Lucene search
K

74 matches found

BDU FSTEC
BDU FSTEC
added 2024/06/14 12:0 a.m.8 views

The vulnerability of the Hazelcast data analysis platform, related to permission processing errors, allows attackers to perform arbitrary actions.

The vulnerability of the Hazelcast data analysis platform is related to permission processing errors. Exploiting this vulnerability allows a remote attacker to perform arbitrary actions...

6.8CVSS6.7AI score0.00528EPSS
Exploits0References3Affected Software2
BDU FSTEC
BDU FSTEC
added 2024/06/03 12:0 a.m.5 views

The vulnerability of the Shortcuts component in operating systems such as iOS, macOS, iPadOS, and watchOS allows attackers to disclose sensitive information that is protected by these systems.

The vulnerability of the Shortcuts component in iOS, macOS, iPadOS, and watchOS is related to permission handling errors. Exploiting this vulnerability can allow a remote attacker to disclose sensitive information...

7.8CVSS7.4AI score0.01789EPSS
Exploits0References7Affected Software4
RedHat Linux
RedHat Linux
added 2024/05/29 1:31 p.m.5 views

python: Path traversal on tempfile.TemporaryDirectory

A flaw was found in the tempfile.TemporaryDirectory class in python3/cpython3. The class may dereference symbolic links during permission-related errors, resulting in users that run privileged programs being able to modify permissions of files referenced by the symbolic link...

7.8CVSS6.7AI score0.00313EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2024/05/28 1:12 p.m.4 views

python: Path traversal on tempfile.TemporaryDirectory

A flaw was found in the tempfile.TemporaryDirectory class in python3/cpython3. The class may dereference symbolic links during permission-related errors, resulting in users that run privileged programs being able to modify permissions of files referenced by the symbolic link...

7.8CVSS6.7AI score0.00313EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2024/05/23 4:30 p.m.4 views

python: Path traversal on tempfile.TemporaryDirectory

A flaw was found in the tempfile.TemporaryDirectory class in python3/cpython3. The class may dereference symbolic links during permission-related errors, resulting in users that run privileged programs being able to modify permissions of files referenced by the symbolic link...

7.8CVSS6.7AI score0.00313EPSS
Exploits0References4
Amazon
Amazon
added 2024/05/13 12:0 a.m.3 views

Important: python3.9

Issue Overview: An issue was found in the CPython tempfile.TemporaryDirectory class affecting versions 3.12.2, 3.11.8, 3.10.13, 3.9.18, and 3.8.18 and prior. The tempfile.TemporaryDirectory class would dereference symlinks during cleanup of permissions-related errors. This means users which can r...

7.8CVSS6.8AI score0.00313EPSS
Exploits0
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2024/04/05 5:53 a.m.4 views

Multiple vulnerabilities in NEC Aterm series

Overview Aterm series provided by NEC Corporation contains multiple vulnerabilities listed below. Incorrect Permission Assignment for Critical Resource CWE-732 - CVE-2024-28005 Exposure of Sensitive System Information to an Unauthorized Control Sphere CWE-497 - CVE-2024-28006 Incorrect Permission...

9.8CVSS8AI score0.00743EPSS
Exploits0References20
OSV
OSV
added 2024/03/19 4:15 p.m.7 views

AZL-35926 CVE-2023-6597 affecting package python3 for versions less than 3.12.3-1

An issue was found in the CPython tempfile.TemporaryDirectory class affecting versions 3.12.1, 3.11.7, 3.10.13, 3.9.18, and 3.8.18 and prior. The tempfile.TemporaryDirectory class would dereference symlinks during cleanup of permissions-related errors. This means users which can run privileged...

7.8CVSS6.7AI score0.00313EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2024/02/26 12:0 a.m.5 views

The vulnerability of the FactoryTalk service platform’s web interface, which allows attackers to escalate their privileges

The vulnerability of the FactoryTalk service platform’s web interface is related to errors in granting permissions during program execution. Exploiting this vulnerability can allow a malicious actor to increase their privileges remotely...

9CVSS8AI score0.0099EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/01/25 12:0 a.m.6 views

The vulnerability of the AppleMobileFileIntegrity component in the Safari browser and operating systems macOS, iOS, iPadOS, allows attackers to disclose protected information.

The vulnerability of AppleMobileFileIntegrity in the Safari browser and operating systems macOS, iOS, iPadOS is related to permission handling errors. Exploiting this vulnerability can allow attackers to disclose sensitive information...

