Improper access control

Improper Control of Dynamically-Managed Code Resources in GitHub repository budibase/budibase prior to 1.3.20...

CVE-2022-3225 Improper Control of Dynamically-Managed Code Resources in budibase/budibase

Improper Control of Dynamically-Managed Code Resources in GitHub repository budibase/budibase prior to 1.3.20...

CVE-2022-3225

CVE-2022-3225 affects budibase/budibase prior to 1.3.20, described as Improper Control of Dynamically-Managed Code Resources with an associated access-control weakness. The public documents also annotate this as an Improper Access Control vulnerability (GHSA and related advisories). Root cause ci...

GHSA-2JV3-V37P-65W3 CrafterCMS Crafter Studio Improperly Controls Dynamically-Managed Code Resources

Improper Control of Dynamically-Managed Code Resources vulnerability in Crafter Studio of Crafter CMS allows authenticated developers to execute OS commands via FreeMarker SSTI...

GHSA-J6X3-3JQQ-M922 CrafterCMS OS Command Injection vulnerability

Improper Control of Dynamically-Managed Code Resources vulnerability in Crafter Studio of Crafter CMS allows authenticated developers to execute OS commands via Groovy Sandbox Bypass...

CVE-2022-40635

Improper Control of Dynamically-Managed Code Resources vulnerability in Crafter Studio of Crafter CMS allows authenticated developers to execute OS commands via Groovy Sandbox Bypass...

Design/Logic Flaw

Improper Control of Dynamically-Managed Code Resources vulnerability in Crafter Studio of Crafter CMS allows authenticated developers to execute OS commands via Groovy Sandbox Bypass...

CVE-2022-40635 Improper Control of Dynamically-Managed Code Resources in Crafter Studio

Improper Control of Dynamically-Managed Code Resources vulnerability in Crafter Studio of Crafter CMS allows authenticated developers to execute OS commands via Groovy Sandbox Bypass...

CVE-2022-40635

The CVE-2022-40635 entry describes an issue in Crafter CMS Crafter Studio titled “Improper Control of Dynamically-Managed Code Resources.” The connected advisories (e.g., GitHub GHSA-J6X3-3JQQ-M922 and OSV) reiterate that authenticated developers can execute operating system commands via a Groovy...

CVE-2022-40634

CVE-2022-40634 affects Crafter CMS Crafter Studio. The vulnerability arises from improper control of dynamically-managed code resources, enabling Server-Side Template Injection via FreeMarker (SSTI). Exploitation requires authenticated user credentials and can lead to OS command execution, as des...

PT-2022-25431 · Crafter Cms · Crafter Studio

Name of the Vulnerable Software and Affected Versions: Crafter Studio of Crafter CMS affected versions not specified Description: The issue allows authenticated developers to execute OS commands via FreeMarker SSTI due to improper control of dynamically-managed code resources. Recommendations: At...

GHSA-R6FX-55X3-F9X6 Crafter CMS Crafter Studio vulnerable to Improper Control of Dynamically-Managed Code Resources

Improper Control of Dynamically-Managed Code Resources vulnerability in Crafter Studio of Crafter CMS allows authenticated developers to execute OS commands via FreeMarker static methods...

Crafter CMS Crafter Studio vulnerable to Improper Control of Dynamically-Managed Code Resources

Improper Control of Dynamically-Managed Code Resources vulnerability in Crafter Studio of Crafter CMS allows authenticated developers to execute OS commands via FreeMarker static methods...

CVE-2021-23267

Improper Control of Dynamically-Managed Code Resources vulnerability in Crafter Studio of Crafter CMS allows authenticated developers to execute OS commands via FreeMarker static methods...

Design/Logic Flaw

Improper Control of Dynamically-Managed Code Resources vulnerability in Crafter Studio of Crafter CMS allows authenticated developers to execute OS commands via FreeMarker static methods...

CVE-2021-42809

Improper Access Control of Dynamically-Managed Code Resources DLL in Thales Sentinel Protection Installer could allow the execution of arbitrary code...

Improper access control

Improper Access Control of Dynamically-Managed Code Resources DLL in Thales Sentinel Protection Installer could allow the execution of arbitrary code...

CVE-2021-42809

Technical details about CVE-2021-42809 are not publicly provided in the supplied documents; no affected products, exact impact, or fixes are specified beyond the general description. Monitor for updates from vendors.

Thales Sentinel Protection Installer 访问控制错误漏洞

Thales Group Thales Sentinel Protection Installer is an integrated installer from Thales Group, France. The Thales Sentinel Protection Installer suffers from an access control error vulnerability that stems from improper access control to dynamically managed code resources DLLs in the Thales...

CVE-2021-22387

There is an Improper Control of Dynamically Managing Code Resources Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may allow attempts to remotely execute commands...