The vulnerability of the ACL-policy search mechanism based on application prefixing by the Nomad orchestrator allows attackers to bypass existing security mechanisms.

The vulnerability of the ACL-policy-based search mechanism of the Nomad application lies in the improper assignment of access control rules. Exploiting this vulnerability allows a malicious actor to bypass existing security mechanisms by creating tasks with special prefix names...

WordPress plugin wpForo Forum 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

The vulnerability of Zoom video conferencing software, related to improper assignment of ownership rights, allows a violator to disclose protected information.

The vulnerability of Zoom video conferencing software is related to the improper assignment of ownership rights. Exploiting this vulnerability can allow a malicious actor to disclose protected information remotely...

CVE-2024-20431

A vulnerability in the geolocation access control feature of Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to bypass an access control policy. This vulnerability is due to improper assignment of geolocation data. An attacker could exploit this...

The vulnerability of the MarkStack JavaScript script handler component in the Mozilla Firefox browser allows a hacker to trigger a service failure.

The vulnerability of the MarkStack JavaScript script handler component in Mozilla Firefox relates to access to an uninitialized pointer due to incorrect use of the assignment operator. Exploiting this vulnerability could allow a remote attacker to cause a service failure...

CVE-2024-20322

A vulnerability in the access control list ACL processing on Pseudowire interfaces in the ingress direction of Cisco IOS XR Software could allow an unauthenticated, remote attacker to bypass a configured ACL. This vulnerability is due to improper assignment of lookup keys to internal interface...

CVE-2024-20315

A vulnerability in the access control list ACL processing on MPLS interfaces in the ingress direction of Cisco IOS XR Software could allow an unauthenticated, remote attacker to bypass a configured ACL. This vulnerability is due to improper assignment of lookup keys to internal interface contexts...

CVE-2024-20322

A vulnerability in the access control list ACL processing on Pseudowire interfaces in the ingress direction of Cisco IOS XR Software could allow an unauthenticated, remote attacker to bypass a configured ACL. This vulnerability is due to improper assignment of lookup keys to internal interface...

CVE-2024-20322

A vulnerability in the access control list ACL processing on Pseudowire interfaces in the ingress direction of Cisco IOS XR Software could allow an unauthenticated, remote attacker to bypass a configured ACL. This vulnerability is due to improper assignment of lookup keys to internal interface...

Microsoft Windows Resilient File System (ReFS) Elevation of Privilege Vulnerability

Microsoft Windows Resilient File System ReFS is a resilient file system from Microsoft Corporation USA.An elevation of privilege vulnerability exists in Microsoft Windows Resilient File System ReFS, which stems from an improper assignment of privileges in an application. An attacker could exploit...

Microsoft Windows Storage Elevation of Privilege Vulnerability

Microsoft Windows Storage is an elevation of privilege vulnerability in Microsoft Windows Storage, which results from the improper assignment of privileges to applications and can be exploited by attackers to cause an elevation of privilege...

Microsoft Windows DHCP Client 安全漏洞

Microsoft Windows is a set of operating systems for personal devices from Microsoft Corporation USA.An elevation of privilege vulnerability exists in Microsoft Windows DHCP Client, which stems from improper privilege assignment in the application and can be exploited by an attacker to cause an...