124 matches found
CVE-2023-40076
In createPendingIntent of CredentialManagerUi.java, there is a possible way to access credentials from other users due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2023-40076
In createPendingIntent of CredentialManagerUi.java, there is a possible way to access credentials from other users due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
Cross site scripting
A vulnerability in the web-based management interface of a small subset of Cisco IP Phones could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against a user of the interface on an affected device. This vulnerability is due to insufficient validation ...
PT-2023-20556 · Watchguard · Watchguard Epdr
Name of the Vulnerable Software and Affected Versions: WatchGuard EPDR version 8.0.21.0002 Description: An issue was discovered due to a weak implementation of a password check, making it possible to obtain credentials to access the management console as a non-privileged user. Recommendations: Fo...
CVE-2023-40345
Jenkins Delphix Plugin 3.0.2 and earlier does not set the appropriate context for credentials lookup, allowing attackers with Overall/Read permission to access and capture credentials they are not entitled to...
CVE-2021-25748 Ingress-nginx `path` sanitization can be bypassed with newline character
A security issue was discovered in ingress-nginx where a user that can create or update ingress objects can use a newline character to bypass the sanitization of the spec.rules.http.paths.path field of an Ingress object in the networking.k8s.io or extensions API group to obtain the credentials of...
CVE-2023-31404
Under certain conditions, SAP BusinessObjects Business Intelligence Platform Central Management Service - versions 420, 430, allows an attacker to access information which would otherwise be restricted. Some users with specific privileges could have access to credentials of other users. It could...
CVE-2023-31404 Information Disclosure in SAP BusinessObjects Business Intelligence Platform (Central Management Service)
Under certain conditions, SAP BusinessObjects Business Intelligence Platform Central Management Service - versions 420, 430, allows an attacker to access information which would otherwise be restricted. Some users with specific privileges could have access to credentials of other users. It could...
Cross site scripting
In Zinc, versions v0.1.9 through v0.3.1 are vulnerable to Stored Cross-Site Scripting when using the delete template functionality. When an authenticated user deletes a template with a XSS payload in the name field, the Javascript payload will be executed and allow an attacker to access the user’...
Automattic: IDOR in API applications (able to see any API token, leads to account takeover)
Summary: Hi, @ehtis, thank you for the test account. Here is a critical report. : On Pressable, we can create API applications at https://my.pressable.com/api/applications, and we can access many things using the API token via following the API docs I created an API application and tried to updat...
PT-2022-23205 · Blue Prism · Blue Prism Enterprise
Name of the Vulnerable Software and Affected Versions: Blue Prism Enterprise versions 6.0 through 7.01 Description: The issue allows an authenticated user to reverse engineer the software and bypass access controls for an administrative function in a misconfigured environment where the Blue Prism...
Information disclosure
Information Exposure vulnerability in My Account Settings of Devolutions Remote Desktop Manager before 2022.1.8 allows authenticated users to access credentials of other users. This issue affects: Devolutions Remote Desktop Manager versions prior to 2022.1.8...
CVE-2022-2221
CVE-2022-2221 concerns an Information Exposure vulnerability in the Devolutions Remote Desktop Manager product. The issue affects versions prior to 2022.1.8 and resides in the My Account Settings area, where authenticated users could access credentials of other users. The connected documents conf...
PT-2022-3162 · Emerson · Emerson Openbsi
Name of the Vulnerable Software and Affected Versions: Emerson OpenBSI through 2022-04-29 Description: The issue is related to the use of weak cryptography in Emerson OpenBSI, an engineering environment for the ControlWave and Bristol Babcock line of RTUs. Specifically, DES with hardcoded...
Code injection
Jenkins Pipeline SCM API for Blue Ocean Plugin 1.25.3 and earlier allows attackers with Job/Configure permission to access credentials with attacker-specified IDs stored in the private per-user credentials stores of any attacker-specified user in Jenkins...
Improper Input Validation
A security issue was discovered in ingress-nginx where a user that can create or update ingress objects can use the spec.rules.http.paths.path field of an Ingress object in the networking.k8s.io or extensions API group to obtain the credentials of the ingress-nginx controller. In the default...
Information Disclosure
curl is vulnerable to information disclosure. The vulnerability exists due to improper security validations which allows an attacker to gain access to credentials of other servers...
PT-2022-18303 · Jenkins · Jenkins Release Helper Plugin +1
Name of the Vulnerable Software and Affected Versions: Jenkins Release Helper Plugin versions 1.3.3 and earlier Description: A missing permission check in the plugin allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials...
MongoDb For Vs Code 安全漏洞
MongoDb For Vs Code is for connecting to MongoDb and Atlas directly from a Vs Code environment, navigating databases and collections, examining the architecture and prototyping queries and aggregations using Playground. A security vulnerability in MongoDb For Vs Code, which arises from a user wit...
DEBIAN-CVE-2021-43057
An issue was discovered in the Linux kernel before 5.14.8. A use-after-free in selinuxptracetraceme aka the SELinux handler for PTRACETRACEME could be used by local attackers to cause memory corruption and escalate privileges, aka CID-a3727a8bac0a. This occurs because of an attempt to access the...