Lucene search
+L

95 matches found

OSV
OSV
added 2023/10/16 10:15 p.m.5 views

UBUNTU-CVE-2023-45807

OpenSearch is a community-driven, open source fork of Elasticsearch and Kibana following the license change in early 2021. There is an issue with the implementation of tenant permissions in OpenSearch Dashboards where authenticated users with read-only access to a tenant can perform create, edit...

5.4CVSS5.8AI score0.0041EPSS
Exploits0References3
OSV
OSV
added 2023/06/28 3:15 p.m.4 views

CVE-2023-20136

A vulnerability in the OpenAPI of Cisco Secure Workload could allow an authenticated, remote attacker with the privileges of a read-only user to execute operations that should require Administrator privileges. The attacker would need valid user credentials. This vulnerability is due to improper...

6.5CVSS5.9AI score0.00517EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2023/06/07 11:0 p.m.3 views

CVE-2023-20136

A vulnerability in the OpenAPI of Cisco Secure Workload could allow an authenticated, remote attacker with the privileges of a read-only user to execute operations that should require Administrator privileges. The attacker would need valid user credentials. This vulnerability is due to improper...

6.5CVSS6.7AI score0.00517EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2023/05/11 12:15 p.m.17 views

CVE-2023-31445

Cassia Access controller before 2.1.1.2203171453, was discovered to have a unprivileged -information disclosure vulnerability that allows read-only users have the ability to enumerate all other users and discover e-mail addresses, phone numbers, and privileges of all other users...

5.3CVSS5.3AI score0.01155EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2023/05/11 12:15 p.m.4 views

CVE-2023-31445

Cassia Access controller before 2.1.1.2203171453, was discovered to have a unprivileged -information disclosure vulnerability that allows read-only users have the ability to enumerate all other users and discover e-mail addresses, phone numbers, and privileges of all other users...

5.3CVSS6.1AI score0.01155EPSS
Exploits1References5
CNNVD
CNNVD
added 2022/02/25 12:0 a.m.5 views

JetBrains YouTrack 安全漏洞

JetBrains YouTrack is a browser-based bug tracking and project management software from JetBrains Czech Republic. The software features error tracking, creating workflows and monitoring project progress.An elevation of privilege vulnerability exists in versions prior to JetBrains YouTrack...

4.3CVSS5.6AI score0.00631EPSS
Exploits0References2
Citrix
Citrix
added 2021/04/30 12:0 a.m.5 views

How to create read-only users on xenserver

Create read-only users on xenserver...

7.1AI score
Exploits0
OSV
OSV
added 2019/12/19 7:15 p.m.4 views

CVE-2019-18181

In CloudVision Portal all releases in the 2018.1 and 2018.2 Code train allows users with read-only permissions to bypass permissions for restricted functionality via CVP API calls through the Configlet Builder modules. This vulnerability can potentially enable authenticated users with read-only...

7.8CVSS7.1AI score0.0034EPSS
Exploits0References1
Citrix
Citrix
added 2019/04/09 12:0 a.m.12 views

How To Configure RADIUS and TACACS servers for read-only and admin users in SD-WAN

...

7.2AI score
Exploits0
Positive Technologies
Positive Technologies
added 2019/01/07 12:0 a.m.5 views

PT-2019-4929 · Ceph +3 · Ceph +3

Name of the Vulnerable Software and Affected Versions: Ceph versions prior to 13.2.4 Description: The issue is related to an authorization procedure error in the Ceph storage system. This error can be exploited by a remote attacker to gain unauthorized access to dm-crypt encryption keys used in...

8.1CVSS7.2AI score0.03249EPSS
Exploits1References78
NVD
NVD
added 2014/11/13 9:32 p.m.21 views

CVE-2014-7823

The virDomainGetXMLDesc API in Libvirt before 1.2.11 allows remote read-only users to obtain the VNC password by using the VIRDOMAINXMLMIGRATABLE flag, which triggers the use of the VIRDOMAINXMLSECURE flag...

5CVSS8AI score0.01905EPSS
Exploits0References8
UbuntuCve
UbuntuCve
added 2014/11/05 12:0 a.m.28 views

CVE-2014-7823

The virDomainGetXMLDesc API in Libvirt before 1.2.11 allows remote read-only users to obtain the VNC password by using the VIRDOMAINXMLMIGRATABLE flag, which triggers the use of the VIRDOMAINXMLSECURE flag...

5CVSS6.8AI score0.01905EPSS
Exploits0References3
NVD
NVD
added 2007/05/18 10:30 p.m.15 views

CVE-2007-2760

The canUpdate function in model/MRole.java in Adempiere before 3.1.6 does not properly validate user roles, which allows remote authenticated read-only users to gain read-write privileges. NOTE: some of these details are obtained from third party information...

9CVSS6.5AI score0.01734EPSS
Exploits0References4
Prion
Prion
added 2007/05/18 10:30 p.m.14 views

Information disclosure

The canUpdate function in model/MRole.java in Adempiere before 3.1.6 does not properly validate user roles, which allows remote authenticated read-only users to gain read-write privileges. NOTE: some of these details are obtained from third party information...

9CVSS7AI score0.01734EPSS
Exploits0References4Affected Software1
securityvulns
securityvulns
added 2006/01/19 12:0 a.m.34 views

[VulnWatch] Cisco Security Advisory: Cisco Call Manager Privilege Escalation

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Security Advisory: Cisco Call Manager Privilege Escalation Advisory ID: cisco-sa-20060118-ccmpe http://www.cisco.com/warp/public/707/cisco-sa-20060118-ccmpe.shtml Revision 1.0 ============ For Public Release 2006 January 18 1600 UTC GMT -...

0.5AI score
Exploits0
Rows per page
Query Builder