Lucene search
K

109 matches found

Fedora
Fedora
added 2023/04/17 1:22 a.m.15 views

[SECURITY] Fedora 38 Update: polkit-122-3.fc38.1

polkit is a toolkit for defining and handling authorizations. It is used for allowing unprivileged processes to speak to privileged processes...

6.7AI score
Exploits0
OSV
OSV
added 2023/04/05 9:30 p.m.20 views

GHSA-F8R8-H93M-MJ77 HashiCorp Nomad vulnerable to unauthenticated client agent HTTP request privilege escalation

HashiCorp Nomad and Nomad Enterprise versions 1.5.0 up to 1.5.2 allow unauthenticated users to bypass intended ACL authorizations for clusters where mTLS is not enabled. This issue is fixed in version 1.5.3...

8.8CVSS9.1AI score0.00759EPSS
Exploits0References3
OSV
OSV
added 2023/04/05 8:15 p.m.10 views

CVE-2023-1782

HashiCorp Nomad and Nomad Enterprise versions 1.5.0 up to 1.5.2 allow unauthenticated users to bypass intended ACL authorizations for clusters where mTLS is not enabled. This issue is fixed in version 1.5.3...

9.8CVSS9.5AI score
Exploits0References1
UbuntuCve
UbuntuCve
added 2023/04/05 8:15 p.m.25 views

CVE-2023-1782

HashiCorp Nomad and Nomad Enterprise versions 1.5.0 up to 1.5.2 allow unauthenticated users to bypass intended ACL authorizations for clusters where mTLS is not enabled. This issue is fixed in version 1.5.3...

9.9CVSS7.2AI score0.00759EPSS
Exploits0References3
Cvelist
Cvelist
added 2023/03/14 5:5 a.m.35 views

CVE-2023-27500 Directory Traversal vulnerability in SAP NetWeaver AS for ABAP and ABAP Platform

An attacker with non-administrative authorizations can exploit a directory traversal flaw in program SAPRSBRO to over-write system files. In this attack, no data can be read but potentially critical OS files can be over-written making the system unavailable...

9.6CVSS9.3AI score0.00982EPSS
Exploits0References2
OSV
OSV
added 2022/12/20 7:15 p.m.3 views

CVE-2022-43875

IBM Financial Transaction Manager for SWIFT Services for Multiplatforms 3.2.4 could allow an authenticated user to lock additional RM authorizations, resulting in a denial of service on displaying or managing these authorizations. IBM X-Force ID: 240034...

5.5CVSS5.9AI score0.00183EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2022/12/20 6:45 p.m.5 views

CVE-2022-43875 IBM Financial Transaction Manager for SWIFT Services for Multiplatforms denial of service

IBM Financial Transaction Manager for SWIFT Services for Multiplatforms 3.2.4 could allow an authenticated user to lock additional RM authorizations, resulting in a denial of service on displaying or managing these authorizations. IBM X-Force ID: 240034...

6.2CVSS6.2AI score0.00183EPSS
Exploits0References2
NVD
NVD
added 2022/08/31 11:15 p.m.45 views

CVE-2022-36051

ZITADEL combines the ease of Auth0 and the versatility of Keycloak.Actions, introduced in ZITADEL 1.42.0 on the API and 1.56.0 for Console, is a feature, where users with role.ORGOWNER are able to create Javascript Code, which is invoked by the system at certain points during the login. Actions,...

8.8CVSS0.00788EPSS
Exploits0References3
Prion
Prion
added 2022/08/31 11:15 p.m.24 views

Authorization

ZITADEL combines the ease of Auth0 and the versatility of Keycloak.Actions, introduced in ZITADEL 1.42.0 on the API and 1.56.0 for Console, is a feature, where users with role.ORGOWNER are able to create Javascript Code, which is invoked by the system at certain points during the login. Actions,...

