i-Educar 安全漏洞

i-Educar is a free educational software from Portábilis Open Source. A security vulnerability exists in i-Educar version 2.9.10 and earlier, which stems from improper privilege inheritance in the user type handling component in the file app/Http/Controllers/AccessLevelController.php, which could...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a failure to properly set capabilities when automounting a new filesystem, which could lead to privilege...

IBM Security Guardium 安全漏洞

IBM Security Guardium is a suite of platforms from International Business Machines IBM that provide data protection capabilities. The platform includes features such as custom UI, report management and streamlined audit process building. A security vulnerability exists in IBM Security Guardium...

Intel Simics Package Manager 安全漏洞

Intel Simics Package Manager is a complete system simulation technology from Intel Corporation USA. It provides software and system developers, architects, and test engineers with the means to build and use virtual systems or create multiple virtual connected systems for a variety of purposes. A...

Intel Simics Package Manager 安全漏洞

Intel Simics Package Manager is a complete system simulation technology from Intel Corporation USA. It provides software and system developers, architects, and test engineers with the means to build and use virtual systems or create multiple virtual connected systems for a variety of purposes. A...

Intel Ethernet Network Adapter E810 Series 安全漏洞

Intel Ethernet Network Adapter E810 Series is a series of high-performance data center-class Ethernet adapters from Intel Corporation USA. A security vulnerability exists in Intel Ethernet Network Adapter E810 Series versions prior to 4.60, which stems from improper privilege inheritance and coul...

AZL-34460 CVE-2024-21892 affecting package nodejs18 for versions less than 18.20.2-1

On Linux, Node.js ignores certain environment variables if those may have been set by an unprivileged user while the process is running with elevated privileges with the only exception of CAPNETBINDSERVICE. Due to a bug in the implementation of this exception, Node.js incorrectly applies this...

UBUNTU-CVE-2024-21892

On Linux, Node.js ignores certain environment variables if those may have been set by an unprivileged user while the process is running with elevated privileges with the only exception of CAPNETBINDSERVICE. Due to a bug in the implementation of this exception, Node.js incorrectly applies this...

Devolutions Server 安全漏洞

Devolutions Server is an application from Devolutions Canada. It provides a full-featured shared account and password management solution. A security vulnerability exists in Devolutions Server versions prior to 2022.2 that stems from incorrect privilege management. An attacker could exploit the...

CVE-2021-43055

The eFTL Server component of TIBCO Software Inc.'s TIBCO eFTL - Community Edition, TIBCO eFTL - Developer Edition, and TIBCO eFTL - Enterprise Edition contains an easily exploitable vulnerability that allows clients to inherit the permissions of the client that initially connected on the affected...

Tibco Eftl 信息泄露漏洞

Tibco Eftl is an add-on to Tibco Ftl and Tibco Enterprise Message Service™ from Tibco USA, Inc. Extending Tibco Ftl® messaging to platforms such as Web browsers and mobile devices, an information disclosure vulnerability exists in TIBCO eFTL, which stems from a client inheriting privileges from a...

Intel NUC 安全漏洞

The Intel NUC is a small minicomputer from Intel USA. A security vulnerability exists in Intel NUC versions prior to 1.1, which stems from an insecure inheritance of privileges in the software that could allow authenticated users to enable privilege escalation via local access...

Intel NUC Kit 权限许可和访问控制问题漏洞

The Intel NUC Kit is a small desktop computer from Intel Corporation USA. The Intel NUC Kit is vulnerable to a privilege-granting and access-control issue, which arises from an insecure inheritance of privileges that could allow an authenticated user to potentially enable privilege escalation via...