Lucene search
+L

53 matches found

UbuntuCve
UbuntuCve
added 2024/02/28 3:15 p.m.40 views

CVE-2023-6917

A vulnerability has been identified in the Performance Co-Pilot PCP package, stemming from the mixed privilege levels utilized by systemd services associated with PCP. While certain services operate within the confines of limited PCP user/group privileges, others are granted full root privileges...

6.7CVSS6.4AI score0.002EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2024/02/28 2:39 p.m.34 views

CVE-2023-6917

A vulnerability has been identified in the Performance Co-Pilot PCP package, stemming from the mixed privilege levels utilized by systemd services associated with PCP. While certain services operate within the confines of limited PCP user/group privileges, others are granted full root privileges...

6CVSS7.1AI score0.002EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2024/02/28 2:38 p.m.62 views

CVE-2023-6917

A vulnerability has been identified in the Performance Co-Pilot PCP package, stemming from the mixed privilege levels utilized by systemd services associated with PCP. While certain services operate within the confines of limited PCP user/group privileges, others are granted full root privileges...

6.7CVSS6.2AI score0.002EPSS
Exploits0
NVD
NVD
added 2023/04/18 12:15 p.m.66 views

CVE-2021-41613

An issue was discovered in the controller unit of the OpenRISC mor1kx processor. The write logic of Exception Effective Address Register EEAR is not implemented correctly. User programs from authorized privilege levels will be unable to write to EEAR...

4.3CVSS4.7AI score0.00407EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/04/18 12:0 a.m.5 views

PT-2023-12379 · Unknown · Openrisc Mor1Kx Processor

Name of the Vulnerable Software and Affected Versions: OpenRISC mor1kx processor affected versions not specified Description: An issue was discovered in the controller unit of the OpenRISC mor1kx processor, where the read/write access permissions to the Exception Program Counter Register EPCR are...

7.8CVSS6.9AI score0.00162EPSS
Exploits0References4
F5 Networks
F5 Networks
added 2023/02/21 6:55 p.m.51 views

K24465120: iControl REST vulnerability CVE-2017-6167

Security Advisory Description Race conditions in iControl REST may lead to commands executed with different privilege levels than expected. CVE-2017-6167 Impact Sending asynchronous tasks using the iControl REST API may be processed as the wrong user and result in an error. Security Advisory Stat...

8.5CVSS7.6AI score0.01062EPSS
Exploits0Affected Software11
SUSE CVE
SUSE CVE
added 2023/02/15 6:0 a.m.6 views

SUSE CVE-2010-0306

The x86 emulator in KVM 83, when a guest is configured for Symmetric Multiprocessing SMP, does not use the Current Privilege Level CPL and I/O Privilege Level IOPL to restrict instruction execution, which allows guest OS users to cause a denial of service guest OS crash or gain privileges on the...

4.1CVSS7AI score0.00382EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2022/06/15 5:55 p.m.14 views

CVE-2022-20819 Cisco Identity Services Engine Sensitive Information Disclosure Vulnerability

A vulnerability in the web-based management interface of Cisco Identity Services Engine ISE could allow an authenticated, remote attacker to obtain sensitive information from an affected device. This vulnerability exists because administrative privilege levels for sensitive data are not properly...

6.5CVSS6.4AI score0.00922EPSS
Exploits0References1
Cisco
Cisco
added 2022/06/15 4:0 p.m.41 views

Cisco Identity Services Engine Sensitive Information Disclosure Vulnerability

A vulnerability in the web-based management interface of Cisco Identity Services Engine ISE could allow an authenticated, remote attacker to obtain sensitive information from an affected device. This vulnerability exists because administrative privilege levels for sensitive data are not properly...

6.5CVSS6.3AI score0.00922EPSS
Exploits0References1
Prion
Prion
added 2022/02/10 6:15 p.m.13 views

Input validation

A vulnerability in the web-based management interface of Cisco Prime Service Catalog could allow an authenticated, remote attacker to access sensitive information on an affected device. This vulnerability is due to improper enforcement of Administrator privilege levels for low-value sensitive dat...

