The vulnerability of the apr.h component in the APR library allows a hacker to gain access to confidential data.

The vulnerability of the apr.h component in the APR library is related to the improper assignment of permissions for the critical resource. Exploiting this vulnerability may allow an attacker to access confidential data...

Vulnerability of the Server component: The Optimizer component of the MySQL Server database management system, which allows a hacker to cause a service failure.

The vulnerability of the MySQL Server component of the database management system involves the improper assignment of permissions to a critical resource. Exploiting this vulnerability can allow an attacker to cause service interruptions remotely...

pulpcore: RBAC permissions incorrectly assigned in tasks that create objects

A flaw was found in the Pulp package. When a role-based access control RBAC object in Pulp is set to assign permissions on its creation, it uses the AutoAddObjPermsMixin typically the addrolesforobjectcreator method. This method finds the object creator by checking the current authenticated user...

CVE-2024-7143 Pulpcore: rbac permissions incorrectly assigned in tasks that create objects

A flaw was found in the Pulp package. When a role-based access control RBAC object in Pulp is set to assign permissions on its creation, it uses the AutoAddObjPermsMixin typically the addrolesforobjectcreator method. This method finds the object creator by checking the current authenticated user...

PT-2024-3070

Name of the Vulnerable Software and Affected Versions Check Point ZoneAlarm Extreme Security NextGen affected versions not specified Check Point Identity Agent for Windows affected versions not specified Check Point Identity Agent for Windows Terminal Server affected versions not specified...

HYPR 安全漏洞

HYPR is a security application that implements password-less security from HYPR, Inc. A security vulnerability exists in HYPR Workforce Access that stems from a misassignment of permissions on its critical resources can lead to authentication abuse...

MediaTek 多款产品安全漏洞

MediaTek Mt Series is a series of smartphone chips from China's MediaTek Corporation MediaTek. A security vulnerability exists in several MediaTek products, which stems from an incorrect assignment of permissions in the ims service, which may result in unexpected application behavior. The followi...

QSAN Storage Manager 授权问题漏洞

QSAN Storage Manager is a NAS operating system from Quantium Technologies Incorporated QSAN. An authorization issue vulnerability exists in QSAN Storage Manager prior to version 3.3.1 build 202101041800, which stems from the product misassigning permissions on critical resource management and can...

The vulnerability of the Files.createTempDir() implementation in the Java libraries of Google Guava allows a malicious actor to gain unauthorized access to protected information.

The vulnerability of the Files.createTempDir function implementation in the Java libraries of Google Guava is related to the incorrect assignment of permissions for the temporary file directory. Exploiting this vulnerability may allow an attacker to gain unauthorized access to protected informati...

The vulnerability of the debian/sympa.postinst component of the Sympa mailing list manager allows a perpetrator to compromise the integrity of data by improperly assigning permissions for critical resources.

The vulnerability of the debian/sympa.postinst component of the Sympa mailing list manager is related to the assignment of an incorrect permission value. Exploiting this vulnerability could allow a malicious actor to compromise the integrity of data...

The vulnerability of the account management utility for the Shadow operating system in Astra Linux, which allows a hacker to trigger a service failure

The vulnerability of the account management utility for the Shadow operating system Astra Linux relates to the incorrect assignment of the permission level during user creation. Exploiting this vulnerability allows an attacker with privileged user rights to block access for newly created users...