Total
723 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-3770 | 1 Xjyunjing | 1 Yunjing Content Management System | 2024-11-21 | N/A | 6.3 MEDIUM |
|
A vulnerability classified as critical was found in Yunjing CMS. This vulnerability affects unknown code of the file /index/user/upload_img.html. The manipulation of the argument file leads to unrestricted upload. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-212500.
|
|||||
| CVE-2022-3735 | 1 Ehoney Project | 1 Ehoney | 2024-11-21 | N/A | 6.3 MEDIUM |
|
A vulnerability was found in seccome Ehoney. It has been rated as critical. This issue affects some unknown processing of the file /api/public/signup. The manipulation leads to improper access controls. The identifier VDB-212417 was assigned to this vulnerability.
|
|||||
| CVE-2022-3549 | 1 Oretnom23 | 1 Simple Cold Storage Management System | 2024-11-21 | N/A | 4.7 MEDIUM |
|
A vulnerability was found in SourceCodester Simple Cold Storage Management System 1.0. It has been rated as problematic. This issue affects some unknown processing of the file /csms/admin/?page=user/manage_user of the component Avatar Handler. The manipulation leads to unrestricted upload. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-211049 was assigned to this vulnerability.
|
|||||
| CVE-2022-3496 | 1 Oretnom23 | 1 Human Resource Management System | 2024-11-21 | N/A | 6.3 MEDIUM |
|
A vulnerability was found in SourceCodester Human Resource Management System 1.0 and classified as critical. This issue affects some unknown processing of the file employeeadd.php of the component Admin Panel. The manipulation leads to improper access controls. The attack may be initiated remotely. The identifier VDB-210785 was assigned to this vulnerability.
|
|||||
| CVE-2022-3458 | 1 Oretnom23 | 1 Human Resource Management System | 2024-11-21 | N/A | 6.3 MEDIUM |
|
A vulnerability has been found in SourceCodester Human Resource Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /employeeview.php of the component Image File Handler. The manipulation leads to unrestricted upload. The attack can be launched remotely. The associated identifier of this vulnerability is VDB-210559.
|
|||||
| CVE-2022-3436 | 1 Web-based Student Clearance System Project | 1 Web-based Student Clearance System | 2024-11-21 | N/A | 6.3 MEDIUM |
|
A vulnerability classified as critical was found in SourceCodester Web-Based Student Clearance System 1.0. Affected by this vulnerability is an unknown functionality of the file edit-photo.php of the component Photo Handler. The manipulation leads to unrestricted upload. The attack can be launched remotely. The associated identifier of this vulnerability is VDB-210367.
|
|||||
| CVE-2022-2626 | 1 Hestiacp | 1 Control Panel | 2024-11-21 | N/A | 7.2 HIGH |
|
Incorrect Privilege Assignment in GitHub repository hestiacp/hestiacp prior to 1.6.6.
|
|||||
| CVE-2022-20855 | 1 Cisco | 30 Catalyst 9105, Catalyst 9105axi, Catalyst 9105axw and 27 more | 2024-11-21 | N/A | 7.9 HIGH |
|
A vulnerability in the self-healing functionality of Cisco IOS XE Software for Embedded Wireless Controllers on Catalyst Access Points could allow an authenticated, local attacker to escape the restricted controller shell and execute arbitrary commands on the underlying operating system of the access point. This vulnerability is due to improper checks throughout the restart of certain system processes. An attacker could exploit this vulnerability by logging on to an affected device and executing ...
Show More |
|||||
| CVE-2022-20819 | 1 Cisco | 1 Identity Services Engine | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
|
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to obtain sensitive information from an affected device. This vulnerability exists because administrative privilege levels for sensitive data are not properly enforced. An attacker with read-only privileges for the web-based management interface on an affected device could exploit this vulnerability by browsing to a page that contains sensitive data. A succe ...
Show More |
|||||
| CVE-2022-20782 | 1 Cisco | 1 Identity Services Engine | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
|
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to obtain sensitive information from an affected device. This vulnerability is due to improper enforcement of administrative privilege levels for high-value sensitive data. An attacker with read-only Administrator privileges to the web-based management interface on an affected device could exploit this vulnerability by browsing to a page that contains sensit ...
Show More |
|||||
| CVE-2022-20759 | 1 Cisco | 2 Adaptive Security Appliance Software, Firepower Threat Defense | 2024-11-21 | 8.5 HIGH | 8.8 HIGH |
|
A vulnerability in the web services interface for remote access VPN features of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, but unprivileged, remote attacker to elevate privileges to level 15. This vulnerability is due to improper separation of authentication and authorization scopes. An attacker could exploit this vulnerability by sending crafted HTTPS messages to the web services interface of an affected devic ...
