15 matches found
EUVD-2020-28108
Malware in sbrugna...
EUVD-2005-2373
Malware in sbrugna...
EUVD-2022-37360
Malicious code in bioql PyPI...
CVE-2022-26323
OpenText OpenText Operations Bridge Manager, Operations Bridge Suite (Containerized), and OpenText UCMDB (Classic and Containerized) are affected by CVE-2022-26323. The issue is described as Incorrect Use of Privileged APIs that could allow authenticated attackers to escalate privileges. Affected...
Schneider Electric Accutech Manager Buffer Overflow Vulnerability (CNVD-2023-85391)
Schneider Electric Accutech Manager is an easy-to-use interface from Schneider Electric, France, that provides field device and basic radio performance data. A buffer overflow vulnerability exists in Schneider Electric Accutech Manager version 2.7 and prior versions, which stems from an unchecked...
RXSA-2023:1566 Important: kernel security, bug fix, and enhancement update
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: stack overflow in doprocdointvec and procskipspaces CVE-2022-4378 ALSA: pcm: Move rwsem lock inside sndctlelemread to prevent UAF CVE-2023-0266 kernel: FUSE filesystem low-privileged user...
Important: kernel security and bug fix update
The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: kernel: FUSE filesystem low-privileged user privileges escalation CVE-2023-0386 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related...
Cross site request forgery (csrf)
A cross-site request forgery CSRF in MipCMS v5.0.1 allows attackers to arbitrarily escalate user privileges to administrator via index.php?s=/user/ApiAdminUser/itemEdit...
CVE-2019-15953
An issue was discovered in Total.js CMS 12.0.0. An authenticated user with limited privileges can get access to a resource that they do not own by calling the associated API. The product correctly manages privileges only for the front-end resource path, not for API requests. This leads to vertica...
Rockwell Automation RSLinx Classic <= 3.90.01 and FactoryTalk Linx Gateway <= 3.90.00 user privileges escalation
Binary data 720162.prm...
CVE-2018-10619
An unquoted search path or element in RSLinx Classic Versions 3.90.01 and prior and FactoryTalk Linx Gateway Versions 3.90.00 and prior may allow an authorized, but non-privileged local user to execute arbitrary code and allow a threat actor to escalate user privileges on the affected workstation...
CVE-2017-17103
Fiyo CMS 2.0.7 has SQL injection in /apps/appuser/sysuser.php via $POSTname or $POSTemail. This vulnerability can lead to escalation from normal user privileges to administrator privileges...
MGASA-2017-0178 Updated firefox packages fix security vulnerabilities
Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox CVE-2017-5470, CVE-2017-5472, CVE-2017-7749, CVE-2017-7751,...
CMSPro! 2.08 Cross Site Request Forgery
CMSPro! 2.08 CSRF Vulnerability Title : CMSPro! 2.08 Cross Site Request Forgery CSRF Vulnerability Software : CMSPro! Version : 2.08 Site : http://www.wojoscripts.com/cmspro/ or http://codecanyon.net/item/cms-pro-lightweight-content-management-system/140078 Author : Xadpritox Email :...
Solaris 2.67.0 - DTMail Mail Environment Variable Buffer Overflow
Solaris 2.67.0 - DTMail Mail Environment Variable Buffer Overflow // source: https://www.securityfocus.com/bid/3081/info dtmail is an application included with the Common Desktop Environment, one of the X Window Managers included with Solaris. A buffer overflow in dtmail makes it possible for a...