Index
Bugtraq
Pełna lista
Błędy
Sztuczki
Exploity
Dorks list
Tylko z CVE
Tylko z CWE
Bogus
Ranking
CVEMAP
Świeża lista CVE
Producenci
Produkty
Słownik CWE
Sprawdź nr. CVE
Sprawdź nr. CWE
Szukaj
W Bugtraq
W bazie CVE
Po autorze
Po nr. CVE
Po nr. CWE
Po producencie
Po produkcie
RSS
Bugtraq
CVEMAP
CVE Produkty
Tylko Błędy
Tylko Exploity
Tylko Dorks
Więcej
cIFrex
Facebook
Twitter
Donate
O bazie
Lang
Polish
English
Submit
CWE
:
Tytuł
Data
Autor
Med.
Trend Micro ServerProtect Disclosure / CSRF / XSS
26.05.2017
Multiple
Med.
Cisco Firepower Threat Management Console Local File Inclusion
06.10.2016
Matt Bergin
High
PLANET IP LFI / CSRF / XSS / Authentication Bypass
17.05.2016
Orwelllabs
High
Arris DG1670A Cable Modem Remote Command Execution
14.02.2016
Matt Bergin
Med.
SAP Business Objects Unauthorized File Repository Server Read
26.02.2015
Onapsis
Med.
SAP Business Objects Unauthorized File Repository Server Write
26.02.2015
Onapsis
Common Weakness Enumeration (CWE)
CVE
Szczegóły
Opis
2024-10-16
CVE-2024-22029
Updating...
Insecure permissions in the packaging of tomcat allow local users that win a race during package installation to escalate to root
2024-10-08
CVE-2024-38029
Updating...
Microsoft OpenSSH for Windows Remote Code Execution Vulnerability
CVE-2024-43581
Updating...
Microsoft OpenSSH for Windows Remote Code Execution Vulnerability
CVE-2024-43615
Updating...
Microsoft OpenSSH for Windows Remote Code Execution Vulnerability
2024-09-27
CVE-2024-9275
Updating...
A vulnerability was found in jeanmarc77 123solar up to 1.8.4.5. It has been rated as critical. This issue affects some unknown processing of the file /admin/admin_invt2.php. The manipulation of the argument PROTOCOLx leads to file inclusion. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
2024-09-25
CVE-2024-9142
Updating...
External Control of File Name or Path, : Incorrect Permission Assignment for Critical Resource vulnerability in Olgu Computer Systems e-Belediye allows Manipulating Web Input to File System Calls.This issue affects e-Belediye: before 2.0.642.
2024-09-11
CVE-2024-7626
Updating...
The WP Delicious �?? Recipe Plugin for Food Bloggers (formerly Delicious Recipes) plugin for WordPress is vulnerable to arbitrary file movement and reading due to insufficient file path validation in the save_edit_profile_details() function in all versions up to, and including, 1.6.9. This makes it possible for authenticated attackers, with subscriber-level access and above, to move arbitrary files on the server, which can easily lead to remote code execution when the right file is moved (such as wp-config.php). This can also lead to the reading of arbitrary files that may contain sensitive information like wp-config.php.
2024-09-10
CVE-2024-41171
Updating...
A vulnerability has been identified in SINUMERIK 828D V4 (All versions), SINUMERIK 828D V5 (All versions < V5.24), SINUMERIK 840D sl V4 (All versions), SINUMERIK ONE (All versions < V6.24). Affected devices do not properly enforce access restrictions to scripts that are regularly executed by the system with elevated privileges. This could allow an authenticated local attacker to escalate their privileges in the underlying system.
2024-08-26
CVE-2023-49582
Updating...
Lax permissions set by the Apache Portable Runtime library on Unix platforms would allow local users read access to named shared memory segments, potentially revealing sensitive application data. This issue does not affect non-Unix platforms, or builds with APR_USE_SHMEM_SHMGET=1 (apr.h) Users are recommended to upgrade to APR version 1.7.5, which fixes this issue.
2024-08-24
CVE-2022-43915
Updating...
IBM App Connect Enterprise Certified Container 5.0, 7.1, 7.2, 8.0, 8.1, 8.2, 9.0, 9.1, 9.2, 10.0, 10.1, 11.0, 11.1, 11.2, 11.3, 11.4, 11.5, 11.6, 12.0, and 12.1 does not limit calls to unshare in running Pods. This can allow a user with access to execute commands in a running Pod to elevate their user privileges.
Copyright
2024
, cxsecurity.com
Back to Top
Polish
English