5.5CVSS5.8AI score0.00201EPSS
Exploits0References4Affected Software4
BDU FSTEC
BDU FSTEC
added 2023/10/10 12:0 a.m.5 views

The vulnerability of the Acronis Cyber Protect Home Office backup and recovery software lies in errors related to the use of standard permissions, allowing an intruder to gain unauthorized access to protected information.

The vulnerability of the Acronis Cyber Protect Home Office backup and recovery software is related to errors in the use of standard permissions. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...

9.4CVSS5.9AI score0.00317EPSS
Exploits0References3Affected Software1
Redos
Redos
added 2023/09/05 12:0 a.m.20 views

ROS-20230905-02

Vulnerability in the ksmbd module of Linux kernel operating systems is related to synchronization errors when using a shared resource. synchronization errors when using a shared resource. Exploitation of the vulnerability could allow an attacker acting remotely, execute arbitrary code using the...

9.8CVSS9AI score0.0406EPSS
Exploits3
BDU FSTEC
BDU FSTEC
added 2023/08/03 12:0 a.m.6 views

The vulnerability of the software platform for managing operational data, related to errors in using standard permissions, allows a perpetrator to read and modify arbitrary data in various system catalogs. This vulnerability enables unauthorized access and manipulation of data within the ABB Ability zenon system.

The vulnerability of the software platform for operating data management in ABB Ability zenon relates to errors in the use of standard permissions. Exploiting this vulnerability allows attackers to read and update arbitrary data in various system catalogs...

6.3CVSS6AI score0.00253EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2023/05/29 12:0 a.m.7 views

The vulnerability of the driver for configuring WMI microprogramming systems in Lenovo laptops allows a hacker to modify security loading parameters through the NVRAM variable.

The vulnerability of the WMI driver for Lenovo notebook microprogramming systems is related to errors in the use of standard permissions. Exploiting this vulnerability allows an attacker to modify security boot parameters through the NVRAM variable...

6.8CVSS6.9AI score0.00257EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2022/04/20 12:0 a.m.6 views

PT-2022-2568 · Fanuc · Fanuc Roboguide

Name of the Vulnerable Software and Affected Versions: FANUC ROBOGUIDE affected versions not specified Description: The issue is related to errors in assigning permissions for files, which can allow an attacker to gain privilege escalation. It is also associated with misconfigured binaries,...

6.6CVSS5.7AI score0.00159EPSS
Exploits0References5
BDU FSTEC
BDU FSTEC
added 2021/07/27 12:0 a.m.6 views

The vulnerability of the ColdFusion software platform, related to errors in the use of standard permissions, allows attackers to increase their privileges.

The vulnerability of the ColdFusion software platform is related to errors in the use of standard permissions. Exploiting this vulnerability can allow attackers to increase their privileges...

9.8CVSS7.7AI score0.04014EPSS
Exploits0References2
OSV
OSV
added 2021/07/07 2:15 p.m.4 views

CVE-2021-32526

Incorrect permission assignment for critical resource vulnerability in QSAN Storage Manager allows authenticated remote attackers to access arbitrary password files. Suggest contacting with QSAN and refer to recommendations in QSAN Document...

6.5CVSS5.9AI score0.00943EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2021/06/15 12:0 a.m.5 views

The vulnerability of the PackageKit package for Mac OS operating systems allows attackers to increase their privileges.

The vulnerability of the PackageKit package for Mac OS operating systems is related to errors in the use of standard permissions. Exploiting this vulnerability can allow an attacker to increase their privileges...

7.8CVSS7.2AI score0.01063EPSS
Exploits0References4Affected Software2
BDU FSTEC
BDU FSTEC
added 2020/12/28 12:0 a.m.6 views

The vulnerability of the Cisco Data Center Network Manager system, related to errors in permission processing, allows a intruder to gain access to protected information.

The vulnerability of the Cisco Data Center Network Manager system is related to errors in permission processing. Exploiting this vulnerability can allow an attacker to gain access to protected information...

5.5CVSS5.9AI score0.00287EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2020/12/03 12:0 a.m.5 views

The default installation configuration of the software for automation and process control systems, TwinCAT, makes it vulnerable to exploitation by attackers, allowing them to increase their privileges.

The vulnerability of the default installation configuration of TwinCAT software for automation and process control systems is related to errors in the use of standard permissions. Exploiting this vulnerability can allow attackers to increase their privileges...

7.3CVSS7.2AI score0.00839EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder