service failure.

The vulnerability of the ReadOneJNGImage function in the coder/png.c file of the console image editing tool ImageMagick is related to pointer assignment errors. Exploiting this vulnerability could allow a malicious actor to cause service interruptions using a specially crafted file...

Denial Of Service (DoS) Through Missing NULL Assignment

ImageMagick is vulnerable to denial of service DoS attacks. The attacks exist because coders/png.c is missing a NULL assignment, leading to bad free of memory in RelinquishMagickMemory in MagickCore/memory.c...

DEBIAN-CVE-2017-12671

In ImageMagick 7.0.6-3, a missing NULL assignment was found in coders/png.c, leading to an invalid free in the function RelinquishMagickMemory in MagickCore/memory.c, which allows attackers to cause a denial of service...

Design/Logic Flaw

In ImageMagick 7.0.6-3, a missing NULL assignment was found in coders/png.c, leading to an invalid free in the function RelinquishMagickMemory in MagickCore/memory.c, which allows attackers to cause a denial of service...

CVE-2017-12671

In ImageMagick 7.0.6-3, a missing NULL assignment was found in coders/png.c, leading to an invalid free in the function RelinquishMagickMemory in MagickCore/memory.c, which allows attackers to cause a denial of service...

Cross-site Request Forgery (CSRF)

Moodle is vulnerable to cross-site request forgery CSRF attacks. Leveraging a flaw in mod/assign/adminmanageplugins.php, attackers can hijack the authentication of administrators through requests that manage the Assignment plugins...

Bypass Intended Due-date Restrictions

Moodle is vulnerable to bypassing intended due-date restrictions. The vulnerability exists because savesubmission function in mod/assign/externallib.php fails to check due dates, allowing the students to add assignment beyond due dates...

Design/Logic Flaw

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2010. Notes: none...

Design/Logic Flaw

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2016. Notes: none...

CVE-2017-1000082

systemd v233 and earlier fails to safely parse usernames starting with a numeric digit e.g. "0day", running the service in question with root privileges rather than the user intended...

The vulnerability of the WideVine DRM component for the Android operating system allows a violator to gain access to local files.

The vulnerability of the WideVine DRM component for the Android operating system is related to pointer assignment errors. Exploiting this vulnerability could allow a malicious actor to gain access to local files remotely...