Lucene search
+L

196 matches found

CVE
CVE
added 2020/01/23 4:50 p.m.58 views

CVE-2019-5593

Fortinet FortiOS is affected by CVE-2019-5593. The flaw arises from improper permission/value checking in the CLI console, allowing a non-privileged local attacker to obtain plaintext private keys of system certificates by unsetting the encryption password for built‑in certificates (FortiOS 6.2.0...

5.5CVSS5.4AI score0.00189EPSS
Exploits0References1Affected Software1
Fortinet
Fortinet
added 2019/11/14 12:0 a.m.62 views

Protect

Improper permission or value checking in the CLI console may allow a non-privileged user to obtain plaint text private keys of system's builtin local certificates via unsetting the keys encryption password or for user uploaded local certificates via setting an empty password. Note that backed up...

2.1CVSS5.3AI score0.00189EPSS
Exploits0Affected Software2
WPVulnDB
WPVulnDB
added 2019/09/30 12:0 a.m.14 views

Theme Editor < 2.2 - Multiple Vulnerabilities

Versions 2.1 and lower of the "theme-editor" plugin are affected by multiple vulnerabilities such as CSRF, insufficient permission checking, arbitrary file upload and the ability to interact with folders/files on the server in most ways you can imagine. These vulnerabilities aside from CSRF requi...

4.9AI score
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2019/09/30 12:0 a.m.7 views

WordPress Theme Editor plugin <= 2.1 - Multiple vulnerabilities

Multiple vulnerabilities CSRF, insufficient permission checking, arbitrary file upload found by WebARX in WordPress Theme Editor plugin versions = 2.1. Solution Update the WordPress Theme Editor plugin to the latest available version at least 2.2...

3.6AI score
Exploits0References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2018/03/01 12:0 a.m.69 views

Drupal 7.x < 7.57 Multiple Vulnerabilities (SA-CORE-2018-001)

According to its self-reported version, the instance of Drupal running on the remote web server is 7.x prior to 7.57. It is, therefore, affected by multiple vulnerabilities : - A flaw exists with the Drupal.checkPlain function due to improper handling of HTML injection. A remote attacker, with a...

6.1CVSS6.8AI score0.01644EPSS
Exploits0References6
Prion
Prion
added 2017/08/29 3:29 p.m.16 views

Code injection

Aruba Networks ClearPass Policy Manager before 6.4.7 and 6.5.x before 6.5.2 allows remote authenticated administrators to write to arbitrary files within the underlying operating system and consequently cause a denial of service or gain privileges by leveraging incorrect permission checking...

9CVSS7.4AI score0.02339EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2017/08/29 3:0 p.m.17 views

CVE-2015-3653

Aruba Networks ClearPass Policy Manager before 6.4.7 and 6.5.x before 6.5.2 allows remote authenticated administrators to write to arbitrary files within the underlying operating system and consequently cause a denial of service or gain privileges by leveraging incorrect permission checking...

7AI score0.02339EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2017/03/20 4:59 p.m.33 views

CVE-2017-5618

GNU screen before 4.5.1 allows local users to modify arbitrary files and consequently gain root privileges by leveraging improper checking of logfile permissions...

7.8CVSS7.2AI score0.01087EPSS
Exploits6References4
Oracle linux
Oracle linux
added 2016/08/04 12:0 a.m.75 views

Unbreakable Enterprise kernel security update

kernel-uek 4.1.12-37.6.2 - KEYS: potential uninitialized variable Dan Carpenter Orabug: 24393865 CVE-2016-4470 - ovl: fix permission checking for setattr Miklos Szeredi Orabug: 24393742 CVE-2015-8660...

7.2CVSS2.5AI score0.22374EPSS
Exploits12
Microsoft KB
Microsoft KB
added 2015/01/13 12:0 a.m.23 views

MS15-001: Vulnerability in Windows Application Compatibility cache could allow elevation of privilege: January 13, 2015

None None...

