Total
56 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-27822 | 1 Apple | 1 Macos | 2025-02-13 | 7.4 High |
| A logic issue was addressed with improved restrictions. This issue is fixed in macOS Sonoma 14.5. An app may be able to gain root privileges. | ||||
| CVE-2022-36377 | 1 Intel | 7 Nuc 8 Rugged Kit Nuc8cchkr, Nuc Board Nuc8cchb, Nuc Kit Nuc5pgyh and 4 more | 2025-02-05 | 6.7 Medium |
| Insecure inherited permissions in some Intel(R) Wireless Adapter Driver installation software for Intel(R) NUC Kits & Mini PCs before version 22.190.0.3 for Windows may allow an authenticated user to potentially enable escalation of privilege via local access. | ||||
| CVE-2024-36294 | 1 Intel | 2 Driver \& Support Assistant, Dsa Software | 2025-02-04 | 6.7 Medium |
| Insecure inherited permissions for some Intel(R) DSA software before version 24.3.26.8 may allow an authenticated user to potentially enable escalation of privilege via local access. | ||||
| CVE-2024-36276 | 1 Intel | 2 *, Computing Improvement Program | 2025-02-04 | 6.7 Medium |
| Insecure inherited permissions for some Intel(R) CIP software before version 2.4.10852 may allow an authenticated user to potentially enable escalation of privilege via local access. | ||||
| CVE-2022-41658 | 1 Intel | 1 Vtune Profiler | 2025-01-27 | 6.7 Medium |
| Insecure inherited permissions in the Intel(R) VTune(TM) Profiler software before version 2023.0 may allow an authenticated user to potentially enable escalation of privilege via local access. | ||||
| CVE-2022-41687 | 2 Intel, Microsoft | 15 Nuc P14e Laptop Element, Windows 10 1507, Windows 10 1511 and 12 more | 2025-01-27 | 6.7 Medium |
| Insecure inherited permissions in the HotKey Services for some Intel(R) NUC P14E Laptop Element software for Windows 10 before version 1.1.44 may allow an authenticated user to potentially enable escalation of privilege via local access. | ||||
| CVE-2022-46656 | 1 Intel | 1 Nuc Pro Software Suite | 2025-01-27 | 6.7 Medium |
| Insecure inherited permissions for the Intel(R) NUC Pro Software Suite before version 2.0.0.3 may allow an authenticated user to potentially enable escalation of privilege via local access. | ||||
| CVE-2022-38103 | 1 Intel | 1 Nuc Software Studio Service | 2025-01-27 | 6.7 Medium |
| Insecure inherited permissions in the Intel(R) NUC Software Studio Service installer before version 1.17.38.0 may allow an authenticated user to potentially enable escalation of privilege via local access | ||||
| CVE-2024-7143 | 2 Pulpproject, Redhat | 6 Pulp, Ansible Automation Platform, Ansible Automation Platform Developer and 3 more | 2024-12-31 | 8.3 High |
| A flaw was found in the Pulp package. When a role-based access control (RBAC) object in Pulp is set to assign permissions on its creation, it uses the `AutoAddObjPermsMixin` (typically the add_roles_for_object_creator method). This method finds the object creator by checking the current authenticated user. For objects that are created within a task, this current user is set by the first user with any permissions on the task object. This means the oldest user with model/domain-level task permissions will always be set as the current user of a task, even if they didn't dispatch the task. Therefore, all objects created in tasks will have their permissions assigned to this oldest user, and the creating user will receive nothing. | ||||
| CVE-2023-29065 | 2 Bd, Hp | 3 Facschorus, Hp Z2 Tower G5, Hp Z2 Tower G9 | 2024-12-02 | 4.1 Medium |
| The FACSChorus software database can be accessed directly with the privileges of the currently logged-in user. A threat actor with physical access could potentially gain credentials, which could be used to alter or destroy data stored in the database. | ||||
| CVE-2024-39877 | 1 Apache | 1 Airflow | 2024-11-21 | 8.8 High |
| Apache Airflow 2.4.0, and versions before 2.9.3, has a vulnerability that allows authenticated DAG authors to craft a doc_md parameter in a way that could execute arbitrary code in the scheduler context, which should be forbidden according to the Airflow Security model. Users should upgrade to version 2.9.3 or later which has removed the vulnerability. | ||||
| CVE-2024-36691 | 2024-11-21 | 6.3 Medium | ||
| Insecure permissions in the AdminController.AjaxSave() method of PPGo_Jobs v2.8.0 allows authenticated attackers to arbitrarily modify users' account information. | ||||
| CVE-2024-36539 | 1 Projectcontour | 1 Contour | 2024-11-21 | 9.8 Critical |
| Insecure permissions in contour v1.28.3 allows attackers to access sensitive data and escalate privileges by obtaining the service account's token. | ||||
| CVE-2024-29417 | 2024-11-21 | 8.4 High | ||
| Insecure Permissions vulnerability in e-trust Horacius 1.0, 1.1, and 1.2 allows a local attacker to escalate privileges via the password reset function. | ||||
| CVE-2024-22365 | 2 Linux-pam, Redhat | 2 Linux-pam, Enterprise Linux | 2024-11-21 | 5.5 Medium |
| linux-pam (aka Linux PAM) before 1.6.0 allows attackers to cause a denial of service (blocked login process) via mkfifo because the openat call (for protect_dir) lacks O_DIRECTORY. | ||||
| CVE-2024-21835 | 1 Intel | 1 Extreme Tuning Utility | 2024-11-21 | 6.7 Medium |
| Insecure inherited permissions in some Intel(R) XTU software before version 7.14.0.15 may allow an authenticated user to potentially enable escalation of privilege via local access. | ||||
| CVE-2023-45736 | 2024-11-21 | 6.7 Medium | ||
| Insecure inherited permissions in Intel(R) Power Gadget software for Windows all versions may allow an authenticated user to potentially enable escalation of privilege via local access. | ||||
| CVE-2023-39230 | 1 Intel | 1 Rapid Storage Technology | 2024-11-21 | 6.7 Medium |
| Insecure inherited permissions in some Intel Rapid Storage Technology software before version 16.8.5.1014.9 may allow an authenticated user to potentially enable escalation of privilege via local access. | ||||
| CVE-2023-38541 | 1 Intel | 1 Hid Event Filter Driver | 2024-11-21 | 6.7 Medium |
| Insecure inherited permissions in some Intel HID Event Filter drivers for Windows 10 for some Intel NUC laptop software installers before version 2.2.2.1 may allow an authenticated user to potentially enable escalation of privilege via local access. | ||||
| CVE-2023-34997 | 1 Intel | 1 Server Configuration Utility | 2024-11-21 | 6.7 Medium |
| Insecure inherited permissions in the installer for some Intel Server Configuration Utility software before version 16.0.9 may allow an authenticated user to potentially enable escalation of privilege via local access. | ||||