Lucene search
K

10 matches found

Cvelist
Cvelist
added 2023/11/01 5:12 p.m.16 views

CVE-2023-5765

Improper access control in the password analyzer feature in Devolutions Remote Desktop Manager 2023.2.33 and earlier on Windows allows an attacker to bypass permissions via data source switching...

9.8AI score0.00612EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2022/03/31 12:0 a.m.40 views

SUSE SLES15: python3-salt / salt / salt-api / salt-bash-completion / salt-cloud / etc (SUSE-SU-2022:1058-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:1058-1 advisory. - CVE-2022-22935: Sign authentication replies to prevent MiTM bsc1197417 - CVE-2022-22934: Sign pillar data to prevent MiTM attacks...

8.8CVSS6.8AI score0.01586EPSS
Exploits0References10
NVD
NVD
added 2021/05/28 2:15 p.m.35 views

CVE-2020-1729

A flaw was found in SmallRye's API through version 1.6.1. The API can allow other code running within the application server to potentially obtain the ClassLoader, bypassing any permissions checks that should have been applied. The largest threat from this vulnerability is a threat to data...

4.4CVSS0.00269EPSS
Exploits0References1
Prion
Prion
added 2019/09/27 6:15 p.m.24 views

Input validation

If a Content Security Policy CSP directive is defined that uses a hash-based source that takes the empty string as input, execution of any javascript: URIs will be allowed. This could allow for malicious JavaScript content to be run, bypassing CSP permissions. This vulnerability affects Firefox 6...

6.8CVSS6.7AI score0.01447EPSS
Exploits1References5Affected Software3
OpenVAS
OpenVAS
added 2018/04/30 12:0 a.m.10 views

Microsoft Windows 10: Restore files and directories

This security setting determines which users can bypass file, directory, registry, and other persistent object permissions when they restore backed up files and directories, and it determines which users can set valid security principals as the owner of an object. OpenVAS Vulnerability Test $Id:...

7.5AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2017/05/31 12:0 a.m.71 views

Ubuntu 14.04 LTS / 16.04 LTS : Sudo vulnerability (USN-3304-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-3304-1 advisory. It was discovered that Sudo did not properly parse the contents of /proc/pid/stat when attempting to determine its controlling tty. A local attacker i...

6.9CVSS7.3AI score0.08018EPSS
Exploits8References2
Prion
Prion
added 2016/11/04 10:59 a.m.11 views

Design/Logic Flaw

Exponent CMS 2.4 uses PHP reflection to call a method of a controller class, and then uses the method name to check user permission. But, the method name in PHP reflection is case insensitive, and Exponent CMS permits undefined actions to execute by default, so an attacker can use a capitalized...

5CVSS7.4AI score0.01406EPSS
Exploits0References2Affected Software1
Ubuntu
Ubuntu
added 2012/06/28 5:3 p.m.37 views

USN-1485-1: AccountsService vulnerability

Florian Weimer discovered that AccountsService incorrectly handled privileges when copying certain files to the system cache directory. A local attacker could exploit this issue to read arbitrary files, bypassing intended permissions...

1.9CVSS5.5AI score0.00364EPSS
Exploits1
Cvelist
Cvelist
added 2010/07/28 7:32 p.m.24 views

CVE-2010-2896

IBM FileNet Content Manager CM 4.0.0, 4.0.1, 4.5.0, and 4.5.1 before FP4 does not properly manage the InheritParentPermissions setting during an upgrade from 3.x, which might allow attackers to bypass intended folder permissions via unspecified vectors...

6.3AI score0.00907EPSS
Exploits0References3
Prion
Prion
added 2009/09/18 9:30 p.m.13 views

Design/Logic Flaw

vtiger CRM before 5.1.0 allows remote authenticated users to bypass the permissions on the 1 Account Billing Address and 2 Shipping Address fields in a profile by creating a Sales Order SO associated with that profile...

3.6CVSS6.8AI score0.00864EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder