Search
Total
331 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-13677 | 1 Google | 1 Chrome | 2019-12-02 | 4.3 MEDIUM | 6.5 MEDIUM |
| Insufficient policy enforcement in site isolation in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to bypass site isolation via a crafted HTML page. | |||||
| CVE-2019-18450 | 1 Gitlab | 1 Gitlab | 2019-11-27 | 4.0 MEDIUM | 4.3 MEDIUM |
| An issue was discovered in GitLab Community and Enterprise Edition before 12.4 in the Project labels feature. It has Insecure Permissions. | |||||
| CVE-2019-18452 | 1 Gitlab | 1 Gitlab | 2019-11-27 | 5.0 MEDIUM | 5.3 MEDIUM |
| An issue was discovered in GitLab Community and Enterprise Edition 11.3 through 12.4 when moving an issue to a public project from a private one. It has Insecure Permissions. | |||||
| CVE-2019-18453 | 1 Gitlab | 1 Gitlab | 2019-11-27 | 4.0 MEDIUM | 4.3 MEDIUM |
| An issue was discovered in GitLab Community and Enterprise Edition 11.6 through 12.4 in the add comments via email feature. It has Insecure Permissions. | |||||
| CVE-2019-18447 | 1 Gitlab | 1 Gitlab | 2019-11-27 | 4.0 MEDIUM | 4.3 MEDIUM |
| An issue was discovered in GitLab Community and Enterprise Edition before 12.4. It has Insecure Permissions. | |||||
| CVE-2019-18446 | 1 Gitlab | 1 Gitlab | 2019-11-27 | 5.5 MEDIUM | 4.3 MEDIUM |
| An issue was discovered in GitLab Community and Enterprise Edition 8.15 through 12.4. It has Insecure Permissions (issue 1 of 2). | |||||
| CVE-2015-9456 | 1 Orbisius | 1 Child Theme Creator | 2019-10-10 | 4.0 MEDIUM | 6.5 MEDIUM |
| The orbisius-child-theme-creator plugin before 1.2.8 for WordPress has incorrect access control for file modification via the wp-admin/admin-ajax.php?action=orbisius_ctc_theme_editor_ajax&sub_cmd=save_file theme_1, theme_1_file, or theme_1_file_contents parameter. | |||||
| CVE-2018-1370 | 1 Ibm | 1 Security Guardium Big Data Intelligence | 2019-10-09 | 6.5 MEDIUM | 5.4 MEDIUM |
| IBM Security Guardium Big Data Intelligence (SonarG) 3.1 specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors. IBM X-Force ID: 137769. | |||||
| CVE-2018-1724 | 1 Ibm | 1 Spectrum Lsf | 2019-10-09 | 4.6 MEDIUM | 5.3 MEDIUM |
| IBM Spectrum LSF 9.1.1 9.1.2, 9.1.3, and 10.1 could allow a local user to change their job user at job submission time due to improper file permission settings. IBM X-Force ID: 147439. | |||||
| CVE-2018-1113 | 2 Fedoraproject, Redhat | 6 Fedora, Enterprise Linux, Enterprise Linux Desktop and 3 more | 2019-10-09 | 4.6 MEDIUM | 5.3 MEDIUM |
| setup before version 2.11.4-1.fc28 in Fedora and Red Hat Enterprise Linux added /sbin/nologin and /usr/sbin/nologin to /etc/shells. This violates security assumptions made by pam_shells and some daemons which allow access based on a user's shell being listed in /etc/shells. Under some circumstances, users which had their shell changed to /sbin/nologin could still access the system. | |||||
| CVE-2018-1420 | 1 Ibm | 1 Websphere Portal | 2019-10-09 | 4.0 MEDIUM | 6.5 MEDIUM |
| IBM WebSphere Portal 7.0, 8.0, 8.5, and 9.0 resets access control settings to the out of the box configuration during Combined Cumulative Fix (CF) installation. This can lead to security miss-configuration of the installation. IBM X-Force ID: 138950. | |||||
| CVE-2018-14825 | 2 Google, Honeywell | 15 Android, Ck75, Cn51 and 12 more | 2019-10-09 | 6.8 MEDIUM | 5.8 MEDIUM |
| On Honeywell Mobile Computers (CT60 running Android OS 7.1, CN80 running Android OS 7.1, CT40 running Android OS 7.1, CK75 running Android OS 6.0, CN75 running Android OS 6.0, CN75e running Android OS 6.0, CT50 running Android OS 6.0, D75e running Android OS 6.0, CT50 running Android OS 4.4, D75e running Android OS 4.4, CN51 running Android OS 6.0, EDA50k running Android 4.4, EDA50 running Android OS 7.1, EDA50k running Android OS 7.1, EDA70 running Android OS 7.1, EDA60k running Android OS 7.1, and EDA51 running Android OS 8.1), a skilled attacker with advanced knowledge of the target system could exploit this vulnerability by creating an application that would successfully bind to the service and gain elevated system privileges. This could enable the attacker to obtain access to keystrokes, passwords, personal identifiable information, photos, emails, or business-critical documents. | |||||
