Search
Total
952 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-20200 | 1 Cisco | 15 Firepower 4112, Firepower 4112 Firmware, Firepower 4115 and 12 more | 2024-01-12 | N/A | 6.3 MEDIUM |
| A vulnerability in the Simple Network Management Protocol (SNMP) service of Cisco FXOS Software for Firepower 4100 Series and Firepower 9300 Security Appliances and of Cisco UCS 6300 Series Fabric Interconnects could allow an authenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to the improper handling of specific SNMP requests. An attacker could exploit this vulnerability by sending a crafted SNMP request to an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition. Note: This vulnerability affects all supported SNMP versions. To exploit this vulnerability through SNMPv2c or earlier, an attacker must know the SNMP community string that is configured on an affected device. To exploit this vulnerability through SNMPv3, the attacker must have valid credentials for an SNMP user who is configured on the affected device. | |||||
| CVE-2023-26427 | 1 Open-xchange | 1 Open-xchange Appsuite Backend | 2024-01-12 | N/A | 3.3 LOW |
| Default permissions for a properties file were too permissive. Local system users could read potentially sensitive information. We updated the default permissions for noreply.properties set during package installation. No publicly available exploits are known. | |||||
| CVE-2023-44120 | 2024-01-09 | N/A | 7.8 HIGH | ||
| A vulnerability has been identified in Spectrum Power 7 (All versions < V23Q4). The affected product's sudo configuration permits the local administrative account to execute several entries as root user. This could allow an authenticated local attacker to inject arbitrary code and gain root access. | |||||
| CVE-2023-31238 | 1 Siemens | 2 Q200, Q200 Firmware | 2024-01-09 | N/A | 4.8 MEDIUM |
| A vulnerability has been identified in POWER METER SICAM Q100 (All versions < V2.60), POWER METER SICAM Q100 (All versions < V2.60), POWER METER SICAM Q100 (All versions < V2.60), POWER METER SICAM Q100 (All versions < V2.60). Affected devices are missing cookie protection flags when using the default settings. An attacker who gains access to a session token can use it to impersonate a legitimate application user. | |||||
| CVE-2020-16990 | 1 Microsoft | 1 Azure Sphere | 2023-12-31 | 2.1 LOW | 6.2 MEDIUM |
| Azure Sphere Information Disclosure Vulnerability | |||||
| CVE-2021-27070 | 1 Microsoft | 2 Windows 10, Windows Server 2016 | 2023-12-29 | 9.3 HIGH | 7.3 HIGH |
| Windows 10 Update Assistant Elevation of Privilege Vulnerability | |||||
| CVE-2021-26434 | 1 Microsoft | 2 Visual Studio 2017, Visual Studio 2019 | 2023-12-28 | 7.2 HIGH | 7.8 HIGH |
| Visual Studio Elevation of Privilege Vulnerability | |||||
| CVE-2023-7055 | 1 Phpgurukul | 1 Online Notes Sharing System | 2023-12-28 | N/A | 5.4 MEDIUM |
| A vulnerability classified as problematic has been found in PHPGurukul Online Notes Sharing System 1.0. Affected is an unknown function of the file /user/profile.php of the component Contact Information Handler. The manipulation of the argument mobilenumber leads to improper access controls. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-248742 is the identifier assigned to this vulnerability. | |||||
| CVE-2021-42309 | 1 Microsoft | 3 Sharepoint Enterprise Server, Sharepoint Foundation, Sharepoint Server | 2023-12-28 | 6.5 MEDIUM | 8.8 HIGH |
| Microsoft SharePoint Server Remote Code Execution Vulnerability | |||||
| CVE-2021-39235 | 1 Apache | 1 Ozone | 2023-12-22 | 4.0 MEDIUM | 6.5 MEDIUM |
| In Apache Ozone before 1.2.0, Ozone Datanode doesn't check the access mode parameter of the block token. Authenticated users with valid READ block token can do any write operation on the same block. | |||||