6.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.14 views

Liferay Portal 6.1 - 6.0.x Privilege Escalation

No description provided by source. Liferay users can assign themselves to organizations, leading to possible privilege escalation Description: Liferay Portal is an enterprise portal written in Java Due to insufficient permission checking in the updateOrganizations method of UserService any user c...

7.1AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2013/09/04 12:0 a.m.43 views

Amazon Linux AMI : mysql51 (ALAS-2012-145)

A stack-based buffer overflow flaw was found in the user permission checking code in MySQL. An authenticated database user could use this flaw to crash the mysqld daemon or, potentially, execute arbitrary code with the privileges of the user running the mysqld daemon. CVE-2012-5611 C Tenable...

6.5CVSS7.8AI score0.24564EPSS
Exploits2References2
FreeBSD
FreeBSD
added 2013/04/24 12:0 a.m.32 views

Joomla! -- XXS and DDoS vulnerabilities

The JSST and the Joomla! Security Center report: 20130405 - Core - XSS Vulnerability Inadequate filtering leads to XSS vulnerability in Voting plugin. 20130403 - Core - XSS Vulnerability Inadequate filtering allows possibility of XSS exploit in some circumstances. 20130402 - Core - Information...

5.5CVSS5.8AI score0.04848EPSS
Exploits6References1
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
added 2013/03/29 12:0 a.m.85 views

[20130402] - Core - Information Disclosure

Inadequate permission checking allows unauthorised user to see permission settings in some circumstances...

4CVSS5.9AI score0.01412EPSS
Exploits0Affected Software1
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
added 2013/03/29 12:0 a.m.124 views

[20130401] - Core - Privilege Escalation

Inadequate permission checking allows unauthorised user to delete private messages...

4CVSS6AI score0.01583EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2012/12/09 12:0 a.m.35 views

Scientific Linux Security Update : mysql on SL6.x i386/x86_64 (20121207)

A stack-based buffer overflow flaw was found in the user permission checking code in MySQL. An authenticated database user could use this flaw to crash the mysqld daemon or, potentially, execute arbitrary code with the privileges of the user running the mysqld daemon. CVE-2012-5611 After installi...

6.5CVSS7.7AI score0.24564EPSS
Exploits2References2
Amazon
Amazon
added 2012/12/06 12:0 a.m.42 views

Important: mysql51

Issue Overview: A stack-based buffer overflow flaw was found in the user permission checking code in MySQL. An authenticated database user could use this flaw to crash the mysqld daemon or, potentially, execute arbitrary code with the privileges of the user running the mysqld daemon. CVE-2012-561...

6.5CVSS8.8AI score0.24564EPSS
Exploits2References1
securityvulns
securityvulns
added 2012/06/03 12:0 a.m.60 views

Liferay users can assign themselves to organizations, leading to possible privilege escalation

Liferay users can assign themselves to organizations, leading to possible privilege escalation Description: Liferay Portal is an enterprise portal written in Java Due to insufficient permission checking in the updateOrganizations method of UserService any user can assign hem or her self to any...

1.6AI score
Exploits0
Packet Storm
Packet Storm
added 2012/05/14 12:0 a.m.42 views

Liferay Portal Privilege Escalation

Liferay users can assign themselves to organizations, leading to possible privilege escalation Description: Liferay Portal is an enterprise portal written in Java Due to insufficient permission checking in the updateOrganizations method of UserService any user can assign hem or her self to any...

0.5AI score
Exploits0
exploitpack
exploitpack
added 2012/05/13 12:0 a.m.15 views

Liferay Portal 6.0.x 6.1 - Privilege Escalation

Liferay Portal 6.0.x 6.1 - Privilege Escalation Liferay users can assign themselves to organizations, leading to possible privilege escalation Description: Liferay Portal is an enterprise portal written in Java Due to insufficient permission checking in the updateOrganizations method of UserServi...

0.5AI score
Exploits0
Rows per page
Query Builder