Lucene search
K

9 matches found

Vulnrichment
Vulnrichment
added 2026/04/16 2:0 a.m.5 views

CVE-2026-1880

An Incorrect Permission Assignment for Critical Resource vulnerability in the ASUS DriverHub update process allows privilege escalation due to improper protection of required execution resources during the validation phase, permitting a local user to make unprivileged modifications. This allows t...

5.4CVSS6AI score0.00139EPSS
Exploits1References1
OSV
OSV
added 2024/11/17 12:0 a.m.6 views

CVE-2024-52872

In Flagsmith before 2.134.1, the getdocument endpoint is not correctly protected by permissions...

7.5CVSS6.9AI score0.00396EPSS
Exploits0References4
Veracode
Veracode
added 2024/10/14 10:58 a.m.7 views

Improper Privilege Management

Mattermost is vulnerable to an Improper Privilege Management. The vulnerability is due to improper permission protection, allowing authenticated users with a restricted custom admin role to bypass restrictions and view server logs and the server config.json file...

4.3CVSS6.5AI score0.00625EPSS
Exploits0References3Affected Software1
ATTACKERKB
ATTACKERKB
added 2022/10/11 8:15 p.m.6 views

CVE-2022-20432

There is an missing authorization issue in the system service. Since the component does not have permission check and permission protection,, resulting in Local Elevation of privilege.Product: AndroidVersions: Android SoCAndroid ID: A-242221899...

7.8CVSS5.8AI score0.00154EPSS
Exploits0References2
CVE
CVE
added 2022/10/11 12:0 a.m.114 views

CVE-2022-20435

CVE-2022-20435 is an Android vulnerability described as an unauthorized service in the system service that, due to missing permission checks, can lead to local elevation of privilege and potentially a system reboot. Connected OSV entries (ASB-A-242248367 and ASB-A-242248369) corroborate an unauth...

7.8CVSS7.4AI score0.00154EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2022/04/14 12:0 a.m.50 views

GHSA-QGGC-PJ29-J27M Improper Privilege Management in Mattermost

One of the API in Mattermost version 6.4.1 and earlier fails to properly protect the permissions, which allows the authenticated members with restricted custom admin role to bypass the restrictions and view the server logs and server config.json file contents. Per the Mattermost security updates...

4.3CVSS4.4AI score0.00625EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2020/12/01 12:0 a.m.6 views

The vulnerability of the software for updating Intel Driver & Support Assistant, related to insufficient protection of permissions, allows a hacker to trigger a service failure.

The vulnerability of the Intel Driver & Support Assistant software for updating drivers is related to insufficient protection of permissions. Exploiting this vulnerability can allow a hacker to cause service failures...

5.3CVSS5.9AI score0.00244EPSS
Exploits0References3Affected Software1
Prion
Prion
added 2018/11/13 8:29 p.m.18 views

Information disclosure

The broadcast messages received by SAP Fiori Client are not protected by permissions. SAP Fiori Client version 1.11.5 in Google Play store addresses these issues and users must update to that version...

6.8CVSS7.5AI score0.00746EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2018/11/13 8:29 p.m.4 views

CVE-2018-2490

The broadcast messages received by SAP Fiori Client are not protected by permissions. SAP Fiori Client version 1.11.5 in Google Play store addresses these issues and users must update to that version...

7.8CVSS5.8AI score0.00746EPSS
Exploits0References2
Rows per page
Query Builder