74 matches found
The vulnerability of the Hazelcast data analysis platform, related to permission processing errors, allows attackers to perform arbitrary actions.
The vulnerability of the Hazelcast data analysis platform is related to permission processing errors. Exploiting this vulnerability allows a remote attacker to perform arbitrary actions...
The vulnerability of the Shortcuts component in operating systems such as iOS, macOS, iPadOS, and watchOS allows attackers to disclose sensitive information that is protected by these systems.
The vulnerability of the Shortcuts component in iOS, macOS, iPadOS, and watchOS is related to permission handling errors. Exploiting this vulnerability can allow a remote attacker to disclose sensitive information...
python: Path traversal on tempfile.TemporaryDirectory
A flaw was found in the tempfile.TemporaryDirectory class in python3/cpython3. The class may dereference symbolic links during permission-related errors, resulting in users that run privileged programs being able to modify permissions of files referenced by the symbolic link...
python: Path traversal on tempfile.TemporaryDirectory
A flaw was found in the tempfile.TemporaryDirectory class in python3/cpython3. The class may dereference symbolic links during permission-related errors, resulting in users that run privileged programs being able to modify permissions of files referenced by the symbolic link...
python: Path traversal on tempfile.TemporaryDirectory
A flaw was found in the tempfile.TemporaryDirectory class in python3/cpython3. The class may dereference symbolic links during permission-related errors, resulting in users that run privileged programs being able to modify permissions of files referenced by the symbolic link...
Important: python3.9
Issue Overview: An issue was found in the CPython tempfile.TemporaryDirectory class affecting versions 3.12.2, 3.11.8, 3.10.13, 3.9.18, and 3.8.18 and prior. The tempfile.TemporaryDirectory class would dereference symlinks during cleanup of permissions-related errors. This means users which can r...
Multiple vulnerabilities in NEC Aterm series
Overview Aterm series provided by NEC Corporation contains multiple vulnerabilities listed below. Incorrect Permission Assignment for Critical Resource CWE-732 - CVE-2024-28005 Exposure of Sensitive System Information to an Unauthorized Control Sphere CWE-497 - CVE-2024-28006 Incorrect Permission...
AZL-35926 CVE-2023-6597 affecting package python3 for versions less than 3.12.3-1
An issue was found in the CPython tempfile.TemporaryDirectory class affecting versions 3.12.1, 3.11.7, 3.10.13, 3.9.18, and 3.8.18 and prior. The tempfile.TemporaryDirectory class would dereference symlinks during cleanup of permissions-related errors. This means users which can run privileged...
The vulnerability of the FactoryTalk service platform’s web interface, which allows attackers to escalate their privileges
The vulnerability of the FactoryTalk service platform’s web interface is related to errors in granting permissions during program execution. Exploiting this vulnerability can allow a malicious actor to increase their privileges remotely...
The vulnerability of the AppleMobileFileIntegrity component in the Safari browser and operating systems macOS, iOS, iPadOS, allows attackers to disclose protected information.
The vulnerability of AppleMobileFileIntegrity in the Safari browser and operating systems macOS, iOS, iPadOS is related to permission handling errors. Exploiting this vulnerability can allow attackers to disclose sensitive information...
The vulnerability of the Acronis Cyber Protect Home Office backup and recovery software lies in errors related to the use of standard permissions, allowing an intruder to gain unauthorized access to protected information.
The vulnerability of the Acronis Cyber Protect Home Office backup and recovery software is related to errors in the use of standard permissions. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...
ROS-20230905-02
Vulnerability in the ksmbd module of Linux kernel operating systems is related to synchronization errors when using a shared resource. synchronization errors when using a shared resource. Exploitation of the vulnerability could allow an attacker acting remotely, execute arbitrary code using the...
The vulnerability of the software platform for managing operational data, related to errors in using standard permissions, allows a perpetrator to read and modify arbitrary data in various system catalogs. This vulnerability enables unauthorized access and manipulation of data within the ABB Ability zenon system.
The vulnerability of the software platform for operating data management in ABB Ability zenon relates to errors in the use of standard permissions. Exploiting this vulnerability allows attackers to read and update arbitrary data in various system catalogs...
The vulnerability of the driver for configuring WMI microprogramming systems in Lenovo laptops allows a hacker to modify security loading parameters through the NVRAM variable.
The vulnerability of the WMI driver for Lenovo notebook microprogramming systems is related to errors in the use of standard permissions. Exploiting this vulnerability allows an attacker to modify security boot parameters through the NVRAM variable...
PT-2022-2568 · Fanuc · Fanuc Roboguide
Name of the Vulnerable Software and Affected Versions: FANUC ROBOGUIDE affected versions not specified Description: The issue is related to errors in assigning permissions for files, which can allow an attacker to gain privilege escalation. It is also associated with misconfigured binaries,...
The vulnerability of the ColdFusion software platform, related to errors in the use of standard permissions, allows attackers to increase their privileges.
The vulnerability of the ColdFusion software platform is related to errors in the use of standard permissions. Exploiting this vulnerability can allow attackers to increase their privileges...
CVE-2021-32526
Incorrect permission assignment for critical resource vulnerability in QSAN Storage Manager allows authenticated remote attackers to access arbitrary password files. Suggest contacting with QSAN and refer to recommendations in QSAN Document...
The vulnerability of the PackageKit package for Mac OS operating systems allows attackers to increase their privileges.
The vulnerability of the PackageKit package for Mac OS operating systems is related to errors in the use of standard permissions. Exploiting this vulnerability can allow an attacker to increase their privileges...
The vulnerability of the Cisco Data Center Network Manager system, related to errors in permission processing, allows a intruder to gain access to protected information.
The vulnerability of the Cisco Data Center Network Manager system is related to errors in permission processing. Exploiting this vulnerability can allow an attacker to gain access to protected information...
The default installation configuration of the software for automation and process control systems, TwinCAT, makes it vulnerable to exploitation by attackers, allowing them to increase their privileges.
The vulnerability of the default installation configuration of TwinCAT software for automation and process control systems is related to errors in the use of standard permissions. Exploiting this vulnerability can allow attackers to increase their privileges...