3 matches found
CVE-2023-21174
In isPageSearchEnabled of BillingCycleSettings.java, there is a possible way for the guest user to change data limits due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
DEBIAN-CVE-2010-2242
Red Hat libvirt 0.2.0 through 0.8.2 creates iptables rules with improper mappings of privileged source ports, which allows guest OS users to bypass intended access restrictions by leveraging IP address and source-port values, as demonstrated by copying and deleting an NFS directory tree...
CVE-2007-5987
The CVE-2007-5987 issue affects BtiTracker prior to 1.4.5. It allows remote attackers to bypass access protections via direct requests to details.php when guest torrent viewing is disabled, enabling reading torrent details and potentially modifying a torrent owned by a guest. Root cause is improp...