2 matches found
Incorrect Authorization
Overview Affected versions of this package are vulnerable to Incorrect Authorization in the HTTP Basic authentication. An attacker can perform unauthorized write actions, such as modifying user profiles, adding email addresses, creating repositories, and deleting repositories, by submitting an...
CVE-2004-1190
SUSE Linux before 9.1 and SUSE Linux Enterprise Server before 9 do not properly check commands sent to CD devices that have been opened read-only, which could allow local users to conduct unauthorized write activities to modify the firmware of associated SCSI devices...