Filtered by CWE-276
Filtered by vendor Subscriptions
Total 1138 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2024-29083 1 Intel 1 Distribution For Python 2024-11-15 6.7 Medium
Incorrect default permissions in some Intel(R) Distribution for Python software before version 2024.2 may allow an authenticated user to potentially enable escalation of privilege via local access.
CVE-2024-35201 1 Intel 1 Sdp Software 2024-11-15 6.7 Medium
Incorrect default permissions in the Intel(R) SDP Tool for Windows software all versions may allow an authenticated user to enable escalation of privilege via local access.
CVE-2024-42188 2024-11-15 3.7 Low
HCL Connections is vulnerable to a broken access control vulnerability that may allow an unauthorized user to update data in certain scenarios.
CVE-2024-49504 1 Suse 1 Opensuse Tumbleweed 2024-11-13 8.4 High
grub2 allowed attackers with access to the grub shell to access files on the encrypted disks.
CVE-2024-34679 1 Samsung 1 Android 2024-11-12 4 Medium
Incorrect default permissions in Crane prior to SMR Nov-2024 Release 1 allows local attackers to access files with phone privilege.
CVE-2024-47593 1 Sap Se 1 Sap Netweaver And Abap Platform 2024-11-12 4.3 Medium
SAP NetWeaver Application Server ABAP allows an unauthenticated attacker with network access to read files from the server, which otherwise would be restricted.This attack is possible only if a Web Dispatcher or some sort of Proxy Server is in use and the file in question was previously opened or downloaded in an application based on SAP GUI for HTML Technology. This will not compromise the application's integrity or availability.
CVE-2024-46894 1 Siemens 1 Sinec Ins 2024-11-12 6.3 Medium
A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 3). The affected application does not properly validate authorization of a user to query the "/api/sftp/users" endpoint. This could allow an authenticated remote attacker to gain knowledge about the list of configured users of the SFTP service and also modify that configuration.
CVE-2024-43430 1 Moodle 1 Moodle 2024-11-12 5.3 Medium
A flaw was found in moodle. External API access to Quiz can override contained insufficient access control.
CVE-2024-51567 1 Cyberpanel 1 Cyberpanel 2024-11-09 10 Critical
upgrademysqlstatus in databases/views.py in CyberPanel (aka Cyber Panel) before 5b08cd6 allows remote attackers to bypass authentication and execute arbitrary commands via /dataBases/upgrademysqlstatus by bypassing secMiddleware (which is only for a POST request) and using shell metacharacters in the statusfile property, as exploited in the wild in October 2024 by PSAUX. Versions through 2.3.6 and (unpatched) 2.3.7 are affected.
CVE-2019-20457 1 Brother 1 Mfc-j491dw 2024-11-08 9.1 Critical
An issue was discovered on Brother MFC-J491DW C1806180757 devices. The printer's web-interface password hash can be retrieved without authentication, because the response header of any failed login attempt returns an incomplete authorization cookie. The value of the authorization cookie is the MD5 hash of the password in hexadecimal. An attacker can easily derive the true MD5 hash from this, and use offline cracking attacks to obtain administrative access to the device.
CVE-2019-20458 1 Epson 1 Xp-255 2024-11-08 8.8 High
An issue was discovered on Epson Expression Home XP255 20.08.FM10I8 devices. By default, the device comes (and functions) without a password. The user is at no point prompted to set up a password on the device (leaving a number of devices without a password). In this case, anyone connecting to the web admin panel is capable of becoming admin without using any credentials.
CVE-2024-36063 1 Goodwy Com 1 Right Dialer 2024-11-08 7.5 High
The Goodwy com.goodwy.dialer (aka Right Dialer) application through 5.1.0 for Android enables any application (with no permissions) to place phone calls without user interaction by sending a crafted intent via the com.goodwy.dialer.activities.DialerActivity component.
CVE-2024-50590 1 Hasomed 1 Elefant 2024-11-08 7.8 High
Attackers with local access to the medical office computer can escalate their Windows user privileges to "NT AUTHORITY\SYSTEM" by overwriting one of two Elefant service binaries with weak permissions. The default installation directory of Elefant is "C:\Elefant1" which is writable for all users. In addition, the Elefant installer registers two Firebird database services which are running as “NT AUTHORITY\SYSTEM”.  Path: C:\Elefant1\Firebird_2\bin\fbserver.exe Path: C:\Elefant1\Firebird_2\bin\fbguard.exe Both service binaries are user writable. This means that a local attacker can rename one of the service binaries, replace the service executable with a new executable, and then restart the system. Once the system has rebooted, the new service binary is executed as "NT AUTHORITY\SYSTEM".
CVE-2020-11921 1 Lush 2 1 Lush 2 2024-11-08 8.8 High
An issue was discovered in Lush 2 through 2020-02-25. Due to the lack of Bluetooth traffic encryption, it is possible to hijack an ongoing Bluetooth connection between the Lush 2 and a mobile phone. This allows an attacker to gain full control over the device.
CVE-2024-7587 2 Iconics, Mitsubishielectric 2 Genesis64, Mc Works64 2024-11-06 7.8 High
Incorrect Default Permissions vulnerability in GenBroker32, which is included in the installers for ICONICS GENESIS64 version 10.97.3 and prior, Mitsubishi Electric GENESIS64 version 10.97.3 and prior and Mitsubishi Electric MC Works64 all versions allows a local authenticated attacker to disclose or tamper with confidential information and data contained in the products, or cause a denial of service (DoS) condition on the products, by accessing a folder with incorrect permissions, when GenBroker32 is installed on the same PC as GENESIS64 or MC Works64.
CVE-2024-9191 1 Okta 1 Verify 2024-11-05 7.1 High
The Okta Device Access features, provided by the Okta Verify agent for Windows, provides access to the OktaDeviceAccessPipe, which enables attackers in a compromised device to retrieve passwords associated with Desktop MFA passwordless logins. The vulnerability was discovered via routine penetration testing. Note: A precondition of this vulnerability is that the user must be using the Okta Device Access passwordless feature. Okta Device Access users not using passwordless are not affected, and customers only using Okta Verify on platforms other than Windows, or only using FastPass are not affected.
CVE-2024-9167 1 Ivanti 1 Velocity License Server 2024-11-04 7.8 High
Under specific circumstances, insecure permissions in Ivanti Velocity License Server before version 5.2 allows a local authenticated attacker to achieve local privilege escalation.
CVE-2024-8037 2024-11-01 6.5 Medium
Vulnerable juju hook tool abstract UNIX domain socket. When combined with an attack of JUJU_CONTEXT_ID, any user on the local system with access to the default network namespace may connect to the @/var/lib/juju/agents/unit-xxxx-yyyy/agent.socket and perform actions that are normally reserved to a juju charm.
CVE-2024-48572 1 Aquila 1 Cms 2024-11-01 N/A
A User enumeration vulnerability in AquilaCMS 1.409.20 and prior allows unauthenticated attackers to obtain email addresses via the "Add a user" feature. The vulnerability occurs due to insufficiently validated user input being processed as a regular expression, which is then matched against email addresses to find duplicate entries.
CVE-2023-45896 2024-11-01 7.1 High
ntfs3 in the Linux kernel through 6.8.0 allows a physically proximate attacker to read kernel memory by mounting a filesystem (e.g., if a Linux distribution is configured to allow unprivileged mounts of removable media) and then leveraging local access to trigger an out-of-bounds read. A length value can be larger than the amount of memory allocated. NOTE: the supplier's perspective is that there is no vulnerability when an attack requires an attacker-modified filesystem image.