Show More |
|||||
| CVE-2022-20681 | 1 Cisco | 1 Ios Xe | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
|
A vulnerability in the CLI of Cisco IOS XE Software for Cisco Catalyst 9000 Family Switches and Cisco Catalyst 9000 Family Wireless Controllers could allow an authenticated, local attacker to elevate privileges to level 15 on an affected device. This vulnerability is due to insufficient validation of user privileges after the user executes certain CLI commands. An attacker could exploit this vulnerability by logging in to an affected device as a low-privileged user and then executing certain CLI ...
Show More |
|||||
| CVE-2022-1225 | 1 Phpipam | 1 Phpipam | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
|
Incorrect Privilege Assignment in GitHub repository phpipam/phpipam prior to 1.4.6.
|
|||||
| CVE-2021-40124 | 1 Cisco | 1 Anyconnect Secure Mobility Client | 2024-11-21 | 7.2 HIGH | 6.7 MEDIUM |
|
A vulnerability in the Network Access Manager (NAM) module of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to escalate privileges on an affected device. This vulnerability is due to incorrect privilege assignment to scripts executed before user logon. An attacker could exploit this vulnerability by configuring a script to be executed before logon. A successful exploit could allow the attacker to execute arbitrary code with SYSTEM privileges.
|
|||||
| CVE-2021-40123 | 1 Cisco | 1 Identity Services Engine | 2024-11-21 | 4.0 MEDIUM | 4.3 MEDIUM |
|
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker with administrative read-only privileges to download files that should be restricted. This vulnerability is due to incorrect permissions settings on an affected device. An attacker could exploit this vulnerability by sending a crafted HTTP request to the device. A successful exploit could allow the attacker to download files that should be restricted.
|
|||||
| CVE-2021-36097 | 1 Otrs | 1 Otrs | 2024-11-21 | 4.0 MEDIUM | 3.5 LOW |
|
Agents are able to lock the ticket without the "Owner" permission. Once the ticket is locked, it could be moved to the queue where the agent has "rw" permissions and gain a full control. This issue affects: OTRS AG OTRS 8.0.x version: 8.0.16 and prior versions.
|
|||||
| CVE-2021-20264 | 1 Oracle | 1 Openjdk | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
|
An insecure modification flaw in the /etc/passwd file was found in the openjdk-1.8 and openjdk-11 containers. This flaw allows an attacker with access to the container to modify the /etc/passwd and escalate their privileges. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.
|
|||||
| CVE-2021-20208 | 3 Fedoraproject, Redhat, Samba | 3 Fedora, Enterprise Linux, Cifs-utils | 2024-11-21 | 4.9 MEDIUM | 6.1 MEDIUM |
|
A flaw was found in cifs-utils in versions before 6.13. A user when mounting a krb5 CIFS file system from within a container can use Kerberos credentials of the host. The highest threat from this vulnerability is to data confidentiality and integrity.
|
|||||
| CVE-2021-1594 | 1 Cisco | 1 Identity Services Engine | 2024-11-21 | 9.3 HIGH | 7.5 HIGH |
|
A vulnerability in the REST API of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to perform a command injection attack and elevate privileges to root. This vulnerability is due to insufficient input validation for specific API endpoints. An attacker in a man-in-the-middle position could exploit this vulnerability by intercepting and modifying specific internode communications from one ISE persona to another ISE persona. A successful exploit could allow the ...
Show More |
|||||
| CVE-2021-1572 | 1 Cisco | 2 Confd, Network Services Orchestrator | 2024-11-21 | 6.9 MEDIUM | 7.8 HIGH |
|
A vulnerability in ConfD could allow an authenticated, local attacker to execute arbitrary commands at the level of the account under which ConfD is running, which is commonly root. To exploit this vulnerability, an attacker must have a valid account on an affected device. The vulnerability exists because the affected software incorrectly runs the SFTP user service at the privilege level of the account that was running when the ConfD built-in Secure Shell (SSH) server for CLI was enabled. If the ...
Show More |
|||||
| CVE-2021-1416 | 1 Cisco | 1 Identity Services Engine | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
|
Multiple vulnerabilities in the Admin portal of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to obtain sensitive information. These vulnerabilities are due to improper enforcement of administrator privilege levels for sensitive data. An attacker with read-only administrator access to the Admin portal could exploit these vulnerabilities by browsing to one of the pages that contains sensitive data. A successful exploit could allow the attacker to collect sensi ...
