CVE-2022-26235

Affects Beckman Coulter Remisol Advance v2.0.12.1 and earlier. The vulnerability stems from installation-time permissions that allow non-privileged users to overwrite or manipulate executables and libraries that run with SYSTEM privileges on Windows, enabling local privilege escalation. Documente...

CVE-2022-26236

The default privileges for the running service Normand Remisol Advance Launcher in Beckman Coulter Remisol Advance v2.0.12.1 and prior allows non-privileged users to overwrite and manipulate executables and libraries. This allows attackers to access sensitive data...

Netmaker vulnerable to Insufficient Granularity of Access Control

Impact Improper Authorization functions leads to non-privileged users running privileged API calls. If you have added users to your Netmaker platform who whould not have admin privileges, they could use their auth token to run admin-level functions via the API. In addition, differing response cod...

GHSA-GGF6-638M-VQMG Netmaker vulnerable to Insufficient Granularity of Access Control

Impact Improper Authorization functions leads to non-privileged users running privileged API calls. If you have added users to your Netmaker platform who whould not have admin privileges, they could use their auth token to run admin-level functions via the API. In addition, differing response cod...

Amazon Linux 2022 : grub2-common, grub2-efi-aa64, grub2-efi-aa64-cdboot (ALAS2022-2022-043)

It is, therefore, affected by a vulnerability as referenced in the ALAS2022-2022-043 advisory. A flaw in grub2 was found where its configuration file, known as grub.cfg, is being created with the wrong permission set allowing non privileged users to read its content. This represents a low severit...

OpenEMR 安全漏洞

OpenEMR is an open source healthcare management system from the OpenEMR community. The system can be used for medical practice management, electronic medical records, prescription writing, and medical billing applications. versions of OpenEMR prior to 7.0.0 have an access control error...

EulerOS Virtualization 2.10.1 : grub2 (EulerOS-SA-2022-2080)

According to the versions of the grub2 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A flaw in grub2 was found where its configuration file, known as grub.cfg, is being created with the wrong permission set allowing...

Huawei EulerOS: Security Advisory for grub2 (EulerOS-SA-2022-1828)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP10 : grub2 (EulerOS-SA-2022-1819)

According to the versions of the grub2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A flaw in grub2 was found where its configuration file, known as grub.cfg, is being created with the wrong permission set allowing non privileged...

EulerOS 2.0 SP10 : grub2 (EulerOS-SA-2022-1828)

According to the versions of the grub2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A flaw in grub2 was found where its configuration file, known as grub.cfg, is being created with the wrong permission set allowing non privileged...

Low: grub2

Issue Overview: A flaw in grub2 was found where its configuration file, known as grub.cfg, is being created with the wrong permission set allowing non privileged users to read its content. This represents a low severity confidentiality issue, as those users can eventually read any encrypted...

Amazon Linux 2 : grub2 (ALAS-2022-1787)

The version of grub2 installed on the remote host is prior to 2.06-9. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2022-1787 advisory. A flaw in grub2 was found where its configuration file, known as grub.cfg, is being created with the wrong permission set allowing non...

CVE-2022-24308

Automox Agent prior to version 37 on Windows and Linux and Version 36 on OSX could allow for a non privileged user to obtain sensitive information during the install process...

WordPress NS WooCommerce Watermark plugin存在未明漏洞

WordPress is the Wordpress Foundation's set of blogging platforms developed using the PHP language. The platform supports the hosting of personal blog sites on PHP and MySQL servers. WordPress plugin is a WordPress open source application plugin. WordPress NS WooCommerce Watermark plugin has a...

WordPress plugin NS WooCommerce Watermark安全漏洞

WordPress is the Wordpress Foundation's set of blogging platforms developed using the PHP language. The platform supports the hosting of personal blog sites on PHP and MySQL servers. WordPress plugin is a WordPress open source application plugin. WordPress NS WooCommerce Watermark plugin has a...

AZL-34786 CVE-2021-3981 affecting package grub2 for versions less than 2.06-14

A flaw in grub2 was found where its configuration file, known as grub.cfg, is being created with the wrong permission set allowing non privileged users to read its content. This represents a low severity confidentiality issue, as those users can eventually read any encrypted passwords present in...

CVE-2021-3981

A flaw in grub2 was found where its configuration file, known as grub.cfg, is being created with the wrong permission set allowing non privileged users to read its content. This represents a low severity confidentiality issue, as those users can eventually read any encrypted passwords present in...

Cerebrate 安全漏洞

Cerebrate is an open source platform. Designed to act as an interconnection orchestrator for trusted contact information providers and other security tools, a security vulnerability exists in Cerebrate 1.4, which stems from a faulty shared group ACL allowing non-privileged users to edit and modif...

MediaWiki has an unspecified vulnerability (CNVD-2022-03938)

MediaWiki is a free and free-to-use web-based wiki engine from the U.S. Wikimedia MediaWiki Foundation. The product can be used to deploy internal knowledge management and content management systems.A security vulnerability exists in MediaWiki, which stems from the fact that the product allows...

Octopus Server 代码问题漏洞

Octopus Server is an automated deployment platform. Octopus Server has a security vulnerability that could result in non-privileged users gaining privileged access when Octopus Server is installed using a custom folder location...