Total
1394 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2012-5578 | 1 Python | 1 Keyring | 2024-11-21 | 6.2 Medium |
| Python keyring has insecure permissions on new databases allowing world-readable files to be created | ||||
| CVE-2012-5577 | 2 Debian, Python | 2 Debian Linux, Keyring | 2024-11-21 | 7.5 High |
| Python keyring lib before 0.10 created keyring files with world-readable permissions. | ||||
| CVE-2012-4434 | 1 Cipherdyne | 1 Fwknop | 2024-11-21 | 8.8 High |
| fwknop before 2.0.3 allow remote authenticated users to cause a denial of service (server crash) or possibly execute arbitrary code. | ||||
| CVE-2012-1157 | 2 Fedoraproject, Moodle | 2 Fedora, Moodle | 2024-11-21 | 4.3 Medium |
| Moodle before 2.2.2 has a default repository capabilities issue where all repositories are viewable by all users by default | ||||
| CVE-2011-1762 | 1 Wordpress | 1 Wordpress | 2024-11-21 | 6.5 Medium |
| A flaw exists in Wordpress related to the 'wp-admin/press-this.php 'script improperly checking user permissions when publishing posts. This may allow a user with 'Contributor-level' privileges to post as if they had 'publish_posts' permission. | ||||
| CVE-2010-5108 | 2 Debian, Edgewall | 2 Debian Linux, Trac | 2024-11-21 | 7.5 High |
| Trac 0.11.6 does not properly check workflow permissions before modifying a ticket. This can be exploited by an attacker to change the status and resolution of tickets without having proper permissions. | ||||
| CVE-2024-48293 | 1 Quickheal Antivirus Pro | 1 Quickheal Antivirus Pro | 2024-11-19 | 6.5 Medium |
| Incorrect access control in QuickHeal Antivirus Pro 24.1.0.182 and earlier allows authenticated attackers with low-level privileges to arbitrarily modify antivirus settings. | ||||
| CVE-2024-48292 | 2 Quickheal Antivirus Pro, Quickheal Total Security | 2 Quickheal Antivirus Pro, Quickheal Total Security | 2024-11-19 | 8.8 High |
| An issue in the wssrvc.exe service of QuickHeal Antivirus Pro Version v24.0 and Quick Heal Total Security v24.0 allows authenticated attackers to escalate privileges. | ||||
| CVE-2024-51051 | 1 Avscms | 1 Avscms | 2024-11-19 | 9.8 Critical |
| AVSCMS v8.2.0 was discovered to contain weak default credentials for the Administrator account. | ||||
| CVE-2024-51765 | 1 Hpe | 1 Cray System Management Software | 2024-11-19 | 5.5 Medium |
| A security vulnerability has been identified in HPE Cray Data Virtualization Service (DVS). Depending on configuration, this vulnerability may lead to local/cluster unauthorized access. | ||||
| CVE-2024-51764 | 1 Hpe | 1 Sgi Cxfs | 2024-11-19 | 5.5 Medium |
| A security vulnerability has been identified in HPE Data Management Framework (DMF) Suite (CXFS). Depending on configuration, this vulnerability may lead to local/cluster unauthorized access. | ||||
| CVE-2024-44760 | 1 Sunmochina | 1 Enterprise Management System | 2024-11-15 | 9.1 Critical |
| Incorrect access control in the component /servlet/SnoopServlet of Shenzhou News Union Enterprise Management System v5.0 through v18.8 allows attackers to access sensitive information regarding the server. | ||||
| CVE-2024-5474 | 1 Lenovo | 2 Dolby Vision Provisioning, Dolby Vision Provisioning Software | 2024-11-15 | 5.5 Medium |
| A potential information disclosure vulnerability was reported in Lenovo's packaging of Dolby Vision Provisioning software prior to version 2.0.0.2 that could allow a local attacker to read files on the system with elevated privileges during installation of the package. Previously installed versions are not affected by this issue. | ||||
| CVE-2024-25647 | 1 Intel Binary Configuration Tool Software For Windows | 1 Intel Binary Configuration Tool Software For Windows | 2024-11-15 | 6.7 Medium |
| Incorrect default permissions for some Intel(R) Binary Configuration Tool software for Windows before version 3.4.5 may allow an authenticated user to potentially enable escalation of privilege via local access. | ||||
| CVE-2024-21820 | 1 Intel | 4 3rd Generation Intel Xeon Scalable Processor Family, 4th Generation Intel Xeon Processor Scalable Family, 5th Generation Intel Xeon Processor Scalable Family and 1 more | 2024-11-15 | 7.2 High |
| Incorrect default permissions in some Intel(R) Xeon(R) processor memory controller configurations when using Intel(R) SGX may allow a privileged user to potentially enable escalation of privilege via local access. | ||||
| CVE-2024-29083 | 1 Intel | 1 Distribution For Python | 2024-11-15 | 6.7 Medium |
| Incorrect default permissions in some Intel(R) Distribution for Python software before version 2024.2 may allow an authenticated user to potentially enable escalation of privilege via local access. | ||||
| CVE-2024-42188 | 2024-11-15 | 3.7 Low | ||
| HCL Connections is vulnerable to a broken access control vulnerability that may allow an unauthorized user to update data in certain scenarios. | ||||
| CVE-2024-49504 | 1 Suse | 1 Opensuse Tumbleweed | 2024-11-13 | 8.4 High |
| grub2 allowed attackers with access to the grub shell to access files on the encrypted disks. | ||||
| CVE-2024-34679 | 1 Samsung | 1 Android | 2024-11-12 | 4 Medium |
| Incorrect default permissions in Crane prior to SMR Nov-2024 Release 1 allows local attackers to access files with phone privilege. | ||||
| CVE-2024-47593 | 1 Sap Se | 1 Sap Netweaver And Abap Platform | 2024-11-12 | 4.3 Medium |
| SAP NetWeaver Application Server ABAP allows an unauthenticated attacker with network access to read files from the server, which otherwise would be restricted.This attack is possible only if a Web Dispatcher or some sort of Proxy Server is in use and the file in question was previously opened or downloaded in an application based on SAP GUI for HTML Technology. This will not compromise the application's integrity or availability. | ||||