6.5CVSS8.6AI score0.00788EPSS
Exploits0References3Affected Software1
CNVD
CNVD
added 2022/07/01 12:0 a.m.23 views

Tuleap Information Disclosure Vulnerability

Tuleap is an application lifecycle management system that facilitates agile software development, design projects, V-modeling, requirements management and IT service management. An information disclosure vulnerability exists in versions prior to Tuleap 13.9.99.58 that stems from not properly...

4.3CVSS4.2AI score0.0089EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2022/03/04 12:0 a.m.8 views

Fedora: Security Advisory for polkit (FEDORA-2022-5e6d5fe680)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

5.5CVSS6AI score0.0053EPSS
Exploits1References2
Fedora
Fedora
added 2022/03/03 3:50 p.m.34 views

[SECURITY] Fedora 34 Update: polkit-0.117-3.fc34.3

polkit is a toolkit for defining and handling authorizations. It is used for allowing unprivileged processes to speak to privileged processes...

5.5CVSS2.6AI score0.0053EPSS
Exploits1
OpenVAS
OpenVAS
added 2022/02/13 12:0 a.m.20 views

Huawei EulerOS: Security Advisory for polkit (EulerOS-SA-2022-1090)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS8.3AI score0.22193EPSS
Exploits37References4
Fedora
Fedora
added 2022/01/26 11:42 p.m.68 views

[SECURITY] Fedora 34 Update: polkit-0.117-3.fc34.2

polkit is a toolkit for defining and handling authorizations. It is used for allowing unprivileged processes to speak to privileged processes...

7.8CVSS2.6AI score0.94921EPSS
Exploits151
NVD
NVD
added 2021/11/10 4:15 p.m.23 views

CVE-2021-40504

A certain template role in SAP NetWeaver Application Server for ABAP and ABAP Platform - versions 700, 701, 702, 710, 711, 730, 731, 740, 750, 751, 752, 753, 754, 755, 756, contains transport authorizations, which exceed expected display only permissions...

4.9CVSS0.00612EPSS
Exploits0References2
OSV
OSV
added 2021/11/10 4:15 p.m.3 views

CVE-2021-40504

A certain template role in SAP NetWeaver Application Server for ABAP and ABAP Platform - versions 700, 701, 702, 710, 711, 730, 731, 740, 750, 751, 752, 753, 754, 755, 756, contains transport authorizations, which exceed expected display only permissions...

4.9CVSS7.1AI score0.00612EPSS
Exploits0References2
Prion
Prion
added 2021/11/10 4:15 p.m.19 views

Code injection

A certain template role in SAP NetWeaver Application Server for ABAP and ABAP Platform - versions 700, 701, 702, 710, 711, 730, 731, 740, 750, 751, 752, 753, 754, 755, 756, contains transport authorizations, which exceed expected display only permissions...

4CVSS5.2AI score0.00612EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2021/11/10 3:29 p.m.28 views

CVE-2021-40504

A certain template role in SAP NetWeaver Application Server for ABAP and ABAP Platform - versions 700, 701, 702, 710, 711, 730, 731, 740, 750, 751, 752, 753, 754, 755, 756, contains transport authorizations, which exceed expected display only permissions...

5.5AI score0.00612EPSS
Exploits0References2
Cvelist
Cvelist
added 2021/11/10 3:27 p.m.28 views

CVE-2021-40503

An information disclosure vulnerability exists in SAP GUI for Windows - versions 7.60 PL13, 7.70 PL4, which allows an attacker with sufficient privileges on the local client-side PC to obtain an equivalent of the user’s password. With this highly sensitive data leaked, the attacker would be able ...

7.1AI score0.00218EPSS
Exploits0References2
Fedora
Fedora
added 2021/11/08 1:15 a.m.13 views

[SECURITY] Fedora 33 Update: rpki-client-7.4-1.fc33

The OpenBSD rpki-client is a free, easy-to-use implementation of the Resource Public Key Infrastructure RPKI for Relying Parties RP to facilitate validation of the Route Origin of a BGP announcement. The program queries the RPKI repository system, downloads and validates Route Origin Authorisatio...

7AI score
Exploits0
Rows per page
Query Builder