| CVE-2018-12467 | 1 Opensuse | 1 Open Build Service | 2019-10-09 | 5.5 MEDIUM | 6.5 MEDIUM |
| Authorized users of the openbuildservice before 2.9.4 could delete packages by using a malicious request against projects having the OBS:InitializeDevelPackage attribute, a similar issue to CVE-2018-7689. | |||||
| CVE-2018-12466 | 1 Opensuse | 1 Open Build Service | 2019-10-09 | 5.5 MEDIUM | 6.5 MEDIUM |
| openSUSE openbuildservice before 9.2.4 allowed authenticated users to delete packages on specific projects with project links. | |||||
| CVE-2018-0352 | 1 Cisco | 1 Wide Area Application Services | 2019-10-09 | 7.2 HIGH | 6.7 MEDIUM |
| A vulnerability in the Disk Check Tool (disk-check.sh) for Cisco Wide Area Application Services (WAAS) Software could allow an authenticated, local attacker to elevate their privilege level to root. The attacker must have valid user credentials with super user privileges (level 15) to log in to the device. The vulnerability is due to insufficient validation of script files executed in the context of the Disk Check Tool. An attacker could exploit this vulnerability by replacing one script file with a malicious script file while the affected tool is running. A successful exploit could allow the attacker to gain root-level privileges and take full control of the device. Cisco Bug IDs: CSCvi72673. | |||||
| CVE-2018-0392 | 1 Cisco | 6 Mobility Services Engine 3310, Mobility Services Engine 3310 Firmware, Mobility Services Engine 3355 and 3 more | 2019-10-09 | 2.1 LOW | 5.5 MEDIUM |
| A vulnerability in the CLI of Cisco Policy Suite could allow an authenticated, local attacker to access files owned by another user. The vulnerability is due to insufficient access control permissions (i.e., World-Readable). An attacker could exploit this vulnerability by logging in to the CLI. An exploit could allow the attacker to access potentially sensitive files that are owned by a different user. Cisco Bug IDs: CSCvh18087. | |||||
| CVE-2018-0088 | 1 Cisco | 3 Ie-4010-16s12p, Ie-4010-4s24p, Industrial Ethernet 4010 Series Firmware | 2019-10-09 | 7.2 HIGH | 6.7 MEDIUM |
| A vulnerability in one of the diagnostic test CLI commands on Cisco Industrial Ethernet 4010 Series Switches running Cisco IOS Software could allow an authenticated, local attacker to impact the stability of the device. This could result in arbitrary code execution or a denial of service (DoS) condition. The attacker has to have valid user credentials at privilege level 15. The vulnerability is due to a diagnostic test CLI command that allows the attacker to write to the device memory. An attacker could exploit this vulnerability by authenticating to the targeted device and issuing a specific diagnostic test command at the CLI. An exploit could allow the attacker to overwrite system memory locations, which could have a negative impact on the stability of the device. Cisco Bug IDs: CSCvf71150. | |||||
| CVE-2017-9268 | 1 Opensuse | 1 Open Build Service | 2019-10-09 | 4.0 MEDIUM | 6.5 MEDIUM |
| In the open build service before 201707022 the wipetrigger and rebuild actions checked the wrong project for permissions, allowing authenticated users to cause operations on projects where they did not have permissions leading to denial of service (resource consumption). | |||||
| CVE-2017-7560 | 1 Redhat | 1 Rhnsd | 2019-10-09 | 4.9 MEDIUM | 5.5 MEDIUM |
| It was found that rhnsd PID files are created as world-writable that allows local attackers to fill the disks or to kill selected processes. | |||||
| CVE-2017-2612 | 1 Jenkins | 1 Jenkins | 2019-10-09 | 5.5 MEDIUM | 5.4 MEDIUM |
| In Jenkins before versions 2.44, 2.32.2 low privilege users were able to override JDK download credentials (SECURITY-392), resulting in future builds possibly failing to download a JDK. | |||||
| CVE-2017-1624 | 1 Ibm | 1 Qradar Security Information And Event Manager | 2019-10-09 | 5.5 MEDIUM | 5.4 MEDIUM |
| IBM QRadar 7.3 and 7.3.1 specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors. IBM X-Force ID: 133122. | |||||
| CVE-2017-0884 | 1 Nextcloud | 1 Nextcloud | 2019-10-09 | 4.0 MEDIUM | 4.3 MEDIUM |
