Search
Total
952 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-5385 | 1 Dell | 2 Encryption, Endpoint Security Suite Enterprise | 2020-08-26 | 7.2 HIGH | 7.8 HIGH |
| Dell Encryption versions prior to 10.8 and Dell Endpoint Security Suite versions prior to 2.8 contain a privilege escalation vulnerability because of an incomplete fix for CVE-2020-5358. A local malicious user with low privileges could potentially exploit this vulnerability to gain elevated privilege on the affected system with the help of a symbolic link. | |||||
| CVE-2019-19882 | 1 Shadow Project | 1 Shadow | 2020-08-25 | 6.9 MEDIUM | 7.8 HIGH |
| shadow 4.8, in certain circumstances affecting at least Gentoo, Arch Linux, and Void Linux, allows local users to obtain root access because setuid programs are misconfigured. Specifically, this affects shadow 4.8 when compiled using --with-libpam but without explicitly passing --disable-account-tools-setuid, and without a PAM configuration suitable for use with setuid account management tools. This combination leads to account management tools (groupadd, groupdel, groupmod, useradd, userdel, usermod) that can easily be used by unprivileged local users to escalate privileges to root in multiple ways. This issue became much more relevant in approximately December 2019 when an unrelated bug was fixed (i.e., the chmod calls to suidusbins were fixed in the upstream Makefile which is now included in the release version 4.8). | |||||
| CVE-2019-16187 | 1 Limesurvey | 1 Limesurvey | 2020-08-24 | 5.0 MEDIUM | 7.5 HIGH |
| Limesurvey before 3.17.14 uses an anti-CSRF cookie without the HttpOnly flag, which allows attackers to access a cookie value via a client-side script. | |||||
| CVE-2017-15906 | 1 Openbsd | 1 Openssh | 2020-08-24 | 5.0 MEDIUM | 5.3 MEDIUM |
| The process_open function in sftp-server.c in OpenSSH before 7.6 does not properly prevent write operations in readonly mode, which allows attackers to create zero-length files. | |||||
| CVE-2017-16757 | 1 Hola | 1 Vpn | 2020-08-24 | 4.6 MEDIUM | 7.8 HIGH |
| Hola VPN 1.34 has weak permissions (Everyone:F) under %PROGRAMFILES%, which allows local users to gain privileges via a Trojan horse 7za.exe or hola.exe file. | |||||
| CVE-2017-3166 | 1 Apache | 1 Hadoop | 2020-08-24 | 4.6 MEDIUM | 7.8 HIGH |
| In Apache Hadoop versions 2.6.1 to 2.6.5, 2.7.0 to 2.7.3, and 3.0.0-alpha1, if a file in an encryption zone with access permissions that make it world readable is localized via YARN's localization mechanism, that file will be stored in a world-readable location and can be shared freely with any application that requests to localize that file. | |||||
| CVE-2018-16087 | 1 Google | 1 Chrome | 2020-08-24 | 4.3 MEDIUM | 4.3 MEDIUM |
| Lack of proper state tracking in Permissions in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. | |||||
| CVE-2018-10171 | 1 Kromtech | 1 Mackeeper | 2020-08-24 | 10.0 HIGH | 9.8 CRITICAL |
| Kromtech MacKeeper 3.20.4 suffers from a root privilege escalation vulnerability through its `com.mackeeper.AdwareAnalyzer.AdwareAnalyzerPrivilegedHelper` component. The AdwareAnalzyerPrivilegedHelper tool implements an XPC service that allows an unprivileged application to connect and execute shell scripts as the root user. | |||||
| CVE-2018-11002 | 1 Pulsesecure | 1 Pulse Secure Desktop Client | 2020-08-24 | 5.8 MEDIUM | 5.5 MEDIUM |
| Pulse Secure Desktop Client 5.3 up to and including R6.0 build 1769 on Windows has Insecure Permissions. | |||||
