15 matches found
EUVD-2016-2263
Malware in sbrugna...
EUVD-2021-23372
Malware in sbrugna...
CVE-2021-36795
A permission issue in the Cohesity Linux agent may allow privilege escalation in version 6.5.1b to 6.5.1d-hotfix10, 6.6.0a to 6.6.0b-hotfix1. An underprivileged linux user, if certain environment criteria are met, can gain additional privileges...
CVE-2016-1159
In ZOHO Password Manager Pro PMP 8.3.0 Build 8303 and 8.4.0 Build 8400,8401,8402, underprivileged users can obtain sensitive information entry password history via a vulnerable hidden service...
MongoDB 6.0.x < 6.0.13 / 7.0.x < 7.0.11 / 7.3.x < 7.3.3 (SERVER-93516)
The version of MongoDB installed on the remote host is prior to 6.0.13, 7.0.11, or 7.3.3. It is, therefore, affected by a vulnerability as referenced in the SERVER-93516 advisory. - Hot backup files may be downloaded by underprivileged users, if they are capable of acquiring a unique backup...
CVE-2024-6384
"Hot" backup files may be downloaded by underprivileged users, if they are capable of acquiring a unique backup identifier. This issue affects MongoDB Enterprise Server v6.0 versions prior to 6.0.16, MongoDB Enterprise Server v7.0 versions prior to 7.0.11 and MongoDB Enterprise Server v7.3 versio...
CVE-2024-6384
CVE-2024-6384 affects MongoDB Enterprise Server: hot backup files can be downloaded by underprivileged users who obtain a unique backup identifier. Impact is stated for MongoDB Enterprise Server v6.0 before 6.0.16, v7.0 before 7.0.11, and v7.3 before 7.3.3. The entry lists a base score of 5.3 (ME...
CVE-2024-6384 Backup files may be downloaded by underprivileged users in MongoDB Enterprise Server
"Hot" backup files may be downloaded by underprivileged users, if they are capable of acquiring a unique backup identifier. This issue affects MongoDB Enterprise Server v6.0 versions prior to 6.0.16, MongoDB Enterprise Server v7.0 versions prior to 7.0.11 and MongoDB Enterprise Server v7.3 versio...
CVE-2024-6384 Backup files may be downloaded by underprivileged users in MongoDB Enterprise Server
"Hot" backup files may be downloaded by underprivileged users, if they are capable of acquiring a unique backup identifier. This issue affects MongoDB Enterprise Server v6.0 versions prior to 6.0.16, MongoDB Enterprise Server v7.0 versions prior to 7.0.11 and MongoDB Enterprise Server v7.3 versio...
Backup files may be downloaded by underprivileged users in MongoDB Enterprise Server
"Hot" backup files may be downloaded by underprivileged users, if they are capable of acquiring a unique backup identifier. This issue affects MongoDB Enterprise Server v6.0 versions prior to 6.0.16, MongoDB Enterprise Server v7.0 versions prior to 7.0.11 and MongoDB Enterprise Server v7.3 versio...
Gallagher Command Centre security breach
Gallagher Command Centre is a centralized control tool for Gallagher access control systems from Gallagher New Zealand. A security vulnerability exists in Gallagher Command Centre vEL prior to 8.70.1787 MR2, EL prior to 8.60.2039 MR4, and 8.50 and earlier, which stems from a response discrepancy ...
Deserialization of untrusted data
Version 3.3.23 of the Sassy Social Share WordPress plugin is vulnerable to PHP Object Injection via the wpajaxheateorsssimportconfig AJAX action due to deserialization of unvalidated user supplied inputs via the importconfig function found in the /admin/class-sassy-social-share-admin.php file. Th...
CVE-2021-36795
A permission issue in the Cohesity Linux agent may allow privilege escalation in version 6.5.1b to 6.5.1d-hotfix10, 6.6.0a to 6.6.0b-hotfix1. An underprivileged linux user, if certain environment criteria are met, can gain additional privileges...
CVE-2016-1159
In ZOHO Password Manager Pro PMP 8.3.0 Build 8303 and 8.4.0 Build 8400,8401,8402, underprivileged users can obtain sensitive information entry password history via a vulnerable hidden service...
SA-CONTRIB-2011-012 - Spaces - Access bypass
The Spaces module makes sitewide configuration options available to be overridden by individual "spaces" on a Drupal site. Spaces provides a Views module access plugin that does not properly check its permission setting which may allow underprivileged users to visit certain pages. This...