| Nextcloud Server before 9.0.55 and 10.0.2 suffers from a creation of folders in read-only folders despite lacking permissions issue. Due to a logical error in the file caching layer an authenticated adversary is able to create empty folders inside a shared folder. Note that this only affects folders and files that the adversary has at least read-only permissions for. | |||||
| CVE-2017-0883 | 1 Nextcloud | 1 Nextcloud Server | 2019-10-09 | 5.5 MEDIUM | 6.4 MEDIUM |
| Nextcloud Server before 9.0.55 and 10.0.2 suffers from a permission increase on re-sharing via OCS API issue. A permission related issue within the OCS sharing API allowed an authenticated adversary to reshare shared files with an increasing permission set. This may allow an attacker to edit files in a share despite having only a 'read' permission set. Note that this only affects folders and files that the adversary has at least read-only permissions for. | |||||
| CVE-2018-1000547 | 1 Corebos | 1 Corebos | 2019-10-08 | 5.0 MEDIUM | 5.3 MEDIUM |
| coreBOS version 7.0 and earlier contains a Incorrect Access Control vulnerability in Module: Contacts that can result in The error allows you to access records that you have no permissions to. . | |||||
| CVE-2017-9079 | 2 Debian, Dropbear Ssh Project | 2 Debian Linux, Dropbear Ssh | 2019-10-04 | 4.7 MEDIUM | 4.7 MEDIUM |
| Dropbear before 2017.75 might allow local users to read certain files as root, if the file has the authorized_keys file format with a command= option. This occurs because ~/.ssh/authorized_keys is read with root privileges and symlinks are followed. | |||||
| CVE-2018-12223 | 1 Intel | 1 Graphics Driver | 2019-10-03 | 4.6 MEDIUM | 6.3 MEDIUM |
| Insufficient access control in User Mode Driver in Intel(R) Graphics Driver for Windows* before versions 10.18.x.5059 (aka 15.33.x.5059), 10.18.x.5057 (aka 15.36.x.5057), 20.19.x.5063 (aka 15.40.x.5063) 21.20.x.5064 (aka 15.45.x.5064) and 24.20.100.6373 potentially enables an unprivileged user to escape from a virtual machine guest-to-host via local access. | |||||
| CVE-2018-12200 | 1 Intel | 1 Capability Licensing Service | 2019-10-03 | 4.6 MEDIUM | 6.7 MEDIUM |
| Insufficient access control in Intel(R) Capability Licensing Service before version 1.50.638.1 may allow an unprivileged user to potentially escalate privileges via local access. | |||||
| CVE-2018-1203 | 1 Dell | 1 Emc Isilon Onefs | 2019-10-03 | 7.2 HIGH | 6.7 MEDIUM |
| In Dell EMC Isilon OneFS, the compadmin is able to run tcpdump binary with root privileges. In versions between 8.1.0.0 - 8.1.0.1, 8.0.1.0 - 8.0.1.2, and 8.0.0.0 - 8.0.0.6, the tcpdump binary, being run with sudo, may potentially be used by compadmin to execute arbitrary code with root privileges. | |||||
| CVE-2018-11951 | 1 Qualcomm | 4 Sd 845, Sd 845 Firmware, Sd 850 and 1 more | 2019-10-03 | 4.9 MEDIUM | 5.5 MEDIUM |
| Improper access control in core module lead XBL_LOADER performs the ZI region clear for QTEE instead of XBL_SEC in Snapdragon Mobile in version SD 845, SD 850. | |||||
| CVE-2018-18349 | 3 Debian, Google, Redhat | 5 Debian Linux, Chrome, Enterprise Linux Desktop and 2 more | 2019-10-03 | 4.3 MEDIUM | 6.5 MEDIUM |
| Remote frame navigations was incorrectly permitted to local resources in Blink in Google Chrome prior to 71.0.3578.80 allowed an attacker who convinced a user to install a malicious extension to access files on the local file system via a crafted Chrome Extension. | |||||
| CVE-2018-10520 | 1 Cmsmadesimple | 1 Cms Made Simple | 2019-10-03 | 8.5 HIGH | 6.5 MEDIUM |
| In CMS Made Simple (CMSMS) through 2.2.7, the "module remove" operation in the admin dashboard contains an arbitrary file deletion vulnerability that can cause DoS, exploitable by an admin user, because the attacker can remove all lib/ files in all directories. | |||||
| CVE-2018-10518 | 1 Cmsmadesimple | 1 Cms Made Simple | 2019-10-03 | 8.5 HIGH | 6.5 MEDIUM |
| In CMS Made Simple (CMSMS) through 2.2.7, the "file delete" operation in the admin dashboard contains an arbitrary file deletion vulnerability that can cause DoS, exploitable by an admin user, because the attacker can remove all lib/ files in all directories. | |||||
