Lucene search
K

435 matches found

BDU FSTEC
BDU FSTEC
added 2024/08/05 12:0 a.m.7 views

The vulnerability of the adminPushRules function in the Project-level Deploy Token Handler component of the software platform based on Git, which facilitates collaborative code development in GitLab. This vulnerability allows a malicious user to create deployment tokens at the project level.

The vulnerability of the adminPushRules function in the Project-level Deploy Token Handler component of the software platform based on Git for collaborative code development on GitLab is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor to crea...

5.5CVSS5.5AI score0.00328EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/08/01 12:0 a.m.7 views

The vulnerability of the Canvas component in Google Chrome and Microsoft Edge browsers allows attackers to gain unauthorized access to limited functionality.

The vulnerability of the Canvas component in Google Chrome and Microsoft Edge is related to deficiencies in access control. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to limited functionality...

10CVSS5.4AI score
Exploits0References9Affected Software4
BDU FSTEC
BDU FSTEC
added 2024/07/31 12:0 a.m.5 views

The vulnerability of the Programming Software Connection component of AutomationDirect P3-550E allows a intruder to gain unauthorized access to protected information.

The vulnerability of the Programming Software Connection component of AutomationDirect P3-550E microprogrammed logic controllers is related to lack of access control measures. Exploiting this vulnerability could allow an attacker to gain access to confidential information...

7.8CVSS5.4AI score0.0096EPSS
Exploits1References5Affected Software6
BDU FSTEC
BDU FSTEC
added 2024/07/24 12:0 a.m.9 views

The vulnerability of the Bitbucket Credentials Handler component of the Git-based software platform allows a hacker to gain control of a GitLab account associated with a Bitbucket account of another user, provided that Bitbucket is used as an OAuth 2.0 provider in GitLab.

The vulnerability of the Bitbucket Credentials Handler component of the Git-based software platform for collaborative code development on GitLab is related to inadequate access control mechanisms. Exploiting this vulnerability could allow a malicious actor to gain control over a GitLab account...

8.5CVSS5.5AI score0.14903EPSS
Exploits1References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/07/17 12:0 a.m.7 views

The vulnerability of the IBM Security Guardium information protection tool lies in its lack of access control mechanisms, allowing attackers to enhance their privileges.

The vulnerability of the IBM Security Guardium security tool is related to deficiencies in access control. Exploiting this vulnerability could allow attackers to enhance their privileges...

7.8CVSS5.5AI score0.00193EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/07/15 12:0 a.m.7 views

The vulnerability in the exec-path configuration of the dockerd daemon on the Docker Desktop operating system for development and container application delivery platforms allows a attacker to trigger a service failure.

The vulnerability of the exec-path configuration in the dockerd daemon of the Docker Desktop operating system for container application development and delivery involves deficiencies in access control. Exploiting this vulnerability could allow an attacker to cause service failures...

6.1CVSS6.7AI score0.00374EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/07/12 12:0 a.m.7 views

The vulnerability of Netgear WNR614 N300 Wi-Fi router’s microprogramming software, related to permission processing errors, allows a intruder to gain unauthorized access to protected information.

The vulnerability of Netgear WNR614 N300 Wi-Fi router’s microprogramming software is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to gain unauthorized access to protected information...

5.5CVSS5.5AI score0.00335EPSS
Exploits1References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/07/10 12:0 a.m.7 views

The vulnerability of Kubernetes cluster extensions that support Azure Arc, related to access control deficiencies, allows attackers to escalate their privileges.

The vulnerability of Kubernetes cluster extensions that support Azure Arc is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor to increase their privileges remotely...

6.2CVSS7.7AI score0.00888EPSS
Exploits0References2Affected Software7
BDU FSTEC
BDU FSTEC
added 2024/06/21 12:0 a.m.6 views

The vulnerability of the Adobe Experience Manager (AEM) content and media data management system, related to inadequate access control mechanisms, allows attackers to circumvent existing security restrictions.

The vulnerability of the Adobe Experience Manager AEM content and media data management system is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor to circumvent existing security restrictions remotely...

7.8CVSS5.5AI score0.00882EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2024/06/03 7:5 p.m.32 views

CVE-2024-31684

Incorrect access control in the fingerprint authentication mechanism of Bitdefender Mobile Security v4.11.3-gms allows attackers to bypass fingerprint authentication due to the use of a deprecated API...

