Lucene search
K

76 matches found

CVE
CVE
added 2022/02/04 10:29 p.m.66 views

CVE-2021-44204

The CVE-2021-44204 entry concerns a local privilege escalation via named pipes caused by improper access control checks. Affected Windows products and builds include: Acronis Cyber Protect 15 before 28035, Acronis Agent before 27147, Acronis Cyber Protect Home Office before 39612, and Acronis Tru...

7.8CVSS7.9AI score0.00197EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2021/07/07 12:0 a.m.6 views

PT-2021-16931 · Joomla · Joomla!

Name of the Vulnerable Software and Affected Versions: Joomla! versions 2.5.0 through 3.9.27 Description: An issue was discovered in the install action of com installer, where it lacks the required hardcoded ACL checks for superusers. However, a default system is not affected because the default...

7.5CVSS7.2AI score0.01209EPSS
Exploits0References6
Fedora
Fedora
added 2020/07/01 1:51 a.m.27 views

[SECURITY] Fedora 32 Update: lynis-3.0.0-1.fc32

Lynis is an auditing and hardening tool for Unix/Linux and you might even c all it a compliance tool. It scans the system and installed software. Then it performs many individual security control checks. It determines the hardeni ng state of the machine, detects security issues and provides...

4.2CVSS0.8AI score0.00365EPSS
Exploits0
Fedora
Fedora
added 2020/07/01 1:37 a.m.28 views

[SECURITY] Fedora 31 Update: lynis-3.0.0-1.fc31

Lynis is an auditing and hardening tool for Unix/Linux and you might even c all it a compliance tool. It scans the system and installed software. Then it performs many individual security control checks. It determines the hardeni ng state of the machine, detects security issues and provides...

4.2CVSS0.8AI score0.00365EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2020/04/01 1:53 a.m.31 views

CVE-2018-10919

The Samba Active Directory LDAP server was vulnerable to an information disclosure flaw because of missing access control checks. An authenticated attacker could use this flaw to extract confidential attribute values using LDAP search expressions...

6.5CVSS2.8AI score0.02195EPSS
Exploits0References2
CNVD
CNVD
added 2020/03/13 12:0 a.m.6 views

Joomla! access control error vulnerability (CNVD-2020-20997)

Joomla! is the U.S. Open Source Matters team of a set of PHP and MySQL development using open source , cross-platform content management system CMS. An access control error vulnerability exists in Joomla! versions 2.5.0 through 3.9.15, which stems from a failure to perform ACL checks for various...

7.5CVSS6.9AI score0.05578EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2019/12/04 12:0 a.m.34 views

EulerOS 2.0 SP2 : samba (EulerOS-SA-2019-2484)

According to the version of the samba packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - The Samba Active Directory LDAP server was vulnerable to an information disclosure flaw because of missing access control checks. An authenticated...

6.5CVSS6.7AI score0.02195EPSS
Exploits0References2
Prion
Prion
added 2019/11/14 9:15 p.m.21 views

Improper access control

An issue was discovered on Zyxel GS1900 devices with firmware before 2.50AAHH.0C0. Through an undocumented sequence of keypresses, undocumented functionality is triggered. A diagnostics shell is triggered via CTRL-ALT-t, which prompts for the password returned by fdssyspassDebugPasswdret. The...

6.4CVSS9.3AI score0.01323EPSS
Exploits1References2Affected Software9
Cvelist
Cvelist
added 2019/11/14 8:15 p.m.34 views

CVE-2019-15803

An issue was discovered on Zyxel GS1900 devices with firmware before 2.50AAHH.0C0. Through an undocumented sequence of keypresses, undocumented functionality is triggered. A diagnostics shell is triggered via CTRL-ALT-t, which prompts for the password returned by fdssyspassDebugPasswdret. The...

9.4AI score0.01323EPSS
Exploits1References2
BDU FSTEC
BDU FSTEC
added 2019/10/03 12:0 a.m.22 views

The vulnerability in the IOx application environment for the Cisco IOS operating system allows a hacker to elevate their privileges to the root level.

The vulnerability in the IOx application environment for the Cisco IOS operating system is related to errors during role-based access control checks. Exploiting this vulnerability allows a malicious actor to elevate their privileges to the root level...

