ReportizFlow
Filtered by vendor
Subscriptions
Total
1406 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-4332 | 2 Broadcom, Intel | 3 Lsi Storage Authority, Raid Controller Web Interface, Raid Web Console 3 | 2024-11-21 | 7.5 High |
| Broadcom RAID Controller web interface is vulnerable due to Improper permissions on the log file | ||||
| CVE-2023-4228 | 1 Moxa | 2 Iologik E4200, Iologik E4200 Firmware | 2024-11-21 | 3.1 Low |
| A vulnerability has been identified in ioLogik 4000 Series (ioLogik E4200) firmware versions v1.6 and prior, where the session cookies attribute is not set properly in the affected application. The vulnerability may lead to security risks, potentially exposing user session data to unauthorized access and manipulation. | ||||
| CVE-2023-49946 | 1 Forgejo | 1 Forgejo | 2024-11-21 | 9.1 Critical |
| In Forgejo before 1.20.5-1, certain endpoints do not check whether an object belongs to a repository for which permissions are being checked. This allows remote attackers to read private issues, read private pull requests, delete issues, and perform other unauthorized actions. | ||||
| CVE-2023-49797 | 1 Pyinstaller | 1 Pyinstaller | 2024-11-21 | 8.8 High |
| PyInstaller bundles a Python application and all its dependencies into a single package. A PyInstaller built application, elevated as a privileged process, may be tricked by an unprivileged attacker into deleting files the unprivileged user does not otherwise have access to. A user is affected if **all** the following are satisfied: 1. The user runs an application containing either `matplotlib` or `win32com`. 2. The application is ran as administrator (or at least a user with higher privileges than the attacker). 3. The user's temporary directory is not locked to that specific user (most likely due to `TMP`/`TEMP` environment variables pointing to an unprotected, arbitrary, non default location). Either: A. The attacker is able to very carefully time the replacement of a temporary file with a symlink. This switch must occur exactly between `shutil.rmtree()`'s builtin symlink check and the deletion itself B: The application was built with Python 3.7.x or earlier which has no protection against Directory Junctions links. The vulnerability has been addressed in PR #7827 which corresponds to `pyinstaller >= 5.13.1`. Users are advised to upgrade. There are no known workarounds for this vulnerability. | ||||
| CVE-2023-49582 | 1 Apache | 1 Portable Runtime | 2024-11-21 | 5.5 Medium |
| Lax permissions set by the Apache Portable Runtime library on Unix platforms would allow local users read access to named shared memory segments, potentially revealing sensitive application data. This issue does not affect non-Unix platforms, or builds with APR_USE_SHMEM_SHMGET=1 (apr.h) Users are recommended to upgrade to APR version 1.7.5, which fixes this issue. | ||||
| CVE-2023-49580 | 1 Sap | 1 Graphical User Interface | 2024-11-21 | 7.3 High |
| SAP GUI for Windows and SAP GUI for Java - versions SAP_BASIS 755, SAP_BASIS 756, SAP_BASIS 757, SAP_BASIS 758, allow an unauthenticated attacker to access information which would otherwise be restricted and confidential. In addition, this vulnerability allows the unauthenticated attacker to create Layout configurations of the ABAP List Viewer and with this causing a mild impact on integrity and availability, e.g. also increasing the response times of the AS ABAP. | ||||
| CVE-2023-49578 | 1 Sap | 1 Cloud Connector | 2024-11-21 | 3.5 Low |
| SAP Cloud Connector - version 2.0, allows an authenticated user with low privilege to perform Denial of service attack from adjacent UI by sending a malicious request which leads to low impact on the availability and no impact on confidentiality or Integrity of the application. | ||||
| CVE-2023-49257 | 1 Hongdian | 2 H8951-4g-esp, H8951-4g-esp Firmware | 2024-11-21 | 8.8 High |
| An authenticated user is able to upload an arbitrary CGI-compatible file using the certificate upload utility and execute it with the root user privileges. | ||||
| CVE-2023-48714 | 1 Silverstripe | 1 Framework | 2024-11-21 | 4.3 Medium |
| Silverstripe Framework is the framework that forms the base of the Silverstripe content management system. Prior to versions 4.13.39 and 5.1.11, if a user should not be able to see a record, but that record can be added to a `GridField` using the `GridFieldAddExistingAutocompleter` component, the record's title can be accessed by that user. Versions 4.13.39 and 5.1.11 contain a fix for this issue. | ||||