6.8AI score0.0023EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2024/05/27 12:0 a.m.8 views

The vulnerability of the vbluetooth components in VMware Fusion and Vmware Workstation allows a hacker to gain unauthorized access to protected information.

The vulnerability of the vbluetooth components in VMware Fusion and Vmware Workstation is related to lack of access control mechanisms. Exploiting this vulnerability can allow an intruder to gain unauthorized access to protected information...

7.1CVSS6.5AI score0.00505EPSS
Exploits0References3Affected Software2
BDU FSTEC
BDU FSTEC
added 2024/05/15 12:0 a.m.6 views

Vulnerability of the Server component: The DML of the Oracle MySQL Server database management system, which allows a hacker to cause a service failure.

The vulnerability of the Oracle MySQL Server component is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker to cause service interruptions using the MySQL protocol...

6.1CVSS6.2AI score0.00986EPSS
Exploits0References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/05/15 12:0 a.m.5 views

Vulnerability of the Server component: The DML of the Oracle MySQL Server database management system, which allows a hacker to cause a service failure.

The vulnerability of the Oracle MySQL Server component is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker to cause service interruptions using the MySQL protocol...

6.1CVSS6.2AI score0.00962EPSS
Exploits0References5Affected Software1
Positive Technologies
Positive Technologies
added 2024/04/16 12:0 a.m.5 views

PT-2024-3488 · Brocade · Brocade Sannav

Name of the Vulnerable Software and Affected Versions: Brocade SANnav versions affected versions not specified Description: The issue is related to inadequate access control in the software, which could allow a remote attacker to impact the confidentiality, integrity, and availability of protecte...

7.7CVSS7AI score0.00848EPSS
Exploits0References12
Positive Technologies
Positive Technologies
added 2024/04/09 12:0 a.m.8 views

PT-2024-2831 · Microsoft · Defender For Iot

Name of the Vulnerable Software and Affected Versions: Microsoft Defender for IoT affected versions not specified Description: The issue is related to insufficient access control in Microsoft Defender for IoT, which could allow a remote attacker to elevate their privileges. Recommendations: At th...

9CVSS8.9AI score0.02291EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2024/04/02 12:0 a.m.9 views

The vulnerability of the command-line interface (CLI) of Cisco IOS XE wireless access controller devices allows attackers to increase their privileges.

The vulnerability of the command-line interface CLI of Cisco IOS XE wireless LAN controller systems is related to deficiencies in access control due to the use of the show and show tech wireless commands in WLAN configuration. Exploiting this vulnerability can allow an attacker to increase their...

5.5CVSS5.5AI score0.00146EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2024/03/29 7:5 p.m.27 views

GHSA-CJ3C-5XPM-CX94 Kimai API returns timesheet entries a user should not be authorized to view

Summary The permission viewothertimesheet performs differently for the Kimai UI and the API, thus returning unexpected data through the API. Details When setting the viewothertimesheet permission to true, on the frontend, users can only see timesheet entries for teams they are a part of. When...

6.8CVSS6.3AI score0.00644EPSS
Exploits1References4
Github Security Blog
Github Security Blog
added 2024/03/29 7:5 p.m.46 views

Kimai API returns timesheet entries a user should not be authorized to view

Summary The permission viewothertimesheet performs differently for the Kimai UI and the API, thus returning unexpected data through the API. Details When setting the viewothertimesheet permission to true, on the frontend, users can only see timesheet entries for teams they are a part of. When...

6.8CVSS6.3AI score0.00644EPSS
Exploits1References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/02/12 12:0 a.m.5 views

The vulnerability of the Kernel-mode operating system driver in Windows allows a hacker to increase their privileges.

The vulnerability of the Kernel-mode operating system drivers in Windows is related to deficiencies in access control. Exploiting this vulnerability can allow an attacker to enhance their privileges...

7.8CVSS7.3AI score0.00757EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/02/06 12:0 a.m.4 views

Qualcomm Chipsets Security Vulnerability

Qualcomm Chipsets are a family of chipsets from Qualcomm Incorporated USA. A security vulnerability exists in Qualcomm Chipsets that stems from improper access control in HAB leading to memory corruption in automotive multimedia...

8.4CVSS6.9AI score0.00097EPSS
Exploits0References2
Rows per page
Query Builder