Lucene search
K

15 matches found

Rosalinux
Rosalinux
added 2026/06/01 12:20 p.m.43 views

Advisory ROSA-SA-2026-3308

CVE-ID: CVE-2020-24332 BDU-ID: None CVE-Crit: HIGH CVE-DESCRIPTION: The vulnerability in the tcsd daemon of the TrouSerS package relates to the possibility of attacks through symbolic links when creating the system.data file. It allows a local malicious actor tss user to create or damage arbitrar...

7.8CVSS5.9AI score0.00553EPSS
Exploits3
EUVD
EUVD
added 2025/10/07 12:30 a.m.8 views

EUVD-2017-6758

Malware in sbrugna...

7.8CVSS7.7AI score0.00379EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-52387

Malicious code in bioql PyPI...

7.8CVSS7.6AI score0.00162EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/03/04 12:0 a.m.5 views

Huawei HarmonyOS 安全漏洞

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. An improper access rights vulnerability exists in the Huawei HarmonyOS process management module, which can be exploited by an attacker to compromise...

6.8CVSS6.7AI score0.00098EPSS
Exploits1References3
CNNVD
CNNVD
added 2025/03/04 12:0 a.m.5 views

Huawei HarmonyOS 安全漏洞

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. An improper access rights vulnerability exists in the Huawei HarmonyOS HDC module, which can be exploited by an attacker to compromise service confidentialit...

6.2CVSS6.7AI score0.001EPSS
Exploits0References3
NVD
NVD
added 2023/09/14 11:15 a.m.30 views

CVE-2023-38557

A vulnerability has been identified in Spectrum Power 7 All versions V23Q3. The affected product assigns improper access rights to the update script. This could allow an authenticated local attacker to inject arbitrary code and escalate privileges...

8.2CVSS8.1AI score0.0015EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2023/07/06 12:0 a.m.5 views

The vulnerability of the command-line interface (CLI) of Juniper Networks’ Junos OS Evolved operating system, which allows a hacker to execute arbitrary commands.

The vulnerability of the command-line interface CLI of Juniper Networks’ Junos OS Evolved operating system is related to the improper assignment of access rights to critical resources. Exploiting this vulnerability allows an attacker to execute arbitrary commands...

7.3CVSS7.5AI score0.00182EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2022/06/14 10:15 a.m.3 views

CVE-2022-31465

A vulnerability has been identified in Xpedition Designer VX.2.10 All versions VX.2.10 Update 13, Xpedition Designer VX.2.11 All versions VX.2.11 Update 11, Xpedition Designer VX.2.12 All versions VX.2.12 Update 5, Xpedition Designer VX.2.13 All versions VX.2.13 Update 1. The affected application...

7.8CVSS5.9AI score0.00201EPSS
Exploits0References1
CVE
CVE
added 2021/11/09 11:32 a.m.45 views

CVE-2021-37207

CVE-2021-37207 affects Siemens SENTRON powermanager V3 (All versions). The vulnerability arises from improper access rights on a folder containing configuration files, enabling an authenticated local attacker to inject arbitrary code and escalate privileges. Siemens released a patch for powermana...

7.8CVSS7.6AI score0.0021EPSS
Exploits0References1Affected Software1
BDU FSTEC
BDU FSTEC
added 2020/04/27 12:0 a.m.6 views

The vulnerability of Firefox browser, related to the improper assignment of access rights for critical resources, allows attackers to gain unauthorized access to information.

The vulnerability of Firefox browsers is related to the improper assignment of access rights for critical resources. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain unauthorized access to information...

7.1CVSS7.1AI score0.01031EPSS
Exploits0References10Affected Software6
BDU FSTEC
BDU FSTEC
added 2020/04/23 12:0 a.m.4 views

The vulnerability of Google Chrome, related to the improper assignment of access rights for critical resources, allows a perpetrator to gain unauthorized access to protected information and compromise its integrity and accessibility.

The vulnerability of Google Chrome relates to the improper assignment of access rights for a critical resource. Exploiting this vulnerability allows an attacker to gain unauthorized access to protected information and compromise its integrity and accessibility through a specially created HTML fil...

9.3CVSS7.3AI score0.01434EPSS
Exploits0References11Affected Software5
BDU FSTEC
BDU FSTEC
added 2020/04/23 12:0 a.m.6 views

The vulnerability of Google Chrome, related to the improper assignment of access rights for critical resources, allows a perpetrator to gain unauthorized access to protected information and compromise its integrity and accessibility.

The vulnerability of Google Chrome relates to the improper assignment of access rights for a critical resource. Exploiting this vulnerability allows an attacker to gain unauthorized access to protected information and compromise its integrity and accessibility through a specially created HTML fil...

7.1CVSS7AI score0.01311EPSS
Exploits0References11Affected Software5
CNVD
CNVD
added 2018/07/11 12:0 a.m.3 views

SEL Compass Elevation of Privilege Vulnerability

SEL Compass is an application for managing and updating SEL products from Schweitzer Engineering Laboratories SEL, USA. An elevation of privilege vulnerability exists in SEL Compass 3.0.5.1 and earlier versions, which arises from the program failing to properly set access rights and can be...

8.8CVSS9.3AI score0.01641EPSS
Exploits0References1
CVE
CVE
added 2017/10/16 1:0 a.m.202 views

CVE-2017-15302

CVE-2017-15302 affects CPUID CPU-Z (Windows) up to version 1.81. The root cause is improper access rights to the kernel-mode driver (cpuz143_x64.sys) that allows an arbitrary read of any physical address via ioctl 0x9C402604 and the driver to map any physical page, returning the map page address ...

7.8CVSS7.1AI score0.00379EPSS
In wildExploits0References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2017/10/16 12:0 a.m.87 views

CVE-2017-15302

In CPUID CPU-Z through 1.81, there are improper access rights to a kernel-mode driver e.g., cpuz143x64.sys for version 1.43 that can result in information disclosure or elevation of privileges, because of an arbitrary read of any physical address via ioctl 0x9C402604. Any application running on t...

7.8CVSS2.9AI score0.00379EPSS
In wildExploits0References2
Rows per page
Query Builder