Formatting String Error Vulnerability in Multiple Fortinet Products (CNVD-2024-13095)

Fortinet FortiOS is a Fortinet security operating system dedicated to the FortiGate network security platform. Fortinet FortiProxy is a secure network proxy that protects employees from network attacks by combining a variety of detection technologies such as Web filtering, DNS filtering, DLP,...

Microsoft Windows Local Security Authority Subsystem Service 权限许可和访问控制问题漏洞

The Microsoft Windows Local Security Authority Subsystem Service is an internal Microsoft program that runs Windows system security policies. It authenticates users when they log on to a computer standalone or server, manages user password changes, and generates access characters. It also leaves...

GitLab 资源管理错误漏洞

GitLab is an open source, end-to-end software development platform from GitLab, Inc. with built-in version control, issue tracking, code review, CI/CD Continuous Integration and Continuous Delivery and other features. GitLab There is a resource management error vulnerability, the vulnerability...

Microsoft Windows 权限许可和访问控制问题漏洞

Microsoft Windows is a suite of operating systems for use on personal devices from Microsoft Corporation USA. A vulnerability exists in Microsoft Windows DirectX with privilege license and access control issues. The following products and editions are affected: Windows 10 Version 2004 for...

Microsoft Win32k 权限许可和访问控制问题漏洞

Microsoft Win32k is a system file for Windows multi-user administration by Microsoft Corporation USA. A vulnerability exists in Microsoft Windows Win32K with privilege license and access control issues. The following products and editions are affected: Windows Server 2008 for 32-bit Systems Servi...

Istio 权限许可和访问控制问题漏洞

Istio is a set of open platforms for connecting, managing, and securing microservices. Istio is vulnerable to a privilege permission and access control issue that arises from an application that does not properly impose security restrictions. This vulnerability could allow an attacker to access...

ABB System 800xA for DCI Privilege Permission and Access Control Issues Vulnerability

ABB System 800xA for DCI is a distributed control system for DCI from ABB Switzerland. A privilege permission and access control issue vulnerability exists in ABB System 800xA for DCI all versions, which can be exploited by a local attacker to inject data, read or write to the controller or cause...

Cisco Integrated Management Controller Supervisor, Cisco UCS Director and Cisco UCS Director Express for Big Data Privilege Permission and Access Control Issues Vulnerabilities

Cisco Integrated Management Controller IMC is a set of software from the American company Cisco Cisco for the management of UCS Unified Computing System. The software supports HTTP, SSH access, etc., and can perform operations such as powering on, powering off and rebooting the server. A privileg...

Mozilla Firefox Privilege Access Control Issue Vulnerability

Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. A security vulnerability exists in Mozilla Firefox prior to version 68. A remote attacker could exploit the vulnerability to bypass security restrictions...

IBM DB2 Privilege Permission and Access Control Issues Vulnerability

IBM DB2 is a set of relational database management system from IBM in the United States. The main execution environments for this system are UNIX, Linux, IBMi, z/OS, and Windows server versions. A vulnerability exists in IBM DB2 for privilege license and access control issues. Detailed...

Cybozu Garoon Privilege Access Control Issue Vulnerability (CNVD-2019-12703)

Cybozu Garoon is a portal-type OA office system from Cybozu Japan. The system provides portal, e-mail, bookmarks, scheduling, bulletin board, document management, and other functions. A vulnerability exists in the privilege access control issue in Cybozu Garoon versions 4.0.0 through 4.10.1. The...

Cybozu Garoon Privilege Access Control Issue Vulnerability (CNVD-2019-12697)

Cybozu Garoon is a portal-type OA office system from Cybozu Japan. The system provides portal, e-mail, bookmarks, scheduling, bulletin board, document management, and other functions. A vulnerability exists in Cybozu Garoon versions 4.0.0 to 4.10.1 due to privilege permission and access control...

Cybozu Garoon Privilege Access Control Issue Vulnerability (CNVD-2019-12705)

Cybozu Garoon is a portal-type OA office system from Cybozu Japan. The system provides portal, e-mail, bookmarks, scheduling, bulletin board, document management, and other functions. A vulnerability exists in privilege permission and access control issues in Cybozu Garoon versions 4.0.0 through...

WPA Privilege Access Control Issue Vulnerability

WPA is a set of Wi-Fi access protection schemes from the Wi-Fi Alliance USA, including security protocols and security authentication procedures. There is a security vulnerability in the implementation of WPA. An attacker can exploit the vulnerability to authenticate and gain access to the networ...

Android Permission License and Access Control Vulnerability (CNVD-2019-09144)

Android is a Linux-based open source operating system from Google and the Open Handheld Alliance OHA. A privilege permission and access control vulnerability exists in System in Android, which arises from a lack of effective privilege permission and access control measures in a networked system o...

Google Kubernetes Privilege Access Control Vulnerability

Google Kubernetes is an open source Docker container cluster management system from Google, Inc. The system provides resource scheduling, deployment and operation, service discovery and scaling up and down for containerized applications. A privilege access control vulnerability exists in Google...

Microsoft Exchange Server Privilege Access Control Vulnerability

Microsoft Exchange Server is a set of e-mail service programs from Microsoft, which provides e-mail access, storage, forwarding, voice mail, e-mail filtering and screening. A privilege access control vulnerability exists in Microsoft Exchange Server. An attacker can exploit this vulnerability by...

Ansible Tower Privilege Access Control Vulnerability

Ansible is a computer system configuration manager from Ansible, Inc. that can be used to publish, manage, and orchestrate computer systems.Ansible Tower a.k.a. Ansible UI is one of the task control applications that provides a user interface UI, dashboard, and REST API. A privilege access contro...

Multiple Trend Micro Products Privilege Access Control Vulnerabilities

Trend Micro Premium Security and others are cross-platform antivirus products from Trend Micro that feature anti-ransomware, anti-malware email and system optimization. A privilege access control vulnerability exists in the handling of IDAMSPMASTER requests in multiple Trend Micro products, which...

Multiple Trend Micro Product Privilege Access Control Vulnerabilities (CNVD-2018-17417)

Trend Micro Premium Security and others are cross-platform antivirus products from Trend Micro that feature anti-ransomware, anti-malware email and system optimization. A privilege access control vulnerability exists in coreServiceShell.exe in multiple Trend Micro products, which originates when...