1779 matches found
CVE-2022-30121
The “LANDeskR Management Agent” service exposes a socket and once connected, it is possible to launch commands only for signed executables. This is a security bug that allows a limited user to get escalated admin privileges on their system...
Information disclosure
The “LANDeskR Management Agent” service exposes a socket and once connected, it is possible to launch commands only for signed executables. This is a security bug that allows a limited user to get escalated admin privileges on their system...
CVE-2022-30121
The “LANDeskR Management Agent” service exposes a socket and once connected, it is possible to launch commands only for signed executables. This is a security bug that allows a limited user to get escalated admin privileges on their system...
CVE-2022-30121
The “LANDeskR Management Agent” service exposes a socket and once connected, it is possible to launch commands only for signed executables. This is a security bug that allows a limited user to get escalated admin privileges on their system...
CVE-2022-30121
CVE-2022-30121 affects Ivanti/LANDesk Management Agent. The vulnerability arises because the LANDesk Management Agent service exposes a socket that, once connected, allows execution of commands only for signed executables, enabling a limited user to escalate to admin privileges on the host. Docum...
Normal user can set himself or any other user to admin role
Description Improper access to an API endpointAddUserToRole can allow a regular user to escalate his privileges to be an admin Infected code AuthorizeRoles = Roles.User HttpPost public async Task AddUserToRoleFromQuery string username, string role var results = await...
gottable.in Cross Site Scripting vulnerability OBB-2936751
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
Docker supplementary group permissions not set up properly, allowing attackers to bypass primary group restrictions
Moby is an open-source project created by Docker to enable software containerization. A bug was found in Moby Docker Engine where supplementary groups are not set up properly. If an attacker has direct access to a container and manipulates their supplementary group access, they may be able to use...
CVE-2022-39145
CVE-2022-39145 affects Siemens Parasolid (V33.1, V34.0, V34.1, V35.0) and Simcenter Femap (V2022.1, V2022.2). The vulnerability is an out-of-bounds read when parsing X_T files, enabling potential code execution in the compromised process. Affected ranges include Parasolid V33.1 prior to 263, V34....
CVE-2022-36109
Moby is an open-source project created by Docker to enable software containerization. A bug was found in Moby Docker Engine where supplementary groups are not set up properly. If an attacker has direct access to a container and manipulates their supplementary group access, they may be able to use...
CVE-2022-38790
Summary : CVE-2022-38790 affects Weave GitOps Enterprise before 0.9.0-rc.5 with a cross-site scripting (XSS) vulnerability in the UI. An attacker can inject a javascript: link into the UI, which, when clicked by a victim, executes with the victim’s permissions. The exposure is surfaced in the Git...
User Enumeration via Response Timing
Description There is a significant timing difference in the login functionality for valid and invalid usernames. Proof of Concept 1. Attempt a Login with a valid user and an invalid user and observe the difference in the response time Here is a small test script alternatively we can see the...
NULL Pointer Dereference in vim/vim
...
SUSE: Security Advisory (SUSE-SU-2022:2875-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Persistent Cross Site Scripting - LayoutEditor Module - Settings
Description The application uses Purifier to avoid the Cross Site Scripting attack. However, On LayoutEditor module from Settings, the type of fieldModel-label parameter is "Text" but it is not validated and it's used directly without any encoding or validation on LayoutEditor/EditField.tpl. It...
CVE-2022-35449
OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x6b0466...
CVE-2022-2390
CVE-2022-2390 affects the Google Play Services SDK. The issue stems from the mutability flag on PendingIntents passed to the Notification service, present in SDKs prior to version 18.0.2. This misconfiguration can allow an attacker to access all non-exported providers and/or other providers for w...
CVE-2021-0734
CVE-2021-0734 describes a side-channel information disclosure in Android Settings that can reveal whether an app is installed without query permissions, enabling local information disclosure on Android 13. The issue affects the Settings component and does not require user interaction, with a loca...
GitLab: Stored-XSS with CSP-bypass via labels' color
Stored-XSS with CSP-bypass was discovered in Gitlab that allowed attackers to execute arbitrary actions on behalf of victims at the client side. This was possible due to the import of unsanitized label colors from Github, which led to the execution of malicious JavaScript code...
Insufficient Session Expiration
Insufficient Session Expiration in GitHub repository cockpit-hq/cockpit prior to 2.2.0...