ReportizFlow
Filtered by vendor
Subscriptions
Total
1489 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-45153 | 2 Opensuse, Suse | 3 Leap, Linux Enterprise Module For Sap Applications, Linux Enterprise Server | 2025-03-18 | 7 High |
| An Incorrect Default Permissions vulnerability in saphanabootstrap-formula of SUSE Linux Enterprise Module for SAP Applications 15-SP1, SUSE Linux Enterprise Server for SAP 12-SP5; openSUSE Leap 15.4 allows local attackers to escalate to root by manipulating the sudo configuration that is created. This issue affects: SUSE Linux Enterprise Module for SAP Applications 15-SP1 saphanabootstrap-formula versions prior to 0.13.1+git.1667812208.4db963e. SUSE Linux Enterprise Server for SAP 12-SP5 saphanabootstrap-formula versions prior to 0.13.1+git.1667812208.4db963e. openSUSE Leap 15.4 saphanabootstrap-formula versions prior to 0.13.1+git.1667812208.4db963e. | ||||
| CVE-2024-48822 | 1 Automatic Systems | 1 Maintenance Slimlane | 2025-03-18 | 8.8 High |
| Privilege escalation in Automatic Systems Maintenance SlimLane 29565_d74ecce0c1081d50546db573a499941b10799fb7 allows a remote attacker to escalate privileges via the FtpConfig.php page. | ||||
| CVE-2021-34182 | 1 Ttyd Project | 1 Ttyd | 2025-03-18 | 9.8 Critical |
| An issue in ttyd v.1.6.3 allows attacker to execute arbitrary code via default configuration permissions. | ||||
| CVE-2021-34164 | 1 Lizhifaka Project | 1 Lizhifaka | 2025-03-18 | 8.8 High |
| Permissions vulnerability in LIZHIFAKA v.2.2.0 allows authenticated attacker to execute arbitrary commands via the set password function in the admin/index/email location. | ||||
| CVE-2021-37000 | 1 Huawei | 1 Harmonyos | 2025-03-18 | 7.7 High |
| Some Huawei wearables have a permission management vulnerability. | ||||
| CVE-2024-55959 | 2025-03-18 | 9.1 Critical | ||
| Northern.tech Mender Client 4.x before 4.0.5 has Insecure Permissions. | ||||
| CVE-2024-40792 | 1 Apple | 1 Macos | 2025-03-18 | 3.3 Low |
| A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15. A malicious app may be able to change network settings. | ||||
| CVE-2024-51162 | 1 Audimex | 1 Audimexee | 2025-03-17 | 8.8 High |
| An issue in Audimex EE versions 15.1.20 and earlier allowing a remote attacker to escalate privileges. Analyzing the offline client code, it was identified that it is possible for any user (with any privilege) of Audimex to dump the whole Audimex database. This gives visibility upon password hashes of any user, ongoing audit data and more. | ||||
| CVE-2024-48823 | 1 Automatic Systems | 1 Maintenance Slimlane | 2025-03-15 | 9.8 Critical |
| Local file inclusion in Automatic Systems Maintenance SlimLane 29565_d74ecce0c1081d50546db573a499941b10799fb7 allows a remote attacker to escalate privileges via the PassageAutoServer.php page. | ||||
| CVE-2024-55957 | 2025-03-14 | 7.8 High | ||
| In Thermo Fisher Scientific Xcalibur before 4.7 SP1 and Thermo Foundation Instrument Control Software (ICSW) before 3.1 SP10, the driver packages have a local privilege escalation vulnerability due to improper access control permissions on Windows systems. | ||||
| CVE-2024-25654 | 1 Avsystem | 1 Unified Management Platform | 2025-03-14 | 5.5 Medium |
| Insecure permissions for log files of AVSystem Unified Management Platform (UMP) 23.07.0.16567~LTS allow members (with local access to the UMP application server) to access credentials to authenticate to all services, and to decrypt sensitive data stored in the database. | ||||
| CVE-2024-30977 | 1 Secnet Security Network Intelligent Ac Management System | 1 Secnet Security Network Intelligent Ac Management System | 2025-03-14 | 7.8 High |
| An issue in Secnet Security Network Intelligent AC Management System v.1.02.040 allows a local attacker to escalate privileges via the password component. | ||||
| CVE-2024-44228 | 1 Apple | 1 Xcode | 2025-03-13 | 7.5 High |
| This issue was addressed with improved permissions checking. This issue is fixed in Xcode 16. An app may be able to inherit Xcode permissions and access user data. | ||||
| CVE-2023-52545 | 1 Huawei | 2 Emui, Harmonyos | 2025-03-13 | 7.5 High |
| Vulnerability of undefined permissions in the Calendar app. Impact: Successful exploitation of this vulnerability will affect availability. | ||||
| CVE-2024-44786 | 1 Meabillis Cms | 1 Meabillis Cms | 2025-03-13 | 7.5 High |
| Incorrect access control in Meabilis CMS 1.0 allows attackers to access other users' address books via unspecified vectors. | ||||
| CVE-2024-30415 | 1 Huawei | 2 Emui, Harmonyos | 2025-03-13 | 9.1 Critical |
| Vulnerability of improper permission control in the window management module. Impact: Successful exploitation of this vulnerability will affect availability. | ||||
| CVE-2023-52717 | 1 Huawei | 2 Emui, Harmonyos | 2025-03-13 | 5.3 Medium |
| Permission verification vulnerability in the lock screen module. Impact: Successful exploitation of this vulnerability will affect availability. | ||||
| CVE-2023-52362 | 1 Huawei | 2 Emui, Harmonyos | 2025-03-13 | 7.5 High |
| Permission management vulnerability in the lock screen module.Successful exploitation of this vulnerability may affect availability. | ||||
| CVE-2022-40232 | 3 Ibm, Linux, Microsoft | 4 Aix, Sterling B2b Integrator, Linux Kernel and 1 more | 2025-03-12 | 6.3 Medium |
| IBM Sterling B2B Integrator Standard Edition 6.1.0.0 through 6.1.1.1, and 6.1.2.0 could allow an authenticated user to perform actions they should not have access to due to improper permission controls. IBM X-Force ID: 235597. | ||||
| CVE-2023-25540 | 1 Dell | 1 Emc Powerscale Onefs | 2025-03-11 | 6 Medium |
| Dell PowerScale OneFS 9.4.0.x contains an incorrect default permissions vulnerability. A local malicious user could potentially exploit this vulnerability to overwrite arbitrary files causing denial of service. | ||||