| CVE-2023-32005 | 1 Nodejs | 1 Node.js | 2023-12-22 | N/A | 5.3 MEDIUM |
| A vulnerability has been identified in Node.js version 20, affecting users of the experimental permission model when the --allow-fs-read flag is used with a non-* argument. This flaw arises from an inadequate permission model that fails to restrict file stats through the `fs.statfs` API. As a result, malicious actors can retrieve stats from files that they do not have explicit read access to. This vulnerability affects all users using the experimental permission model in Node.js 20. Please note that at the time this CVE was issued, the permission model is an experimental feature of Node.js. | |||||
| CVE-2022-22941 | 1 Saltstack | 1 Salt | 2023-12-21 | 6.0 MEDIUM | 8.8 HIGH |
| An issue was discovered in SaltStack Salt in versions before 3002.8, 3003.4, 3004.1. When configured as a Master-of-Masters, with a publisher_acl, if a user configured in the publisher_acl targets any minion connected to the Syndic, the Salt Master incorrectly interpreted no valid targets as valid, allowing configured users to target any of the minions connected to the syndic with their configured commands. This requires a syndic master combined with publisher_acl configured on the Master-of-Masters, allowing users specified in the publisher_acl to bypass permissions, publishing authorized commands to any configured minion. | |||||
| CVE-2023-46142 | 1 Phoenixcontact | 17 Axc F 1152, Axc F 1152 Firmware, Axc F 2152 and 14 more | 2023-12-21 | N/A | 8.8 HIGH |
| A incorrect permission assignment for critical resource vulnerability in PLCnext products allows an remote attacker with low privileges to gain full access on the affected devices. | |||||
| CVE-2023-46141 | 1 Phoenixcontact | 31 Automationworx Software Suite, Axc 1050, Axc 1050 Firmware and 28 more | 2023-12-21 | N/A | 9.8 CRITICAL |
| Incorrect Permission Assignment for Critical Resource vulnerability in multiple products of the PHOENIX CONTACT classic line allow an remote unauthenticated attacker to gain full access of the affected device. | |||||
| CVE-2023-0757 | 1 Phoenixcontact | 2 Multiprog, Proconos Eclr | 2023-12-21 | N/A | 9.8 CRITICAL |
| Incorrect Permission Assignment for Critical Resource vulnerability in PHOENIX CONTACT MULTIPROG, PHOENIX CONTACT ProConOS eCLR (SDK) allows an unauthenticated remote attacker to upload arbitrary malicious code and gain full access on the affected device. | |||||
| CVE-2023-25648 | 1 Zte | 2 Zxcloud Irai, Zxcloud Irai Firmware | 2023-12-19 | N/A | 7.8 HIGH |
| There is a weak folder permission vulnerability in ZTE's ZXCLOUD iRAI product. Due to weak folder permission, an attacker with ordinary user privileges could construct a fake DLL to execute command to escalate local privileges. | |||||
| CVE-2023-49797 | 1 Pyinstaller | 1 Pyinstaller | 2023-12-19 | N/A | 7.8 HIGH |
| PyInstaller bundles a Python application and all its dependencies into a single package. A PyInstaller built application, elevated as a privileged process, may be tricked by an unprivileged attacker into deleting files the unprivileged user does not otherwise have access to. A user is affected if **all** the following are satisfied: 1. The user runs an application containing either `matplotlib` or `win32com`. 2. The application is ran as administrator (or at least a user with higher privileges than the attacker). 3. The user's temporary directory is not locked to that specific user (most likely due to `TMP`/`TEMP` environment variables pointing to an unprotected, arbitrary, non default location). Either: A. The attacker is able to very carefully time the replacement of a temporary file with a symlink. This switch must occur exactly between `shutil.rmtree()`'s builtin symlink check and the deletion itself B: The application was built with Python 3.7.x or earlier which has no protection against Directory Junctions links. The vulnerability has been addressed in PR #7827 which corresponds to `pyinstaller >= 5.13.1`. Users are advised to upgrade. There are no known workarounds for this vulnerability. | |||||
