11 matches found
Incorrect Permission Assignment for Critical Resource
Overview xmo/mine-core is a mineadmin core package Affected versions of this package are vulnerable to Incorrect Permission Assignment for Critical Resource due to login to the superAdmin account by using the default credentials. An attacker can execute arbitrary commands and gain full account...
EUVD-2023-42908
Malicious code in bioql PyPI...
CVE-2023-39173
In JetBrains TeamCity before 2023.05.2 a token with limited permissions could be used to gain full account access...
TeamCity Server < 2023.05.2 Multiple Vulnerabilities
According to its its self-reported version number, the version of JetBrains TeamCity running on the remote host is a version prior to 2023.05.2. It is, therefore, affected by multiple vulnerabilities: - In JetBrains TeamCity before 2023.05.2 a token with limited permissions could be used to gain...
JetBrains TeamCity elevation of privilege vulnerability (CNVD-2023-62626)
JetBrains TeamCity is a set of distributed build management and continuous integration tools from the Czech company JetBrains. The tool provides continuous unit testing, code quality analysis and build problem analysis reports and other features. A privilege vulnerability exists in JetBrains...
CVE-2023-39173
In JetBrains TeamCity before 2023.05.2 a token with limited permissions could be used to gain full account access...
CVE-2023-39173
In JetBrains TeamCity before 2023.05.2 a token with limited permissions could be used to gain full account access...
The vulnerability of the Grafana data visualization web tool, related to bypassing authentication through spoofing, allows attackers to gain full access to the user account.
The vulnerability of the Grafana data visualization web tool is related to the ability to bypass authentication through spoofing. Exploiting this vulnerability can allow a malicious actor to gain full access to the user account...
The vulnerability of the Samba network file system, related to errors during authentication procedures, allows a perpetrator to change the password of an arbitrary user and gain full access to that user’s account.
The vulnerability of the Samba network file system is related to errors during authentication procedures. Exploiting this vulnerability allows a malicious actor, operating remotely, to alter the password of an arbitrary user and gain full access to the account...
Zulip server authorization issue vulnerability
Zulip server is an open source team chat application from the American company Zulip. An authorization issue vulnerability exists in the new user registration process in Zulip server version 1.7.0 and later versions, which can be exploited by an attacker to gain full access to a user's account...
CVE-2018-18814
The TIBCO Spotfire authentication component of TIBCO Software Inc.'s TIBCO Spotfire Analytics Platform for AWS Marketplace, and TIBCO Spotfire Server contains a vulnerability in the handling of the authentication that theoretically may allow an attacker to gain full access to a target account,...