| CVE-2018-11240 | 1 Softcase | 2 T-router, T-router Firmware | 2020-08-24 | 10.0 HIGH | 9.8 CRITICAL |
| An issue was discovered on SoftCase T-Router build 20112017 devices. There are no restrictions on the 'exec command' feature of the T-Router protocol. If the command syntax is correct, there is code execution both on the other modem and on the main servers. This is fixed in production builds as of Spring 2018. | |||||
| CVE-2018-11334 | 1 Windscribe | 1 Windscribe | 2020-08-24 | 4.6 MEDIUM | 7.8 HIGH |
| Windscribe 1.81 creates a named pipe with a NULL DACL that allows Everyone users to gain privileges or cause a denial of service via \\.\pipe\WindscribeService. | |||||
| CVE-2018-12357 | 1 Arista | 1 Cloudvision Portal | 2020-08-24 | 4.0 MEDIUM | 6.5 MEDIUM |
| Arista CloudVision Portal through 2018.1.1 has Incorrect Permissions. | |||||
| CVE-2018-14866 | 1 Odoo | 1 Odoo | 2020-08-24 | 4.0 MEDIUM | 4.3 MEDIUM |
| Incorrect access control in the TransientModel framework in Odoo Community 11.0 and earlier and Odoo Enterprise 11.0 and earlier allows authenticated attackers to access data in transient records that they do not own by making an RPC call before garbage collection occurs. | |||||
| CVE-2018-14861 | 1 Odoo | 1 Odoo | 2020-08-24 | 4.0 MEDIUM | 6.5 MEDIUM |
| Improper data access control in Odoo Community 10.0 and 11.0 and Odoo Enterprise 10.0 and 11.0 allows authenticated users to perform a CSV export of the secure hashed passwords of other users. | |||||
| CVE-2018-14862 | 1 Odoo | 1 Odoo | 2020-08-24 | 5.5 MEDIUM | 6.5 MEDIUM |
| Incorrect access control in the mail templating system in Odoo Community 11.0 and earlier and Odoo Enterprise 11.0 and earlier allows authenticated internal users to delete arbitrary menuitems via a crafted RPC request. | |||||
| CVE-2018-14886 | 1 Odoo | 1 Odoo | 2020-08-24 | 4.0 MEDIUM | 4.9 MEDIUM |
| The module-description renderer in Odoo Community 11.0 and earlier and Odoo Enterprise 11.0 and earlier does not disable RST's local file inclusion, which allows privileged authenticated users to read local files via a crafted module description. | |||||
| CVE-2018-14916 | 1 Loytec | 2 Lgate-902, Lgate-902 Firmware | 2020-08-24 | 9.4 HIGH | 9.1 CRITICAL |
| LOYTEC LGATE-902 6.3.2 devices allow Arbitrary file deletion. | |||||
| CVE-2018-14987 | 1 Mxq Project | 2 Mxq Tv Box, Mxq Tv Box Firmware | 2020-08-24 | 5.6 MEDIUM | 7.1 HIGH |
| The MXQ TV Box 4.4.2 Android device with a build fingerprint of MBX/m201_N/m201_N:4.4.2/KOT49H/20160106:user/test-keys contains the Android framework with a package name of android (versionCode=19, versionName=4.4.2-20170213) that dynamically registers a broadcast receiver app component named com.android.server.MasterClearReceiver instead of statically registering it in the AndroidManifest.xml file of the core Android package, as done in Android Open Source Project (AOSP) code for Android 4.4.2. The dynamic-registration of the MasterClearReceiver broadcast receiver app component is not protected with the android.permission.MASTER_CLEAR permission during registration, so any app co-located on the device, even those without any permissions, can programmatically initiate a factory reset of the device. A factory reset will remove all user data and apps from the device. This will result in the loss of any data that have not been backed up or synced externally. The capability to perform a factory reset is not directly available to third-party apps (those that the user installs themselves with the exception of enabled Mobile Device Management (MDM) apps), although this capability can be obtained by leveraging an unprotected app component of core Android process. | |||||