| CVE-2023-6593 | 2 Apple, Devolutions | 2 Iphone Os, Remote Desktop Manager | 2023-12-15 | N/A | 9.8 CRITICAL |
| Client side permission bypass in Devolutions Remote Desktop Manager 2023.3.4.0 and earlier on iOS allows an attacker that has access to the application to execute entries in a SQL data source without restriction. | |||||
| CVE-2023-42924 | 1 Apple | 1 Macos | 2023-12-13 | N/A | 5.5 MEDIUM |
| A logic issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.2, macOS Ventura 13.6.3. An app may be able to access sensitive user data. | |||||
| CVE-2023-50446 | 1 Mullvad | 1 Mullvad Vpn | 2023-12-13 | N/A | 7.8 HIGH |
| An issue was discovered in Mullvad VPN Windows app before 2023.6-beta1. Insufficient permissions on a directory allow any local unprivileged user to escalate privileges to SYSTEM. | |||||
| CVE-2023-40302 | 1 Netscout | 1 Ngeniuspulse | 2023-12-12 | N/A | 9.1 CRITICAL |
| NETSCOUT nGeniusPULSE 3.8 has Weak File Permissions Vulnerability | |||||
| CVE-2023-49946 | 1 Forgejo | 1 Forgejo | 2023-12-07 | N/A | 9.1 CRITICAL |
| In Forgejo before 1.20.5-1, certain endpoints do not check whether an object belongs to a repository for which permissions are being checked. This allows remote attackers to read private issues, read private pull requests, delete issues, and perform other unauthorized actions. | |||||
| CVE-2023-29065 | 2 Bd, Hp | 3 Facschorus, Hp Z2 Tower G5, Hp Z2 Tower G9 | 2023-12-05 | N/A | 4.3 MEDIUM |
| The FACSChorus software database can be accessed directly with the privileges of the currently logged-in user. A threat actor with physical access could potentially gain credentials, which could be used to alter or destroy data stored in the database. | |||||
| CVE-2023-5651 | 1 Thimpress | 1 Wp Hotel Booking | 2023-11-27 | N/A | 5.4 MEDIUM |
| The WP Hotel Booking WordPress plugin before 2.0.8 does not have authorisation and CSRF checks, as well as does not ensure that the package to be deleted is a package, allowing any authenticated users, such as subscriber to delete arbitrary posts | |||||
| CVE-2022-41700 | 1 Intel | 1 Nuc Pro Software Suite | 2023-11-25 | N/A | 7.8 HIGH |
| Insecure inherited permissions in some Intel(R) NUC Pro Software Suite installation software before version 2.0.0.9 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2022-33898 | 1 Intel | 1 Nuc Watchdog Timer Utility | 2023-11-25 | N/A | 7.8 HIGH |
| Insecure inherited permissions in some Intel(R) NUC Watchdog Timer installation software before version 2.0.21.0 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2023-6179 | 1 Honeywell | 1 Prowatch | 2023-11-25 | N/A | 7.8 HIGH |
| Honeywell ProWatch, 4.5, including all Service Pack versions, contain a Vulnerability in Application Server's executable folder(s). A(n) attacker could potentially exploit this vulnerability, leading to a standard user to have arbitrary system code execution. Honeywell recommends updating to the most recent version of this product, service or offering (Pro-watch 6.0.2, 6.0, 5.5.2,5.0.5). | |||||
| CVE-2023-34997 | 1 Intel | 1 Server Configuration Utility | 2023-11-21 | N/A | 7.8 HIGH |
| Insecure inherited permissions in the installer for some Intel Server Configuration Utility software before version 16.0.9 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2023-34314 | 1 Intel | 1 Simics Simulator | 2023-11-21 | N/A | 7.8 HIGH |