| CVE-2018-1000510 | 1 Silkypress | 1 Image Zoom | 2019-10-03 | 4.0 MEDIUM | 6.5 MEDIUM |
| WP Image Zoom version 1.23 contains a Incorrect Access Control vulnerability in AJAX settings that can result in allows anybody to cause denial of service. This attack appear to be exploitable via Can be triggered intentionally (or unintentionally via CSRF) by any logged in user. This vulnerability appears to have been fixed in 1.24. | |||||
| CVE-2018-1000080 | 1 Ajenti | 1 Ajenti | 2019-10-03 | 4.0 MEDIUM | 6.5 MEDIUM |
| Ajenti version version 2 contains a Insecure Permissions vulnerability in Plugins download that can result in The download of any plugins as being a normal user. This attack appear to be exploitable via By knowing how the requisition is made, and sending it as a normal user, the server, in response, downloads the plugin. | |||||
| CVE-2018-7169 | 1 Shadow Project | 1 Shadow | 2019-10-03 | 5.0 MEDIUM | 5.3 MEDIUM |
| An issue was discovered in shadow 4.5. newgidmap (in shadow-utils) is setuid and allows an unprivileged user to be placed in a user namespace where setgroups(2) is permitted. This allows an attacker to remove themselves from a supplementary group, which may allow access to certain filesystem paths if the administrator has used "group blacklisting" (e.g., chmod g-rwx) to restrict access to paths. This flaw effectively reverts a security feature in the kernel (in particular, the /proc/self/setgroups knob) to prevent this sort of privilege escalation. | |||||
| CVE-2018-18352 | 3 Debian, Google, Redhat | 5 Debian Linux, Chrome, Enterprise Linux Desktop and 2 more | 2019-10-03 | 4.3 MEDIUM | 6.5 MEDIUM |
| Service works could inappropriately gain access to cross origin audio in Media in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to bypass same origin policy for audio content via a crafted HTML page. | |||||
| CVE-2017-9792 | 1 Apache | 1 Impala | 2019-10-03 | 4.0 MEDIUM | 6.5 MEDIUM |
| In Apache Impala (incubating) before 2.10.0, a malicious user with "ALTER" permissions on an Impala table can access any other Kudu table data by altering the table properties to make it "external" and then changing the underlying table mapping to point to other Kudu tables. This violates and works around the authorization requirement that creating a Kudu external table via Impala requires an "ALL" privilege at the server scope. This privilege requirement for "CREATE" commands is enforced to precisely avoid this scenario where a malicious user can change the underlying Kudu table mapping. The fix is to enforce the same privilege requirement for "ALTER" commands that would make existing non-external Kudu tables external. | |||||
| CVE-2017-9494 | 1 Motorola | 2 Mx011anm, Mx011anm Firmware | 2019-10-03 | 5.0 MEDIUM | 5.3 MEDIUM |
| The Comcast firmware on Motorola MX011ANM (firmware version MX011AN_2.9p6s1_PROD_sey) devices allows remote attackers to enable a Remote Web Inspector that is accessible from the public Internet. | |||||
| CVE-2017-8391 | 3 Ca, Linux, Microsoft | 3 Client Automation, Linux Kernel, Windows | 2019-10-03 | 2.1 LOW | 5.5 MEDIUM |
| The OS Installation Management component in CA Client Automation r12.9, r14.0, and r14.0 SP1 places an encrypted password into a readable local file during operating system installation, which allows local users to obtain sensitive information by reading this file after operating system installation. | |||||
| CVE-2017-8158 | 1 Huawei | 1 Fusioncompute | 2019-10-03 | 4.9 MEDIUM | 6.5 MEDIUM |
| FusionCompute V100R005C00 and V100R005C10 have an improper authorization vulnerability due to improper permission settings for a certain file on the host machine. An authenticated attacker could create a large number of virtual machine (VM) processes to exhaust system resources. Successful exploit could make new VMs unavailable. | |||||
| CVE-2017-7849 | 1 Tenable | 1 Nessus | 2019-10-03 | 2.1 LOW | 5.5 MEDIUM |
| Nessus 6.10.x before 6.10.5 was found to be vulnerable to a local denial of service condition due to insecure permissions when running in Agent Mode. | |||||
| CVE-2017-7307 | 1 Riverbed | 1 Rios | 2019-10-03 | 7.2 HIGH | 6.8 MEDIUM |
