8 matches found
CVE-2024-0068
CVE-2024-0068 concerns an improper Link Resolution Before File Access (Link Following) vulnerability in HYPR Workforce Access on macOS, affecting versions prior to 8.7.1. The core issue is incorrect resolution of file access links, which can enable file manipulation. Public sources consistently i...
CVE-2022-1984
HYPR CVE-2022-1984 affects HYPR Windows WFA versions prior to 7.2. It is described as an Unsafe Deserialization vulnerability in HYPR Workforce Access (WFA) that may allow locally authenticated attackers to elevate privileges via a malicious serialized payload. The underlying issue is insecure de...
CVE-2022-3258
The CVE-2022-3258 issue affects HYPR Workforce Access on Windows, described as an Incorrect Permission Assignment for Critical Resource vulnerability that enables Authentication Abuse. Root cause is misassignment of permissions on critical resources, allowing unauthorized authentication-related a...
CVE-2023-6336
CVE-2023-6336 affects HYPR Workforce Access on macOS. The vulnerability is an improper Link Resolution Before File Access ("Link Following"), allowing a user-controlled filename to influence file access. Public sources consistently describe the issue as affecting HYPR Workforce Access prior to ve...
CVE-2023-0834
The CVE-2023-0834 entry concerns HYPR Workforce Access on macOS with an Incorrect Permission Assignment for a Critical Resource, enabling Privilege Escalation. Affected versions are HYPR Workforce Access 6.12 through prior to 8.1. The issue stems from misassigned permissions on a critical resourc...
CVE-2023-5097
CVE-2023-5097 affects HYPR Workforce Access on Windows, exploiting improper input validation that enables path traversal. The issue is tied to HYPR Workforce Access versions prior to 8.7. NVD lists base scores of 5.5 (LOCAL, LOW user interaction, High confidentiality impact) and a separate CNA sc...
CVE-2023-6334
HYPR Workforce Access for Windows is affected by CVE-2023-6334 due to an improper restriction of operations within a memory buffer, leading to a buffer overflow. Affected product: HYPR Workforce Access (Windows); vulnerable component/condition: operations within a memory buffer not properly restr...
CVE-2023-6335
The CVE-2023-6335 issue is an Improper Link Resolution Before File Access ("Link Following") vulnerability in HYPR Workforce Access on Windows, affecting versions before 8.7. The root cause is a misresolution of file access links that allows a user-controlled filename, potentially enabling unauth...