| Insecure inherited permissions in some Intel(R) Simics Simulator software before version 1.7.2 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2023-39230 | 1 Intel | 1 Rapid Storage Technology | 2023-11-21 | N/A | 7.8 HIGH |
| Insecure inherited permissions in some Intel Rapid Storage Technology software before version 16.8.5.1014.9 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2023-48087 | 1 Xuxueli | 1 Xxl-job | 2023-11-21 | N/A | 5.4 MEDIUM |
| xxl-job-admin 2.4.0 is vulnerable to Insecure Permissions via /xxl-job-admin/joblog/clearLog and /xxl-job-admin/joblog/logDetailCat. | |||||
| CVE-2023-47801 | 1 Clickstudios | 1 Passwordstate | 2023-11-20 | N/A | 4.7 MEDIUM |
| An issue was discovered in Click Studios Passwordstate before 9811. Existing users (Security Administrators) could use the System Wide API Key to read or delete private password records when specifically used with the PasswordHistory API endpoint. It is also possible to use the Copy/Move Password Record API Key to Copy/Move private password records. | |||||
| CVE-2023-36633 | 1 Fortinet | 1 Fortimail | 2023-11-20 | N/A | 5.4 MEDIUM |
| An improper authorization vulnerability [CWE-285] in FortiMail webmail version 7.2.0 through 7.2.2 and before 7.0.5 allows an authenticated attacker to see and modify the title of address book folders of other users via crafted HTTP or HTTPs requests. | |||||
| CVE-2023-28134 | 1 Checkpoint | 1 Endpoint Security | 2023-11-17 | N/A | 7.8 HIGH |
| Local attacker can escalate privileges on affected installations of Check Point Harmony Endpoint/ZoneAlarm Extreme Security. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. | |||||
| CVE-2023-3282 | 2 Linux, Paloaltonetworks | 2 Linux Kernel, Cortex Xsoar | 2023-11-16 | N/A | 6.7 MEDIUM |
| A local privilege escalation (PE) vulnerability in the Palo Alto Networks Cortex XSOAR engine software running on a Linux operating system enables a local attacker to execute programs with elevated privileges if the attacker has shell access to the engine. | |||||
| CVE-2023-5136 | 1 Ni | 4 Diadem, Flexlogger, Topografix Data Plugin and 1 more | 2023-11-15 | N/A | 5.5 MEDIUM |
| An incorrect permission assignment in the TopoGrafix DataPlugin for GPX could result in information disclosure. An attacker could exploit this vulnerability by getting a user to open a specially crafted data file. | |||||
| CVE-2023-44387 | 1 Gradle | 1 Gradle | 2023-11-10 | N/A | 6.5 MEDIUM |
| Gradle is a build tool with a focus on build automation and support for multi-language development. When copying or archiving symlinked files, Gradle resolves them but applies the permissions of the symlink itself instead of the permissions of the linked file to the resulting file. This leads to files having too much permissions given that symlinks usually are world readable and writeable. While it is unlikely this results in a direct vulnerability for the impacted build, it may open up attack vectors depending on where build artifacts end up being copied to or un-archived. In versions 7.6.3, 8.4 and above, Gradle will now properly use the permissions of the file pointed at by the symlink to set permissions of the copied or archived file. | |||||
| CVE-2023-4228 | 1 Moxa | 2 Iologik E4200, Iologik E4200 Firmware | 2023-08-29 | N/A | 4.3 MEDIUM |
| A vulnerability has been identified in ioLogik 4000 Series (ioLogik E4200) firmware versions v1.6 and prior, where the session cookies attribute is not set properly in the affected application. The vulnerability may lead to security risks, potentially exposing user session data to unauthorized access and manipulation. | |||||
| CVE-2023-40754 | 1 Phpjabbers | 1 Car Rental Script | 2023-08-29 | N/A | 8.8 HIGH |
| In PHPJabbers Car Rental Script 3.0, lack of verification when changing an email address and/or password (on the Profile Page) allows remote attackers to take over accounts. | |||||