| CVE-2018-15768 | 1 Dell | 1 Openmanage Network Manager | 2020-08-24 | 4.0 MEDIUM | 6.5 MEDIUM |
| Dell OpenManage Network Manager versions prior to 6.5.0 enabled read/write access to the file system for MySQL users due to insecure default configuration setting for the embedded MySQL database. | |||||
| CVE-2018-15809 | 1 Accupos | 1 Accupos | 2020-08-24 | 2.1 LOW | 5.5 MEDIUM |
| AccuPOS 2017.8 is installed with the insecure "Authenticated Users: Modify" permission for files within the installation path. This may allow local attackers to compromise the integrity of critical resource and executable files. | |||||
| CVE-2018-15835 | 1 Google | 1 Android | 2020-08-24 | 5.0 MEDIUM | 7.5 HIGH |
| Android 1.0 through 9.0 has Insecure Permissions. The Android bug ID is 77286983. | |||||
| CVE-2018-1787 | 2 Ibm, Microsoft | 3 Spectrum Protect Backup-archive Client, Spectrum Protect For Virtual Environments, Windows | 2020-08-24 | 2.1 LOW | 5.5 MEDIUM |
| IBM Spectrum Protect 7.1 and 8.1 is affected by a password exposure vulnerability caused by insecure file permissions. IBM X-Force ID: 148872. | |||||
| CVE-2018-17872 | 1 Verint | 2 Collaboration Compliance, Quality Management Platform | 2020-08-24 | 6.5 MEDIUM | 8.8 HIGH |
| Verba Collaboration Compliance and Quality Management Platform before 9.2.1.5545 has Insecure Permissions. | |||||
| CVE-2018-17873 | 1 Wifiranger | 2 Wifiranger, Wifiranger Firmware | 2020-08-24 | 3.3 LOW | 8.8 HIGH |
| An incorrect access control vulnerability in the FTP configuration of WiFiRanger devices with firmware version 7.0.8rc3 and earlier allows an attacker with adjacent network access to read the SSH Private Key and log in to the root account. | |||||
| CVE-2018-18331 | 2 Microsoft, Trendmicro | 2 Windows, Officescan | 2020-08-24 | 5.0 MEDIUM | 7.5 HIGH |
| A Trend Micro OfficeScan XG weak file permissions vulnerability on a particular folder for a particular group may allow an attacker to alter the files, which could lead to other exploits on vulnerable installations. | |||||
| CVE-2018-18332 | 2 Microsoft, Trendmicro | 2 Windows, Officescan | 2020-08-24 | 5.0 MEDIUM | 7.5 HIGH |
| A Trend Micro OfficeScan XG weak file permissions vulnerability may allow an attacker to potentially manipulate permissions on some key files to modify other files and folders on vulnerable installations. | |||||
| CVE-2018-18495 | 2 Canonical, Mozilla | 2 Ubuntu Linux, Firefox | 2020-08-24 | 4.3 MEDIUM | 6.5 MEDIUM |
| WebExtension content scripts can be loaded into about: pages in some circumstances, in violation of the permissions granted to extensions. This could allow an extension to interfere with the loading and usage of these pages and use capabilities that were intended to be restricted from extensions. This vulnerability affects Firefox < 64. | |||||
| CVE-2018-18561 | 1 Roche | 8 Accu-chek Inform Ii, Accu-chek Inform Ii Firmware, Base Unit Hub and 5 more | 2020-08-24 | 7.7 HIGH | 8.0 HIGH |
| An issue was discovered in Roche Accu-Chek Inform II Base Unit / Base Unit Hub before 03.01.04 and CoaguChek / cobas h232 Handheld Base Unit before 03.01.04. Insecure permissions in a service interface may allow authenticated attackers in the adjacent network to execute arbitrary commands on the operating system. | |||||