9.9CVSS5.5AI score0.0235EPSS
Exploits0References2Affected Software1
Tenable Nessus
Tenable Nessus
added 2019/03/29 12:0 a.m.48 views

SUSE SLED15 / SLES15 Security Update : kernel (SUSE-SU-2019:0784-1)

The SUSE Linux Enterprise 15 kernel was updated to receive various security and bugfixes. The following security bugs were fixed : CVE-2019-2024: A use-after-free when disconnecting a source was fixed which could lead to crashes. bnc1129179. CVE-2019-9213: expanddownwards in mm/mmap.c lacks a che...

8.1CVSS6.4AI score0.16523EPSS
Exploits13References234
OpenVAS
OpenVAS
added 2019/02/19 12:0 a.m.45 views

openSUSE: Security Advisory for kernel (openSUSE-SU-2019:0203-1)

The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

8.1CVSS7.6AI score0.16523EPSS
Exploits7References2
Tenable Nessus
Tenable Nessus
added 2019/02/19 12:0 a.m.80 views

openSUSE Security Update : the Linux Kernel (openSUSE-2019-203)

The openSUSE Leap 15.0 kernel was updated to receive various security and bugfixes. The following security bugs were fixed : - CVE-2019-3459,CVE-2019-3460: Two information leaks in the bluetooth stack were fixed. bnc1120758. - CVE-2019-7221: A use-after-free in the KVM nVMX hrtimer was fixed...

8.1CVSS7.1AI score0.16523EPSS
Exploits7References73
Prion
Prion
added 2018/08/22 5:29 p.m.38 views

Information disclosure

The Samba Active Directory LDAP server was vulnerable to an information disclosure flaw because of missing access control checks. An authenticated attacker could use this flaw to extract confidential attribute values using LDAP search expressions. Samba versions before 4.6.16, 4.7.9 and 4.8.4 are...

4CVSS6.1AI score0.02195EPSS
Exploits0References7Affected Software3
OSV
OSV
added 2018/01/25 4:29 p.m.6 views

UBUNTU-CVE-2017-15365

sql/eventdataobjects.cc in MariaDB before 10.1.30 and 10.2.x before 10.2.10 and Percona XtraDB Cluster before 5.6.37-26.21-3 and 5.7.x before 5.7.19-29.22-3 allows remote authenticated users with SQL access to bypass intended access restrictions and replicate data definition language DDL statemen...

8.8CVSS7.4AI score0.03287EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2018/01/10 12:0 a.m.56 views

openSUSE Security Update : java-1_7_0-openjdk (openSUSE-2018-14)

This update for java-170-openjdk fixes the following issues : Security issues fixed : - CVE-2017-10356: Fix issue inside subcomponent Security bsc1064084. - CVE-2017-10274: Fix issue inside subcomponent Smart Card IO bsc1064071. - CVE-2017-10281: Fix issue inside subcomponent Serialization...

9.8CVSS7.6AI score0.16181EPSS
Exploits2References88
Tenable Nessus
Tenable Nessus
added 2017/08/18 12:0 a.m.51 views

Ubuntu 14.04 LTS : OpenJDK 7 vulnerabilities (USN-3396-1)

The remote Ubuntu 14.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3396-1 advisory. It was discovered that the JPEGImageReader class in OpenJDK would incorrectly read unused image data. An attacker could use this to specially construct a...

9.6CVSS7.7AI score0.05034EPSS
Exploits0References21
RedHat Linux
RedHat Linux
added 2017/08/14 9:48 a.m.5 views

OpenJDK: insufficient access control checks in XML transformations (JAXP, 8172469)

Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE subcomponent: JAXP. Supported versions that are affected are Java SE: 6u151, 7u141 and 8u131; Java SE Embedded: 8u131. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple...

9.6CVSS7.4AI score0.02555EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2017/07/26 12:0 a.m.85 views

Amazon Linux AMI : java-1.8.0-openjdk (ALAS-2017-860)

Incorrect enforcement of certificate path restrictions : It was discovered that the Security component of OpenJDK could fail to properly enforce restrictions defined for processing of X.509 certificate chains. A remote attacker could possibly use this flaw to make Java accept certificate using on...

9.6CVSS7.5AI score0.03524EPSS
Exploits0References18
Fedora
Fedora
added 2017/06/09 7:36 p.m.20 views

[SECURITY] Fedora 26 Update: lynis-2.5.0-1.fc26

Lynis is an auditing and hardening tool for Unix/Linux and you might even c all it a compliance tool. It scans the system and installed software. Then it performs many individual security control checks. It determines the hardeni ng state of the machine, detects security issues and provides...

7.8CVSS0.8AI score0.00426EPSS
Exploits0
Rows per page
Query Builder