| Riverbed RiOS before 9.0.1 does not properly restrict shell access in single-user mode, which makes it easier for physically proximate attackers to obtain root privileges and access decrypted data by replacing the /opt/tms/bin/cli file. | |||||
| CVE-2017-7146 | 1 Apple | 1 Iphone Os | 2019-10-03 | 5.0 MEDIUM | 5.3 MEDIUM |
| An issue was discovered in certain Apple products. iOS before 11 is affected. The issue involves the "Security" component. It allows attackers to track users across installs via a crafted app that leverages Keychain data mishandling. | |||||
| CVE-2017-6928 | 2 Debian, Drupal | 2 Debian Linux, Drupal | 2019-10-03 | 3.5 LOW | 5.3 MEDIUM |
| Drupal core 7.x versions before 7.57 when using Drupal's private file system, Drupal will check to make sure a user has access to a file before allowing the user to view or download it. This check fails under certain conditions in which one module is trying to grant access to the file and another is trying to deny it, leading to an access bypass vulnerability. This vulnerability is mitigated by the fact that it only occurs for unusual site configurations. | |||||
| CVE-2017-6338 | 1 Trendmicro | 1 Interscan Web Security Virtual Appliance | 2019-10-03 | 4.0 MEDIUM | 6.5 MEDIUM |
| Multiple Access Control issues in Trend Micro InterScan Web Security Virtual Appliance (IWSVA) 6.5 before CP 1746 allow an authenticated, remote user with low privileges like 'Reports Only' or 'Auditor' to change FTP Access Control Settings, create or modify reports, or upload an HTTPS Decryption Certificate and Private Key. | |||||
| CVE-2017-5426 | 2 Linux, Mozilla | 3 Linux Kernel, Firefox, Thunderbird | 2019-10-03 | 5.0 MEDIUM | 5.3 MEDIUM |
| On Linux, if the secure computing mode BPF (seccomp-bpf) filter is running when the Gecko Media Plugin sandbox is started, the sandbox fails to be applied and items that would run within the sandbox are run protected only by the running filter which is typically weak compared to the sandbox. Note: this issue only affects Linux. Other operating systems are not affected. This vulnerability affects Firefox < 52 and Thunderbird < 52. | |||||
| CVE-2017-2115 | 1 Cybozu | 1 Office | 2019-10-03 | 4.0 MEDIUM | 4.3 MEDIUM |
| Cybozu Office 10.0.0 to 10.5.0 allows remote authenticated attackers to bypass access restriction to obtain "customapp" information via unspecified vectors. | |||||
| CVE-2018-19072 | 2 Foscam, Opticam | 6 C2, C2 Application Firmware, C2 System Firmware and 3 more | 2019-10-03 | 3.6 LOW | 5.5 MEDIUM |
| An issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application Firmware 2.72.1.32, and Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. /mnt/mtd/app has 0777 permissions, allowing local users to replace an archive file (within that directory) to control what is extracted to RAM at boot time. | |||||
| CVE-2018-19589 | 1 Utimaco | 2 Securityserver Cse, Securityserver Cse Firmware | 2019-10-03 | 5.5 MEDIUM | 6.5 MEDIUM |
| Incorrect Access Controls of Security Officer (SO) in PKCS11 R2 provider that ships with the Utimaco CryptoServer HSM product package allows an SO authenticated to a slot to retrieve attributes of keys marked as private keys in external key storage, and also delete keys marked as private keys in external key storage. This compromises the availability of all keys configured with external key storage and may result in an economic attack in which the attacker denies legitimate users access to keys while maintaining possession of an encrypted copy (blob) of the external key store for ransom. This attack has been dubbed reverse ransomware attack and may be executed via a physical connection to the CryptoServer or remote connection if SSH or remote access to LAN CryptoServer has been compromised. The Confidentiality and Integrity of the affected keys, however, remain untarnished. | |||||
| CVE-2018-20007 | 1 Yeelight | 2 Smart Ai Speaker, Smart Ai Speaker Firmware | 2019-10-03 | 7.2 HIGH | 6.8 MEDIUM |
| Yeelight Smart AI Speaker 3.3.10_0074 devices have improper access control over the UART interface, allowing physical attackers to obtain a root shell. The attacker can then exfiltrate the audio data, read cleartext Wi-Fi credentials in a log file, or access other sensitive device and user information. | |||||