Lucene search
K

8 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 10:27 p.m.6 views

CVE-2022-23497

FreshRSS is a free, self-hostable RSS aggregator. User configuration files can be accessed by a remote user. In addition to user preferences, such configurations contain hashed passwords brypt with cost 9, salted of FreshRSS Web interface. If the API is used, the configuration might contain a...

7.5CVSS7.2AI score0.00838EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/04/30 12:0 a.m.3 views

Bosch Rexroth ctrlX OS 安全漏洞

Bosch Rexroth ctrlX OS is a Linux-based real-time operating system from Bosch Rexroth, an open control platform designed for industrial automation equipment. A security vulnerability exists in Bosch Rexroth ctrlX OS that stems from improper handling of user configuration files, which could lead t...

6.5CVSS6.4AI score0.00239EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2022/12/09 10:16 p.m.8 views

CVE-2022-23497 Insecure file access in FreshRSS

FreshRSS is a free, self-hostable RSS aggregator. User configuration files can be accessed by a remote user. In addition to user preferences, such configurations contain hashed passwords brypt with cost 9, salted of FreshRSS Web interface. If the API is used, the configuration might contain a...

6.5CVSS7.7AI score0.00838EPSS
Exploits0References3
Cvelist
Cvelist
added 2022/12/09 10:16 p.m.22 views

CVE-2022-23497 Insecure file access in FreshRSS

FreshRSS is a free, self-hostable RSS aggregator. User configuration files can be accessed by a remote user. In addition to user preferences, such configurations contain hashed passwords brypt with cost 9, salted of FreshRSS Web interface. If the API is used, the configuration might contain a...

6.5CVSS7.8AI score0.00838EPSS
Exploits0References3
CNNVD
CNNVD
added 2022/08/10 12:0 a.m.5 views

Zimbra 安全漏洞

Zimbra is an open source email collaboration platform from Zimbra, Inc. in the United States. Zimbra suffers from a security vulnerability that stems from its sudo configuration that allows a user to execute zmslapd binaries as the root user with arbitrary parameters. As part of its intended...

7.8CVSS8.4AI score0.01683EPSS
Exploits4References5
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.30 views

Digital Unix 4.0 MSGCHK MH_PROFILE Symbolic Link Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/3320/info The msgchk utility under certain versions of Digital Unix contains an information disclosure vulnerability which could yield root privilege. Because msgchk fails to check file permissions before opening user...

7.1AI score
Exploits0
OSV
OSV
added 2005/02/14 12:0 a.m.17 views

DSA-681-1 synaesthesia - privilege escalation

Bulletin has no description...

7.2CVSS6.2AI score0.00369EPSS
Exploits0
Exploit DB
Exploit DB
added 2001/09/10 12:0 a.m.25 views

Digital Unix 4.0 - MSGCHK MH_PROFILE Symbolic Link

source: https://www.securityfocus.com/bid/3320/info The msgchk utility under certain versions of Digital Unix contains an information disclosure vulnerability which could yield root privilege. Because msgchk fails to check file permissions before opening user configuration files in the user's hom...

7.4AI score
Exploits0
Rows per page
Query Builder