EUVD-2022-36916

Malicious code in bioql PyPI...

CVE-2022-33877

An incorrect default permission CWE-276 vulnerability in FortiClient Windows versions 7.0.0 through 7.0.6 and 6.4.0 through 6.4.8 and FortiConverter Windows versions 6.2.0 through 6.2.1, 7.0.0 and all versions of 6.0.0 may allow a local authenticated attacker to tamper with files in the...

CVE-2022-26839

CVE-2022-26839 affects Delta Electronics DIAEnergie (all versions before 1.8.02.004). The flaw is an incorrect default permission in the DIAEnergie application that may allow an attacker to plant new files (e.g., DLLs) or replace existing executables. ICS advisory Update C notes fixes in version ...

CVE-2021-40415

An incorrect default permission vulnerability exists in the cgiserver.cgi cgicheckability functionality of reolink RLC-410W v3.0.0.13620121102. In cgicheckability the Format API does not have a specific case, the user permission will default to 7. This will give non-administrative users the...

CVE-2021-40415

CVE-2021-40415 concerns the Reolink RLC-410W (v3.0.0.136_20121102). The issue resides in the cgiserver.cgi function cgi_check_ability: several APIs (including most sensitive ones) have no explicit case, causing a default permission value of 7 to be applied. This allows a non-administrative (authe...

CVE-2021-40414

The CVE-2021-40414 issue affects Reolink RLC-410W (v3.0.0.136_20121102) where the cgiserver.cgi cgi_check_ability function lacks specific cases for certain API commands. As a result, a non-administrative user permission value of 7 can grant access to a broad set of APIs (e.g., SetMdAlarm, Upgrade...

Joomla Com_Ajax Component Jsnextfw Plugin Jform_Article Incorrect Default Permission Vulnerability

Exploit for php platform in category web applications Exploit Title : Joomla ComAjax Component Jsnextfw Plugin JformArticle Incorrect Default Permission Vulnerability Author Discovered By : KingSkrupellos from Cyberizm Digital Security Army Date : 24/10/2018 Vendor Homepage : joomla.org Tested On...