Lucene search
K

12 matches found

Tenable Nessus
Tenable Nessus
added 2024/01/11 12:0 a.m.26 views

Fortinet FortiProxy Privilage Escalation (FG-IR-23-315)

The version of FortiProxy installed on the remote host is prior to tested version. It is, therefore, affected by an improper privilege management vulnerability CWE-269 in a FortiOS & FortiProxy HA cluster may allow an authenticated attacker to perform elevated actions via crafted HTTP or HTTPS...

8.8CVSS7.8AI score0.00899EPSS
Exploits0References2
Veracode
Veracode
added 2023/10/08 11:51 p.m.18 views

Privilage Escalation

gitlab is vulnerable to Privilage Escalation. The vulnerability allows an attacker to take over GitLab Pages with unique domain URLs if they know the added random string...

9.8CVSS6.6AI score0.00605EPSS
Exploits0References2Affected Software1
Tenable Nessus
Tenable Nessus
added 2022/10/10 12:0 a.m.32 views

EulerOS Virtualization 3.0.6.0 : util-linux (EulerOS-SA-2022-2593)

According to the versions of the util-linux packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A flaw was found in the util-linux chfn and chsh utilities when compiled with Readline support. The Readline library uses an...

5.5CVSS5.8AI score0.0043EPSS
Exploits0References2
Huntr
Huntr
added 2022/08/23 12:2 p.m.21 views

Privilage escalation allows user with read access only to edit admin portal and take actions

Overview of the Vulnerability Authentication and session management controls can be bypassed in a variety of ways including, calling an internal post-authentication page, modifying the given URL parameters, by manipulating the form, or by counterfeiting sessions. The authentication method for thi...

6.5CVSS1.4AI score0.00437EPSS
Exploits1References2
OSV
OSV
added 2021/03/29 8:43 p.m.23 views

GHSA-H77R-RP97-7RV4 Privilage Escalation in moodle

In moodle, insufficient capability checks could lead to users with the ability to course restore adding additional capabilities to roles within that course. Versions affected: 3.9 to 3.9.2, 3.8 to 3.8.5, 3.7 to 3.7.8, 3.5 to 3.5.14 and earlier unsupported versions. This is fixed in moodle 3.9.3,...

7.5CVSS7AI score0.01588EPSS
Exploits0References7
OSV
OSV
added 2021/03/29 8:42 p.m.25 views

GHSA-C9HQ-G4Q8-W893 Privilage Escalation in moodle

If the upload course tool in Moodle was used to delete an enrollment method which did not exist or was not already enabled, the tool would erroneously enable that enrollment method. This could lead to unintended users gaining access to the course. Versions affected: 3.9 to 3.9.2, 3.8 to 3.8.5, 3....

5.3CVSS5.2AI score0.01368EPSS
Exploits0References6
Github Security Blog
Github Security Blog
added 2021/03/29 8:42 p.m.38 views

Privilage Escalation in moodle

If the upload course tool in Moodle was used to delete an enrollment method which did not exist or was not already enabled, the tool would erroneously enable that enrollment method. This could lead to unintended users gaining access to the course. Versions affected: 3.9 to 3.9.2, 3.8 to 3.8.5, 3....

5.3CVSS5.8AI score0.01368EPSS
Exploits0References7Affected Software1
ThreatPost
ThreatPost
added 2020/09/11 7:18 p.m.25 views

It's No 'Giggle': Managing Expectations for Vulnerability Disclosure

Sometimes vulnerability disclosure goes well — and sometimes it doesn’t. Security researchers still face legal action for “hacking” when reporting the bugs they find — as is the case with a flaw recently reported to the Giggle social network. However — while the vendor-researcher relationship is...

7AI score
Exploits0References24
IBM Security Bulletins
IBM Security Bulletins
added 2019/09/11 3:45 p.m.98 views

Security Bulletin: Linux Kernel vulnerabilities affect IBM Spectrum Protect Plus CVE-2019-10140, CVE-2019-11477, CVE-2019-11478, CVE-2019-11479, CVE-2019-13233, CVE-2019-13272, CVE-2019-14283, CVE-2019-14284, CVE-2019-15090, CVE-2019-15807, CVE-2019-15925

Summary Multiple vulnerabilities in the Linux Kernel such as denial of service, elevation of privileges, execution of arbitrary code on the system, and the ability to obtain sensitive information affect IBM Spectrum Protect Plus. UPDATED: 11 September 2019 to add CVE-2019-15925 Vulnerability...

7.8CVSS1AI score0.98745EPSS
Exploits26Affected Software1
Hacker One
Hacker One
added 2018/05/28 4:58 p.m.26 views

Node.js third-party modules: Privilage escalation with malicious .npmrc

Hello. I'm forwarding to you my conversation with npm staff regarding security issue. It allows to escalate to root privilages of victim using either: a basic social engineering - convincing victim to run npm in attacker-controlled folder eg. repository, including such innocent ones like "npm hel...

0.1AI score
Exploits0
Patchstack
Patchstack
added 2015/03/04 12:0 a.m.8 views

WordPress Ya'aburnee Theme <= 1.0.7 - Privilage Escalation

Because of this vulnerability, the attackers can have an admin account or takeover the site. Solution Update the theme...

4.7AI score
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2015/03/04 12:0 a.m.8 views

Dignitas 1.1.9 - Privilage Escalation

Vulnerability allows an attacker to escalate privileges on the site and have an admin account which may lead to a full site takeover...

4.3AI score
Exploits0References2Affected Software1
Rows per page
Query Builder