Show More |
|||||
| CVE-2021-1412 | 1 Cisco | 1 Identity Services Engine | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
|
Multiple vulnerabilities in the Admin portal of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to obtain sensitive information. These vulnerabilities are due to improper enforcement of administrator privilege levels for sensitive data. An attacker with read-only administrator access to the Admin portal could exploit these vulnerabilities by browsing to one of the pages that contains sensitive data. A successful exploit could allow the attacker to collect sensi ...
Show More |
|||||
| CVE-2020-7334 | 1 Mcafee | 1 Application And Change Control | 2024-11-21 | 4.6 MEDIUM | 7.7 HIGH |
|
Improper privilege assignment vulnerability in the installer McAfee Application and Change Control (MACC) prior to 8.3.2 allows local administrators to change or update the configuration settings via a carefully constructed MSI configured to mimic the genuine installer. This version adds further controls for installation/uninstallation of software.
|
|||||
| CVE-2020-7018 | 1 Elastic | 1 Enterprise Search | 2024-11-21 | 4.0 MEDIUM | 8.8 HIGH |
|
Elastic Enterprise Search before 7.9.0 contain a credential exposure flaw in the App Search interface. If a user is given the �developer� role, they will be able to view the administrator API credentials. These credentials could allow the developer user to conduct operations with the same permissions of the App Search administrator.
|
|||||
| CVE-2020-7014 | 1 Elastic | 1 Elasticsearch | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
|
The fix for CVE-2020-7009 was found to be incomplete. Elasticsearch versions from 6.7.0 to 6.8.7 and 7.0.0 to 7.6.1 contain a privilege escalation flaw if an attacker is able to create API keys and also authentication tokens. An attacker who is able to generate an API key and an authentication token can perform a series of steps that result in an authentication token being generated with elevated privileges.
|
|||||
| CVE-2020-7009 | 1 Elastic | 1 Elasticsearch | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
|
Elasticsearch versions from 6.7.0 before 6.8.8 and 7.0.0 before 7.6.2 contain a privilege escalation flaw if an attacker is able to create API keys. An attacker who is able to generate an API key can perform a series of steps that result in an API key being generated with elevated privileges.
|
|||||
| CVE-2020-6652 | 1 Eaton | 1 Intelligent Power Manager | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
|
Incorrect Privilege Assignment vulnerability in Eaton's Intelligent Power Manager (IPM) v1.67 & prior allow non-admin users to upload the system configuration files by sending specially crafted requests. This can result in non-admin users manipulating the system configurations via uploading the configurations with incorrect parameters.
|
|||||
| CVE-2020-35514 | 1 Redhat | 1 Openshift | 2024-11-21 | 4.4 MEDIUM | 7.0 HIGH |
|
An insecure modification flaw in the /etc/kubernetes/kubeconfig file was found in OpenShift. This flaw allows an attacker with access to a running container which mounts /etc/kubernetes or has local access to the node, to copy this kubeconfig file and attempt to add their own node to the OpenShift cluster. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. This flaw affects versions before openshift4/ose-machine-config-operator v4.7.0-202 ...
Show More |
|||||
| CVE-2020-27122 | 1 Cisco | 1 Identity Services Engine | 2024-11-21 | 7.2 HIGH | 6.7 MEDIUM |
|
A vulnerability in the Microsoft Active Directory integration of Cisco Identity Services Engine (ISE) could allow an authenticated, local attacker to elevate privileges on an affected device. To exploit this vulnerability, an attacker would need to have a valid administrator account on an affected device. The vulnerability is due to incorrect privilege assignment. An attacker could exploit this vulnerability by logging in to the system with a crafted Active Directory account. A successful exploi ...
