36 matches found
KLA89270 Multiple vulnerabilities in Microsoft Azure
Multiple vulnerabilities were found in Microsoft Azure. Malicious users can exploit these vulnerabilities to gain privileges. Below is a complete list of vulnerabilities: 1. An elevation of privilege vulnerability in Azure Monitor Agent can be exploited remotely to gain privileges. 2. An elevatio...
Linux Distros Unpatched Vulnerability : CVE-2016-3744
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Buffer overflow in the createpbuf function in btif/src/btifhh.c in Bluetooth in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before...
Linux Distros Unpatched Vulnerability : CVE-2016-6211
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The User module in Drupal 7.x before 7.44 allows remote authenticated users to gain privileges via vectors involving contributed or custom code that triggers a...
PT-2024-20280 · Ruijie · Ruijie Rg-Nbs2009G-P Rgos
Name of the Vulnerable Software and Affected Versions: Ruijie RG-NBS2009G-P RGOS version 10.41P2 Release 9736 Description: The issue allows a remote attacker to gain privileges via the login check state component. This is due to an Insecure Permissions vulnerability. A remote attacker can exploit...
The vulnerability of the Kerberos protocol for Windows operating systems allows attackers to increase their privileges.
The vulnerability of the Graphics component in Windows operating systems is related to deficiencies in authentication procedures. Exploiting this vulnerability can allow a malicious actor to gain increased privileges remotely...
CVE-2023-42327
Cross Site Scripting XSS vulnerability in Netgate pfSense v.2.7.0 allows a remote attacker to gain privileges via a crafted URL to the getserviceproviders.php page...
CVE-2023-42325
Cross Site Scripting XSS vulnerability in Netgate pfSense v.2.7.0 allows a remote attacker to gain privileges via a crafted url to the statuslogsfilterdynamic.php page...
CVE-2023-27846
SQL injection vulnerability found in PrestaShop themevolty v.4.0.8 and before allow a remote attacker to gain privileges via the tvcmsblog, tvcmsvideotab, tvcmswishlist, tvcmsbrandlist, tvcmscategorychainslider, tvcmscategoryproduct, tvcmscategoryslider, tvcmspaymenticon, tvcmstestimonial...
CVE-2023-36213
SQL injection vulnerability in MotoCMS v.3.4.3 allows a remote attacker to gain privileges via the keyword parameter of the search function...
CVE-2023-36082
An isssue in GatesAIr Flexiva FM Transmitter/Exiter Fax 150W allows a remote attacker to gain privileges via the LDAP and SMTP credentials...
CVE-2023-26864
SQL injection vulnerability found in PrestaShop smplredirectionsmanager v.1.1.19 and before allow a remote attacker to gain privileges via the SmplTools::getMatchingRedirectionsFromPartscomponent...
PT-2022-18506 · Sick · Sick Sim2000St
Name of the Vulnerable Software and Affected Versions: SICK SIM2000ST versions =1.7.0 Description: A password recovery issue allows an unprivileged remote attacker to invoke the password recovery mechanism method, gaining access to the user level defined as RecoverableUserLevel. This results in...
The vulnerability of Emerson DeltaV industrial workstations, related to the use of cryptographic algorithms containing defects, allows attackers to exploit their privileges.
The vulnerability of Emerson DeltaV industrial workstations lies in the use of cryptographic algorithms that contain vulnerabilities. Exploiting this vulnerability can allow a remote attacker to gain increased privileges...
CVE-2021-40579
https://www.sourcecodester.com/ Online Enrollment Management System in PHP and PayPal Free Source Code 1.0 is affected by: Incorrect Access Control. The impact is: gain privileges remote...
CVE-2021-40579
The CVE-2021-40579 entry concerns the PayPal Free Source Code Online Enrollment Management System in PHP (version 1.0) and related components, affected by Incorrect Access Control. The underlying impact is remote privilege gain through improper privilege validation when obtaining PHP and PayPal F...
CVE-2020-18964
Cross Site Request Forgery CSRF Vulnerability in ForestBlog latest version via the website Management background, which could let a remote malicious gain privileges...
CVE-2021-29054
Certain Papoo products are affected by: Cross Site Request Forgery CSRF in the admin interface. This affects Papoo CMS Light through 21.02 and Papoo CMS Pro through 6.0.1. The impact is: gain privileges remote...
CVE-2020-18714
SQL Injection in Rockoa v1.8.7 allows remote attackers to gain privileges due to loose filtering of parameters in wordModel.php's getdata function...
CVE-2020-23448
This CVE concerns the NewBee-Mall application where all versions are affected by an incorrect access control flaw in AdminLoginInterceptor.java that allows bypassing authentication for the /admin area, enabling privilege escalation. The root cause is the bypass of the system’s authentication logi...
CVE-2020-23448
newbee-mall all versions are affected by incorrect access control to remotely gain privileges through AdminLoginInterceptor.java. The authentication logic of the system's background /admin is in code AdminLoginInterceptor, which can be bypassed...