15 matches found
Advisory ROSA-SA-2026-3308
CVE-ID: CVE-2020-24332 BDU-ID: None CVE-Crit: HIGH CVE-DESCRIPTION: The vulnerability in the tcsd daemon of the TrouSerS package relates to the possibility of attacks through symbolic links when creating the system.data file. It allows a local malicious actor tss user to create or damage arbitrar...
EUVD-2017-6758
Malware in sbrugna...
EUVD-2022-52387
Malicious code in bioql PyPI...
Huawei HarmonyOS 安全漏洞
Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. An improper access rights vulnerability exists in the Huawei HarmonyOS process management module, which can be exploited by an attacker to compromise...
Huawei HarmonyOS 安全漏洞
Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. An improper access rights vulnerability exists in the Huawei HarmonyOS HDC module, which can be exploited by an attacker to compromise service confidentialit...
CVE-2023-38557
A vulnerability has been identified in Spectrum Power 7 All versions V23Q3. The affected product assigns improper access rights to the update script. This could allow an authenticated local attacker to inject arbitrary code and escalate privileges...
The vulnerability of the command-line interface (CLI) of Juniper Networks’ Junos OS Evolved operating system, which allows a hacker to execute arbitrary commands.
The vulnerability of the command-line interface CLI of Juniper Networks’ Junos OS Evolved operating system is related to the improper assignment of access rights to critical resources. Exploiting this vulnerability allows an attacker to execute arbitrary commands...
CVE-2022-31465
A vulnerability has been identified in Xpedition Designer VX.2.10 All versions VX.2.10 Update 13, Xpedition Designer VX.2.11 All versions VX.2.11 Update 11, Xpedition Designer VX.2.12 All versions VX.2.12 Update 5, Xpedition Designer VX.2.13 All versions VX.2.13 Update 1. The affected application...
CVE-2021-37207
CVE-2021-37207 affects Siemens SENTRON powermanager V3 (All versions). The vulnerability arises from improper access rights on a folder containing configuration files, enabling an authenticated local attacker to inject arbitrary code and escalate privileges. Siemens released a patch for powermana...
The vulnerability of Firefox browser, related to the improper assignment of access rights for critical resources, allows attackers to gain unauthorized access to information.
The vulnerability of Firefox browsers is related to the improper assignment of access rights for critical resources. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain unauthorized access to information...
The vulnerability of Google Chrome, related to the improper assignment of access rights for critical resources, allows a perpetrator to gain unauthorized access to protected information and compromise its integrity and accessibility.
The vulnerability of Google Chrome relates to the improper assignment of access rights for a critical resource. Exploiting this vulnerability allows an attacker to gain unauthorized access to protected information and compromise its integrity and accessibility through a specially created HTML fil...
The vulnerability of Google Chrome, related to the improper assignment of access rights for critical resources, allows a perpetrator to gain unauthorized access to protected information and compromise its integrity and accessibility.
The vulnerability of Google Chrome relates to the improper assignment of access rights for a critical resource. Exploiting this vulnerability allows an attacker to gain unauthorized access to protected information and compromise its integrity and accessibility through a specially created HTML fil...
SEL Compass Elevation of Privilege Vulnerability
SEL Compass is an application for managing and updating SEL products from Schweitzer Engineering Laboratories SEL, USA. An elevation of privilege vulnerability exists in SEL Compass 3.0.5.1 and earlier versions, which arises from the program failing to properly set access rights and can be...
CVE-2017-15302
CVE-2017-15302 affects CPUID CPU-Z (Windows) up to version 1.81. The root cause is improper access rights to the kernel-mode driver (cpuz143_x64.sys) that allows an arbitrary read of any physical address via ioctl 0x9C402604 and the driver to map any physical page, returning the map page address ...
CVE-2017-15302
In CPUID CPU-Z through 1.81, there are improper access rights to a kernel-mode driver e.g., cpuz143x64.sys for version 1.43 that can result in information disclosure or elevation of privileges, because of an arbitrary read of any physical address via ioctl 0x9C402604. Any application running on t...