| CVE-2023-48087 | 1 Xuxueli | 1 Xxl-job | 2024-11-21 | 5.4 Medium |
| xxl-job-admin 2.4.0 is vulnerable to Insecure Permissions via /xxl-job-admin/joblog/clearLog and /xxl-job-admin/joblog/logDetailCat. | ||||
| CVE-2023-47801 | 1 Clickstudios | 1 Passwordstate | 2024-11-21 | 4.7 Medium |
| An issue was discovered in Click Studios Passwordstate before 9811. Existing users (Security Administrators) could use the System Wide API Key to read or delete private password records when specifically used with the PasswordHistory API endpoint. It is also possible to use the Copy/Move Password Record API Key to Copy/Move private password records. | ||||
| CVE-2023-47712 | 1 Ibm | 1 Security Guardium | 2024-11-21 | 7.8 High |
| IBM Security Guardium 11.3, 11.4, 11.5, and 12.0 could allow a local user to gain elevated privileges on the system due to improper permissions control. IBM X-Force ID: 271527. | ||||
| CVE-2023-47564 | 1 Qnap | 1 Qsync Central | 2024-11-21 | 8 High |
| An incorrect permission assignment for critical resource vulnerability has been reported to affect Qsync Central. If exploited, the vulnerability could allow authenticated users to read or modify the resource via a network. We have already fixed the vulnerability in the following versions: Qsync Central 4.4.0.15 ( 2024/01/04 ) and later Qsync Central 4.3.0.11 ( 2024/01/11 ) and later | ||||
| CVE-2023-46449 | 1 Mayurik | 1 Inventory Management System | 2024-11-21 | 8.8 High |
| Sourcecodester Free and Open Source inventory management system v1.0 is vulnerable to Incorrect Access Control. An arbitrary user can change the password of another user and takeover the account via IDOR in the password change function. | ||||
| CVE-2023-46142 | 1 Phoenixcontact | 17 Axc F 1152, Axc F 1152 Firmware, Axc F 2152 and 14 more | 2024-11-21 | 8.8 High |
| A incorrect permission assignment for critical resource vulnerability in PLCnext products allows an remote attacker with low privileges to gain full access on the affected devices. | ||||
| CVE-2023-46141 | 1 Phoenixcontact | 31 Automationworx Software Suite, Axc 1050, Axc 1050 Firmware and 28 more | 2024-11-21 | 9.8 Critical |
| Incorrect Permission Assignment for Critical Resource vulnerability in multiple products of the PHOENIX CONTACT classic line allow an remote unauthenticated attacker to gain full access of the affected device. | ||||
| CVE-2023-45369 | 1 Mediawiki | 1 Mediawiki | 2024-11-21 | 4.3 Medium |
| An issue was discovered in the PageTriage extension for MediaWiki before 1.35.12, 1.36.x through 1.39.x before 1.39.5, and 1.40.x before 1.40.1. Usernames of hidden users are exposed. | ||||
| CVE-2023-45364 | 2 Debian, Mediawiki | 2 Debian Linux, Mediawiki | 2024-11-21 | 5.3 Medium |
| An issue was discovered in includes/page/Article.php in MediaWiki 1.36.x through 1.39.x before 1.39.5 and 1.40.x before 1.40.1. Deleted revision existence is leaked due to incorrect permissions being checked. This reveals that a given revision ID belonged to the given page title, and its timestamp, both of which are not supposed to be public information. | ||||
| CVE-2023-45205 | 1 Siemens | 1 Sicam Pas\/pqs | 2024-11-21 | 7.8 High |
| A vulnerability has been identified in SICAM PAS/PQS (All versions >= V8.00 < V8.20). The affected application is installed with specific files and folders with insecure permissions. This could allow an authenticated local attacker to inject arbitrary code and escalate privileges to `NT AUTHORITY/SYSTEM`. | ||||
| CVE-2023-44387 | 2 Gradle, Redhat | 2 Gradle, Amq Streams | 2024-11-21 | 3.2 Low |
| Gradle is a build tool with a focus on build automation and support for multi-language development. When copying or archiving symlinked files, Gradle resolves them but applies the permissions of the symlink itself instead of the permissions of the linked file to the resulting file. This leads to files having too much permissions given that symlinks usually are world readable and writeable. While it is unlikely this results in a direct vulnerability for the impacted build, it may open up attack vectors depending on where build artifacts end up being copied to or un-archived. In versions 7.6.3, 8.4 and above, Gradle will now properly use the permissions of the file pointed at by the symlink to set permissions of the copied or archived file. | ||||