Lucene search
K

29 matches found

OSV
OSV
added 2024/08/17 9:15 a.m.2 views

DEBIAN-CVE-2024-42312

In the Linux kernel, the following vulnerability has been resolved: sysctl: always initialize iuid/igid Always initialize iuid/igid inside the sysfs core so setownership can safely skip setting them. Commit 5ec27ec735ba "fs/proc/procsysctl.c: fix the default values of iuid/igid on /proc/sys...

5.5CVSS5.4AI score0.00216EPSS
Exploits0References1
RedHat Linux
RedHat Linux
added 2024/08/08 4:53 a.m.4 views

kernel: usb: typec: altmodes/displayport: create sysfs nodes as driver's default device attribute group

In the Linux kernel, the following vulnerability has been resolved: usb: typec: altmodes/displayport: create sysfs nodes as driver's default device attribute group The DisplayPort driver's sysfs nodes may be present to the userspace before typecaltmodesetdrvdata completes in dpaltmodeprobe. This...

5.5CVSS6.7AI score0.00225EPSS
Exploits0References5
OSV
OSV
added 2024/01/29 7:15 p.m.3 views

CVE-2023-22836

In cases where a multi-tenant stack user is operating Foundry’s Linter service, and the user changes a group name from the default value, the renamed value may be visible to the rest of the stack’s tenants...

5.4CVSS5.7AI score0.00259EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/01/29 12:0 a.m.7 views

Palantir Foundry Security Breach

Palantir Foundry is a business process management platform from US-based Palantir. A security vulnerability exists in Palantir Foundry Guardian versions prior to 2.278.0. An attacker who exploited the vulnerability to change the group name of a default value, the renamed value could be visible to...

5.4CVSS6.6AI score0.00259EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/10/18 12:0 a.m.6 views

Advantech R-SeeNet 安全漏洞

Advantech R-SeeNet is an industrial monitoring software from Advantech, China. An information disclosure vulnerability exists in Advantech R-SeeNet, which can be exploited by an attacker to obtain login credentials and the default SNMP group string from the snmpmon.ini file and use this informati...

9.8CVSS6.2AI score0.16652EPSS
Exploits1References2
Prion
Prion
added 2020/06/24 3:15 p.m.22 views

Design/Logic Flaw

ExpressionEngine before 5.3.2 allows remote attackers to upload and execute arbitrary code in a .php%20 file via Compose Msg, Add attachment, and Save As Draft actions. A user with low privileges member is able to upload this. It is possible to bypass the MIME type check and file-extension check...

6.5CVSS9.1AI score0.0435EPSS
Exploits1References2Affected Software1
CNVD
CNVD
added 2016/09/20 12:0 a.m.1 views

SNMP Default Group Name Vulnerability in Fibre Channel Switch SW200 Devices

This product is a Fibre Channel switch. An SNMP default group name vulnerability exists in the Fibre Channel Switch SW200 device. An attacker can exploit the vulnerability to obtain sensitive system information, posing information leakage and operational security risks...

6.5AI score
Exploits0References1
OSV
OSV
added 2013/08/30 5:23 p.m.4 views

MGASA-2013-0263 Updated 389-ds-base packag fixes security vulnerabilies and incorrect group usage

Updated 389-ds-base packages fix security vulnerabilities: It was discovered that the 389 Directory Server did not honor defined attribute access controls when evaluating search filter expressions. A remote attacker with permission to query the Directory Server could use this flaw to determine th...

5CVSS6.3AI score0.02427EPSS
Exploits0References5
Oracle linux
Oracle linux
added 2013/02/27 12:0 a.m.40 views

ipa security, bug fix and enhancement update

3.0.0-25.el6 - Filter generated winbind dependencies so the right version of samba can be installed. 905594 3.0.0-24.el6 - Add certmonger condrestart to server post scriptlet 903758 - Make certmonger a pre Requires 903758 - Add selinux-policy to Requirespre to avoid post scriptlet AVCs 903758 - S...

7.9CVSS9.1AI score0.01838EPSS
Exploits0
Rows per page
Query Builder