4CVSS6.5AI score0.01084EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2022/02/10 5:6 p.m.14 views

CVE-2022-20680 Cisco Prime Service Catalog Information Disclosure Vulnerability

A vulnerability in the web-based management interface of Cisco Prime Service Catalog could allow an authenticated, remote attacker to access sensitive information on an affected device. This vulnerability is due to improper enforcement of Administrator privilege levels for low-value sensitive dat...

4.3CVSS6.7AI score0.01084EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2021/10/08 12:0 a.m.20 views

Cisco Identity Services Engine Sensitive Information Disclosure (cisco-sa-ise-info-disc-pNXtLhdp)

According to its self-reported version, Cisco Identity Services Engine Software is affected by a sensitive information disclosure vulnerability in the web-based management interface due improper enforcement of administrator privilege levels for low-value sensitive data. An authenticated, remote...

4.3CVSS5.3AI score0.00845EPSS
Exploits0References3
CVE
CVE
added 2021/10/06 7:46 p.m.51 views

CVE-2021-34702

CVE-2021-34702 affects Cisco Identity Services Engine (ISE) via the web-based management interface. The issue is an improper enforcement of administrator privilege levels for low-value sensitive data, allowing an authenticated, read-only administrator to browse to pages containing sensitive data ...

4.3CVSS4.5AI score0.00845EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2021/09/09 12:0 a.m.16 views

WordPress 跨站脚本漏洞

WordPress is a set of blogging platforms developed using the PHP language by the WordPress Wordpress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A cross-site scripting vulnerability exists in WordPress versions prior to 5.8 that allows...

7.6CVSS6AI score0.01615EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2021/02/19 12:0 a.m.32 views

Cisco Identity Services Engine Sensitive Information Disclosure (cisco-sa-ise-info-exp-8RsuEu8S)

According to its self-reported version, Cisco Identity Services Engine Software is affected by multiple information disclosure vulnerabilities in its admin portal component due to improper enforcement of administrator privilege levels for sensitive data. An authenticated, remote attacker can...

6.5CVSS5.7AI score0.00971EPSS
Exploits0References8
NVD
NVD
added 2021/02/17 5:15 p.m.20 views

CVE-2021-1416

Multiple vulnerabilities in the Admin portal of Cisco Identity Services Engine ISE could allow an authenticated, remote attacker to obtain sensitive information. These vulnerabilities are due to improper enforcement of administrator privilege levels for sensitive data. An attacker with read-only...

6.5CVSS0.00888EPSS
Exploits0References1
Prion
Prion
added 2021/02/17 5:15 p.m.16 views

Information disclosure

Multiple vulnerabilities in the Admin portal of Cisco Identity Services Engine ISE could allow an authenticated, remote attacker to obtain sensitive information. These vulnerabilities are due to improper enforcement of administrator privilege levels for sensitive data. An attacker with read-only...

4CVSS4.7AI score0.00888EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2021/02/17 4:55 p.m.9 views

CVE-2021-1416 Cisco Identity Services Engine Sensitive Information Disclosure Vulnerabilities

Multiple vulnerabilities in the Admin portal of Cisco Identity Services Engine ISE could allow an authenticated, remote attacker to obtain sensitive information. These vulnerabilities are due to improper enforcement of administrator privilege levels for sensitive data. An attacker with read-only...

6.5CVSS6.6AI score0.00888EPSS
Exploits0References1
Symantec
Symantec
added 2019/11/22 12:0 a.m.33 views

Multiple Pivotal RabbitMQ Products CVE-2019-11291 Cross Site Scripting Vulnerability

Description Multiple Pivotal RabbitMQ products are prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected...

0.6AI score0.00796EPSS
Exploits0References1Affected Software2
NVD
NVD
added 2018/12/12 7:29 p.m.15 views

CVE-2018-15718

Open Dental before version 18.4 transmits the entire user database over the network when a remote unauthenticated user accesses the command prompt. This allows the attacker to gain access to usernames, password hashes, privilege levels, and more...

7.5CVSS8AI score0.01429EPSS
Exploits0References1
Rows per page
Query Builder