Siemens RUGGEDCOM 安全漏洞

Siemens RuggedCom ROS is an operating system from Siemens, Germany, used in the RuggedCom series of switches. An incorrect privilege assignment vulnerability exists in Siemens RUGGEDCOM ROS, which can be exploited by an attacker to create a remote shell for an affected system...

Siemens SINEMA Remote Connect Server 安全漏洞

Siemens SINEMA Remote Connect Server is a remote network management platform from Siemens, Germany. The platform is used to remotely access, maintain, control and diagnose the underlying network. Siemens SINEMA Remote Connect Server suffers from an incorrect assignment of critical resource...

PT-2024-5003 · Dell · Dell Powerscale Onefs

Name of the Vulnerable Software and Affected Versions: Dell PowerScale OneFS versions 8.2.2.x through 9.8.0.0 Description: The issue is related to an incorrect privilege assignment, which could be exploited by a high-privileged attacker with local access. This could lead to Denial of service and...

esMind MosP 安全漏洞

esMind MosP is an open source attendance management system from esMind. A security vulnerability exists in esMind MosP kintai kanri 4.6.6 and prior versions, which stems from incorrect privilege assignments and could allow an unauthenticated, remote attacker with privileged access to the product ...

SUSE CVE-2024-1936

The encrypted subject of an email message could be incorrectly and permanently assigned to an arbitrary other email message in Thunderbird's local cache. Consequently, when replying to the contaminated email message, the user might accidentally leak the confidential subject to a third-party. Whil...

PT-2024-3070

Name of the Vulnerable Software and Affected Versions Check Point ZoneAlarm Extreme Security NextGen affected versions not specified Check Point Identity Agent for Windows affected versions not specified Check Point Identity Agent for Windows Terminal Server affected versions not specified...

Siemens Spectrum Power 安全漏洞

Spectrum Power 7 provides the essential components of SCADA, communications and data modeling for control and monitoring systems. Application suites can be added to optimize network and generation management in all areas of energy management. Siemens Spectrum Power 7 suffers from a misassigned...

CVE-2023-51433

Some Honor products are affected by incorrect privilege assignment vulnerability, successful exploitation could cause information leak...

CVE-2023-23438

Some Honor products are affected by incorrect privilege assignment vulnerability, successful exploitation could cause device service exceptions...

CVE-2023-23429

Some Honor products are affected by incorrect privilege assignment vulnerability, successful exploitation could cause device service exceptions...

Honor LGE-AN00 Security Vulnerability

Honor LGE-AN00 is a smartphone from China-based Honor Honor. The Honor LGE-AN00 suffers from a security vulnerability that stems from a misassignment of privileges vulnerability, which can be successfully exploited to cause the device to service abnormality...

PT-2023-18936

Name of the Vulnerable Software and Affected Versions Honor products affected versions not specified Description The issue is related to incorrect privilege assignment, which could lead to device service exceptions if successfully exploited. Recommendations At the moment, there is no information...

CVE-2023-41806 Misassignment of privileges can cause DOS attack

Improper Privilege Management vulnerability in Pandora FMS on all allows Privilege Escalation. This vulnerability causes that a bad privilege assignment could cause a DOS attack that affects the availability of the Pandora FMS server. This issue affects Pandora FMS: from 700 through 773...

The vulnerability of the Cisco Application Policy Infrastructure Controller, related to the improper assignment of permissions to critical resources, allows a perpetrator to read, modify, or delete access policies for arbitrary users.

The vulnerability of the Cisco Application Policy Infrastructure Controller in the information infrastructure management system is related to the improper assignment of permissions for critical resources. Exploiting this vulnerability allows a malicious actor to remotely read, modify, or delete...

IBM Robotic Process Automation 安全漏洞

IBM Robotic Process Automation is a robotic process automation product from International Business Machines IBM. It helps you automate more business and IT processes at scale with the ease and speed of traditional RPA. A security vulnerability exists in IBM Robotic Process Automation versions...

The vulnerability of the SCADA system SIMATIC WinCC, related to the incorrect assignment of permissions for critical resources, allows a intruder to execute arbitrary codes or increase their privileges.

The vulnerability of the SCADA system SIMATIC WinCC is related to the improper assignment of permissions for critical resources. Exploiting this vulnerability can allow an intruder to execute arbitrary code or increase their privileges...

Cilium 授权问题漏洞

Cilium is an open source software. It is used to provide and transparently secure network connectivity and load balancing between application workloads, such as application containers or processes. An authorization issue vulnerability exists in Cilium version 1.11.14 and earlier, 1.12.7 and...

The vulnerability of the APC Easy UPS Online Monitoring Software lies in the improper assignment of permissions for critical resources, allowing attackers to increase their privileges.

The vulnerability of the APC Easy UPS Online Monitoring Software relates to the improper assignment of permissions for critical resources. Exploiting this vulnerability can allow attackers to enhance their privileges...

The vulnerability of the PowerScale OneFS operating system, related to user being assigned to an inappropriate group, allows attackers to escalate their privileges and expose sensitive information.

The vulnerability of the PowerScale OneFS operating system is related to the user being assigned to an inappropriate group. Exploiting this vulnerability allows a malicious actor to increase their privileges and expose sensitive information...

PYSEC-2023-53

vantage6 is a privacy preserving federated learning infrastructure for secure insight exchange. Assigning existing users to a different organizations is currently possible. It may lead to unintended access: if a user from organization A is accidentally assigned to organization B, they will retain...