| CVE-2023-4383 | 1 Escanav | 1 Escan Anti-virus | 2023-08-23 | N/A | 7.8 HIGH |
| A vulnerability, which was classified as critical, was found in MicroWorld eScan Anti-Virus 7.0.32 on Linux. This affects an unknown part of the file runasroot. The manipulation leads to incorrect execution-assigned permissions. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-237315. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2023-4332 | 1 Broadcom | 1 Raid Controller Web Interface | 2023-08-21 | N/A | 7.5 HIGH |
| Broadcom RAID Controller web interface is vulnerable due to Improper permissions on the log file | |||||
| CVE-2023-28658 | 1 Intel | 1 Oneapi Math Kernel Library | 2023-08-17 | N/A | 7.8 HIGH |
| Insecure inherited permissions in some Intel(R) oneMKL software before version 2022.0 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2022-39062 | 1 Siemens | 1 Sicam Toolbox Ii | 2023-08-15 | N/A | 7.8 HIGH |
| A vulnerability has been identified in SICAM TOOLBOX II (All versions < V07.10). Affected applications do not properly set permissions for product folders. This could allow an authenticated attacker with low privileges to replace DLLs and conduct a privilege escalation. | |||||
| CVE-2023-39003 | 1 Opnsense | 1 Opnsense | 2023-08-15 | N/A | 7.5 HIGH |
| OPNsense before 23.7 was discovered to contain insecure permissions in the directory /tmp. | |||||
| CVE-2023-39005 | 1 Opnsense | 1 Opnsense | 2023-08-15 | N/A | 7.5 HIGH |
| Insecure permissions exist for configd.socket in OPNsense before 23.7. | |||||
| CVE-2023-39004 | 1 Opnsense | 1 Opnsense | 2023-08-15 | N/A | 9.8 CRITICAL |
| Insecure permissions in the configuration directory (/conf/) of OPNsense before 23.7 allow attackers to access sensitive information (e.g., hashed root password) which could lead to privilege escalation. | |||||
| CVE-2023-20216 | 1 Cisco | 12 Broadworks Application Delivery Platform, Broadworks Application Server, Broadworks Database Server and 9 more | 2023-08-10 | N/A | 7.8 HIGH |
| A vulnerability in the privilege management functionality of all Cisco BroadWorks server types could allow an authenticated, local attacker to elevate privileges to root on an affected system. This vulnerability is due to incorrect implementation of user role permissions. An attacker could exploit this vulnerability by authenticating to the application as a user with the BWORKS or BWSUPERADMIN role and issuing crafted commands on an affected system. A successful exploit could allow the attacker to execute commands beyond the sphere of their intended access level, including initiating installs or running operating system commands with elevated permissions. There are workarounds that address this vulnerability. | |||||
| CVE-2022-22521 | 1 Miele | 1 Benchmark Programming Tool | 2023-08-09 | 6.9 MEDIUM | 7.3 HIGH |
| In Miele Benchmark Programming Tool with versions Prior to 1.2.71, executable files manipulated by attackers are unknowingly executed with users privileges. An attacker with low privileges may trick a user with administrative privileges to execute these binaries as admin. | |||||
| CVE-2023-38991 | 1 Jeesite | 1 Jeesite | 2023-08-08 | N/A | 5.4 MEDIUM |
| An issue in the delete function in the ActModelController class of jeesite v1.2.6 allows authenticated attackers to arbitrarily delete models created by the Administrator. | |||||
| CVE-2021-0336 | 1 Google | 1 Android | 2023-08-08 | 7.2 HIGH | 7.8 HIGH |
| In onReceive of BluetoothPermissionRequest.java, there is a possible permissions bypass due to a mutable PendingIntent. This could lead to local escalation of privilege that bypasses a permission check, with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9 Android-10 Android-11 Android-8.1Android ID: A-158219161 | |||||