| CVE-2018-18630 | 2 Changehealthcare, Mckesson | 6 Cardiology, Cardiology Firmware, Cardiology and 3 more | 2020-08-24 | 4.6 MEDIUM | 7.8 HIGH |
| A vulnerability was found in McKesson Cardiology product 13.x and 14.x. Insecure file permissions in the default installation may allow an attacker with local system access to execute unauthorized arbitrary code. | |||||
| CVE-2018-18812 | 1 Tibco | 2 Spotfire Analytics Platform For Aws, Spotfire Server | 2020-08-24 | 3.5 LOW | 5.3 MEDIUM |
| The Spotfire Library component of TIBCO Software Inc.'s TIBCO Spotfire Analytics Platform for AWS Marketplace, and TIBCO Spotfire Server contains a vulnerability that might theoretically fail to restrict users with read-only access from modifying files stored in the Spotfire Library, only when the Spotfire Library is configured to use external storage. Affected releases are TIBCO Software Inc.'s TIBCO Spotfire Analytics Platform for AWS Marketplace versions up to and including 10.0.0, and TIBCO Spotfire Server versions up to and including 7.10.1; 7.11.0; 7.11.1; 7.12.0; 7.13.0; 7.14.0; 10.0.0. | |||||
| CVE-2018-19446 | 2 Foxitsoftware, Microsoft | 2 Foxit Pdf Sdk Activex, Windows | 2020-08-24 | 6.8 MEDIUM | 7.8 HIGH |
| A File Write can occur for specially crafted PDF files in Foxit Reader SDK (ActiveX) Professional 5.4.0.1031 when the JavaScript API Doc.createDataObject is used. An attacker can leverage this to gain remote code execution. | |||||
| CVE-2018-19836 | 1 Metinfo | 1 Metinfo | 2020-08-24 | 4.3 MEDIUM | 6.1 MEDIUM |
| In Metinfo 6.1.3, include/interface/applogin.php allows setting arbitrary HTTP headers (including the Cookie header), and common.inc.php allows registering variables from the $_COOKIE value. This issue can, for example, be exploited in conjunction with CVE-2018-19835 to bypass many XSS filters such as the Chrome XSS filter. | |||||
| CVE-2018-19860 | 2 Broadcom, Cypress | 126 Bcm4335c0, Bcm4335c0 Firmware, Bcm43438a1 and 123 more | 2020-08-24 | 5.8 MEDIUM | 8.8 HIGH |
| Broadcom firmware before summer 2014 on Nexus 5 BCM4335C0 2012-12-11, Raspberry Pi 3 BCM43438A1 2014-06-02, and unspecifed other devices does not properly restrict LMP commnds and executes certain memory contents upon receiving an LMP command, as demonstrated by executing an HCI command. | |||||
| CVE-2018-20145 | 1 Eclipse | 1 Mosquitto | 2020-08-24 | 5.0 MEDIUM | 7.5 HIGH |
| Eclipse Mosquitto 1.5.x before 1.5.5 allows ACL bypass: if the option per_listener_settings was set to true, and the default listener was in use, and the default listener specified an acl_file, then the acl file was being ignored. | |||||
| CVE-2018-2024 | 1 Ibm | 1 Qradar Security Information And Event Manager | 2020-08-24 | 5.5 MEDIUM | 8.1 HIGH |
| IBM QRadar SIEM 7.2 and 7.3 specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors. IBM X-Force ID: 155350. | |||||
| CVE-2018-20500 | 1 Gitlab | 1 Gitlab | 2020-08-24 | 5.0 MEDIUM | 7.5 HIGH |
| An insecure permissions issue was discovered in GitLab Community and Enterprise Edition 9.4 and later but before 11.4.13, 11.5.x before 11.5.6, and 11.6.x before 11.6.1. The runner registration token in the CI/CD settings could not be reset. This was a security risk if one of the maintainers leaves the group and they know the token. | |||||
| CVE-2018-20798 | 1 Netgate | 1 Pfsense | 2020-08-24 | 5.0 MEDIUM | 7.5 HIGH |
| The expiretable configuration in pfSense 2.4.4_1 establishes block durations that are incompatible with the block durations implemented by sshguard, which might make it easier for attackers to bypass intended access restrictions. | |||||