Show More |
|||||
| CVE-2020-26182 | 1 Dell | 1 Emc Networker | 2024-11-21 | 4.0 MEDIUM | 6.8 MEDIUM |
|
Dell EMC NetWorker versions prior to 19.3.0.2 contain an incorrect privilege assignment vulnerability. A non-LDAP remote user with low privileges may exploit this vulnerability to perform 'saveset' related operations in an unintended manner. The vulnerability is not exploitable by users authenticated via LDAP.
|
|||||
| CVE-2020-1989 | 1 Paloaltonetworks | 1 Globalprotect | 2024-11-21 | 7.2 HIGH | 7.0 HIGH |
|
An incorrect privilege assignment vulnerability when writing application-specific files in the Palo Alto Networks Global Protect Agent for Linux on ARM platform allows a local authenticated user to gain root privileges on the system. This issue affects Palo Alto Networks Global Protect Agent for Linux 5.0 versions before 5.0.8; 5.1 versions before 5.1.1.
|
|||||
| CVE-2020-1742 | 2 Nmstate, Redhat | 2 Kubernetes-nmstate, Openshift Virtualization | 2024-11-21 | 4.4 MEDIUM | 7.0 HIGH |
|
An insecure modification vulnerability flaw was found in containers using nmstate/kubernetes-nmstate-handler. An attacker with access to the container could use this flaw to modify /etc/passwd and escalate their privileges. Versions before kubernetes-nmstate-handler-container-v2.3.0-30 are affected.
|
|||||
| CVE-2020-1708 | 1 Redhat | 1 Openshift Container Platform | 2024-11-21 | 4.4 MEDIUM | 7.0 HIGH |
|
It has been found in openshift-enterprise version 3.11 and all openshift-enterprise versions from 4.1 to, including 4.3, that multiple containers modify the permissions of /etc/passwd to make them modifiable by users other than root. An attacker with access to the running container can exploit this to modify /etc/passwd to add a user and escalate their privileges. This CVE is specific to the openshift/mysql-apb.
|
|||||
| CVE-2020-1705 | 1 Redhat | 1 Template Service Broker Operator | 2024-11-21 | 4.4 MEDIUM | 7.0 HIGH |
|
A vulnerability was found in openshift/template-service-broker-operator in all 4.x.x versions prior to 4.3.0, where an insecure modification vulnerability in the /etc/passwd file was found in the openshift/template-service-broker-operator. An attacker with access to the container could use this flaw to modify /etc/passwd and escalate their privileges.
|
|||||
| CVE-2020-1704 | 1 Redhat | 1 Openshift Service Mesh | 2024-11-21 | 4.6 MEDIUM | 7.0 HIGH |
|
An insecure modification vulnerability in the /etc/passwd file was found in all versions of OpenShift ServiceMesh (maistra) before 1.0.8 in the openshift/istio-kialia-rhel7-operator-container. An attacker with access to the container could use this flaw to modify /etc/passwd and escalate their privileges.
|
|||||
| CVE-2020-16120 | 2 Canonical, Linux | 2 Ubuntu Linux, Linux Kernel | 2024-11-21 | 2.1 LOW | 5.1 MEDIUM |
|
Overlayfs did not properly perform permission checking when copying up files in an overlayfs and could be exploited from within a user namespace, if, for example, unprivileged user namespaces were allowed. It was possible to have a file not readable by an unprivileged user to be copied to a mountpoint controlled by the user, like a removable device. This was introduced in kernel version 4.19 by commit d1d04ef ("ovl: stack file ops"). This was fixed in kernel version 5.8 by commits 56230d9 ("ovl: ...
Show More |
|||||
| CVE-2020-14318 | 2 Redhat, Samba | 3 Enterprise Linux, Storage, Samba | 2024-11-21 | 4.0 MEDIUM | 4.3 MEDIUM |
|
A flaw was found in the way samba handled file and directory permissions. An authenticated user could use this flaw to gain access to certain file and directory information which otherwise would be unavailable to the attacker.
|
|||||
| CVE-2020-10728 | 1 Automationbroker | 1 Apb | 2024-11-21 | N/A | 7.8 HIGH |
|
A flaw was found in automationbroker/apb container in versions up to and including 2.0.4-1. This container grants all users sudoer permissions allowing an unauthorized user with access to the running container the ability to escalate their own privileges. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
|
|||||
| CVE-2020-10695 | 1 Redhat | 1 Single Sign-on | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
|
An insecure modification flaw in the /etc/passwd file was found in the redhat-sso-7 container. An attacker with access to the container can use this flaw to modify the /etc/passwd and escalate their privileges.
|
|||||
| CVE-2019-3843 | 4 Canonical, Fedoraproject, Netapp and 1 more | 8 Ubuntu Linux, Fedora, Cn1610 and 5 more | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
|
It was discovered that a systemd service that uses DynamicUser property can create a SUID/SGID binary that would be allowed to run as the transient service UID/GID even after the service is terminated. A local attacker may use this flaw to access resources that will be owned by a potentially different service in the future, when the UID/GID will be recycled.
|
|||||