| CVE-2018-20871 | 1 Univa | 1 Grid Engine | 2020-08-24 | 6.8 MEDIUM | 9.8 CRITICAL |
| In Univa Grid Engine before 8.6.3, when configured for Docker jobs and execd spooling on root_squash, weak file permissions ("other" write access) occur in certain cases (GE-6890). | |||||
| CVE-2018-20904 | 1 Cpanel | 1 Cpanel | 2020-08-24 | 4.0 MEDIUM | 4.3 MEDIUM |
| cPanel before 71.9980.37 allows attackers to make API calls that bypass the cron feature restriction (SEC-427). | |||||
| CVE-2018-20905 | 1 Cpanel | 1 Cpanel | 2020-08-24 | 5.5 MEDIUM | 5.4 MEDIUM |
| cPanel before 71.9980.37 allows attackers to make API calls that bypass the backup feature restriction (SEC-429). | |||||
| CVE-2018-20906 | 1 Cpanel | 1 Cpanel | 2020-08-24 | 4.0 MEDIUM | 4.3 MEDIUM |
| cPanel before 71.9980.37 allows attackers to make API calls that bypass the images feature restriction (SEC-430). | |||||
| CVE-2018-20907 | 1 Cpanel | 1 Cpanel | 2020-08-24 | 4.0 MEDIUM | 4.3 MEDIUM |
| cPanel before 71.9980.37 does not enforce the Mime::list_hotlinks API feature restriction (SEC-432). | |||||
| CVE-2018-20908 | 1 Cpanel | 1 Cpanel | 2020-08-24 | 2.1 LOW | 5.5 MEDIUM |
| cPanel before 71.9980.37 allows arbitrary file-read operations during pkgacct custom template handling (SEC-435). | |||||
| CVE-2018-20909 | 1 Cpanel | 1 Cpanel | 2020-08-24 | 3.6 LOW | 7.1 HIGH |
| cPanel before 70.0.23 allows arbitrary file-chmod operations during legacy incremental backups (SEC-338). | |||||
| CVE-2018-20936 | 1 Cpanel | 1 Cpanel | 2020-08-24 | 2.1 LOW | 3.3 LOW |
| cPanel before 68.0.27 allows attackers to read the SRS secret via exim.conf (SEC-308). | |||||
| CVE-2018-3702 | 2 Intel, Microsoft | 2 Ite Tech Consumer Infrared Driver, Windows 10 | 2020-08-24 | 4.6 MEDIUM | 7.8 HIGH |
| Improper permissions in the installer for the ITE Tech* Consumer Infrared Driver for Windows 10 versions before 5.4.3.0 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2018-4178 | 1 Apple | 1 Mac Os X | 2020-08-24 | 2.1 LOW | 5.5 MEDIUM |
| A permissions issue existed in which execute permission was incorrectly granted. This issue was addressed with improved permission validation. This issue affected versions prior to macOS High Sierra 10.13.4. | |||||
| CVE-2018-5313 | 1 Rapidscada | 1 Rapid Scada | 2020-08-24 | 7.2 HIGH | 7.8 HIGH |
| A vulnerability allows local attackers to escalate privilege on Rapid Scada 5.5.0 because of weak C:\SCADA permissions. The specific flaw exists within the access control that is set and modified during the installation of the product. The product sets weak access control restrictions. An attacker can leverage this vulnerability to execute arbitrary code under the context of Administrator, the IUSR account, or SYSTEM. | |||||
| CVE-2018-6261 | 1 Nvidia | 1 Geforce Experience | 2020-08-24 | 4.4 MEDIUM | 7.0 HIGH |
| NVIDIA GeForce Experience prior to 3.15 contains a vulnerability when GameStream is enabled which sets incorrect permissions on a file, which may to code execution, denial of service, or escalation of privileges by users with system access. | |||||
| CVE-2018-8411 | 1 Microsoft | 7 Windows 10, Windows 7, Windows 8.1 and 4 more | 2020-08-24 | 7.2 HIGH | 7.8 HIGH |
| An elevation of privilege vulnerability exists when NTFS improperly checks access, aka "NTFS Elevation of Privilege Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. | |||||