Total
1333 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2023-32992 | 1 Jenkins | 1 Saml Single Sign On | 2024-08-02 | 8.8 High |
Missing permission checks in Jenkins SAML Single Sign On(SSO) Plugin 2.0.2 and earlier allow attackers with Overall/Read permission to send an HTTP request to an attacker-specified URL and parse the response as XML, or parse a local file on the Jenkins controller as XML. | ||||
CVE-2023-32979 | 2 Jenkins, Redhat | 2 Email Extension, Openshift | 2024-08-02 | 4.3 Medium |
Jenkins Email Extension Plugin does not perform a permission check in a method implementing form validation, allowing attackers with Overall/Read permission to check for the existence of files in the email-templates/ directory in the Jenkins home directory on the controller file system. | ||||
CVE-2023-32990 | 1 Jenkins | 1 Azure Vm Agents | 2024-08-02 | 6.5 Medium |
A missing permission check in Jenkins Azure VM Agents Plugin 852.v8d35f0960a_43 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified Azure Cloud server using attacker-specified credentials IDs obtained through another method. | ||||
CVE-2023-32303 | 1 Planet | 1 Planet | 2024-08-02 | 5.2 Medium |
Planet is software that provides satellite data. The secret file stores the user's Planet API authentication information. It should only be accessible by the user, but before version 2.0.1, its permissions allowed the user's group and non-group to read the file as well. This issue was patched in version 2.0.1. As a workaround, set the secret file permissions to only user read/write by hand. | ||||
CVE-2023-32162 | 2 Microsoft, Wacom | 2 Windows, Driver | 2024-08-02 | 7.8 High |
Wacom Drivers for Windows Incorrect Permission Assignment Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Wacom Drivers for Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of the WacomInstallI.txt file by the PrefUtil.exe utility. The issue results from incorrect permissions on the WacomInstallI.txt file. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-16318. | ||||
CVE-2023-32005 | 1 Nodejs | 1 Node.js | 2024-08-02 | 5.3 Medium |
A vulnerability has been identified in Node.js version 20, affecting users of the experimental permission model when the --allow-fs-read flag is used with a non-* argument. This flaw arises from an inadequate permission model that fails to restrict file stats through the `fs.statfs` API. As a result, malicious actors can retrieve stats from files that they do not have explicit read access to. This vulnerability affects all users using the experimental permission model in Node.js 20. Please note that at the time this CVE was issued, the permission model is an experimental feature of Node.js. | ||||
CVE-2023-31874 | 1 Yank-note | 1 Yank Note | 2024-08-02 | 8.8 High |
Yank Note (YN) 3.52.1 allows execution of arbitrary code when a crafted file is opened, e.g., via nodeRequire('child_process'). | ||||
CVE-2023-31748 | 1 Wondershare | 1 Mobiletrans | 2024-08-02 | 7.8 High |
Insecure permissions in MobileTrans v4.0.11 allows attackers to escalate privileges to local admin via replacing the executable file. | ||||
CVE-2023-31453 | 1 Apache | 1 Inlong | 2024-08-02 | 7.5 High |
Incorrect Permission Assignment for Critical Resource Vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.2.0 through 1.6.0. The attacker can delete others' subscriptions, even if they are not the owner of the deleted subscription. Users are advised to upgrade to Apache InLong's 1.7.0 or cherry-pick [1] to solve it. [1] https://github.com/apache/inlong/pull/7949 https://github.com/apache/inlong/pull/7949 | ||||
CVE-2023-31454 | 1 Apache | 1 Inlong | 2024-08-02 | 7.5 High |
Incorrect Permission Assignment for Critical Resource Vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.2.0 through 1.6.0. The attacker can bind any cluster, even if he is not the cluster owner. Users are advised to upgrade to Apache InLong's 1.7.0 or cherry-pick [1] to solve it.[1] https://github.com/apache/inlong/pull/7947 https://github.com/apache/inlong/pull/7947 | ||||
CVE-2023-31445 | 1 Cassianetworks | 1 Access Controller | 2024-08-02 | 5.3 Medium |
Cassia Access controller before 2.1.1.2203171453, was discovered to have a unprivileged -information disclosure vulnerability that allows read-only users have the ability to enumerate all other users and discover e-mail addresses, phone numbers, and privileges of all other users. | ||||
CVE-2023-31238 | 1 Siemens | 2 Q200, Q200 Firmware | 2024-08-02 | 5.5 Medium |
A vulnerability has been identified in POWER METER SICAM Q100 (All versions < V2.60), POWER METER SICAM Q100 (All versions < V2.60), POWER METER SICAM Q100 (All versions < V2.60), POWER METER SICAM Q100 (All versions < V2.60). Affected devices are missing cookie protection flags when using the default settings. An attacker who gains access to a session token can use it to impersonate a legitimate application user. | ||||
CVE-2023-31142 | 1 Discourse | 1 Discourse | 2024-08-02 | 2 Low |
Discourse is an open source discussion platform. Prior to version 3.0.4 of the `stable` branch and version 3.1.0.beta5 of the `beta` and `tests-passed` branches, if a site has modified their general category permissions, they could be set back to the default. This issue is patched in version 3.0.4 of the `stable` branch and version 3.1.0.beta5 of the `beta` and `tests-passed` branches. A workaround, only if you are modifying the general category permissions, is to use a new category for the same purpose. | ||||
CVE-2023-30897 | 1 Siemens | 1 Wincc | 2024-08-02 | 7.8 High |
A vulnerability has been identified in SIMATIC WinCC (All versions < V7.5.2.13). Affected applications fail to set proper access rights for their installation folder if a non-default installation path was chosen during installation. This could allow an authenticated local attacker to inject arbitrary code and escalate privileges. | ||||
CVE-2023-30606 | 1 Discourse | 1 Discourse | 2024-08-02 | 4.2 Medium |
Discourse is an open source platform for community discussion. In affected versions a user logged as an administrator can call arbitrary methods on the `SiteSetting` class, notably `#clear_cache!` and `#notify_changed!`, which when done on a multisite instance, can affect the entire cluster resulting in a denial of service. Users not running in multisite environments are not affected. This issue is patched in the latest stable, beta and tests-passed versions of Discourse. Users are advised to upgrade. There are no known workarounds for this vulnerability. | ||||
CVE-2023-30512 | 1 Linuxfoundation | 1 Cubefs | 2024-08-02 | 6.5 Medium |
CubeFS through 3.2.1 allows Kubernetes cluster-level privilege escalation. This occurs because DaemonSet has cfs-csi-cluster-role and can thus list all secrets, including the admin secret. | ||||
CVE-2023-30399 | 1 Garo | 6 Wallbox Glb, Wallbox Glb Firmware, Wallbox Gtb and 3 more | 2024-08-02 | 8.1 High |
Insecure permissions in the settings page of GARO Wallbox GLB/GTB/GTC before v189 allows attackers to redirect users to a crafted update package link via a man-in-the-middle attack. | ||||
CVE-2023-29860 | 1 Dtstack | 1 Taier | 2024-08-02 | 7.5 High |
An insecure permissions in /Taier/API/tenant/listTenant interface in DTStack Taier 1.3.0 allows attackers to view sensitive information via the getCookie method. | ||||
CVE-2023-29065 | 2 Bd, Hp | 3 Facschorus, Hp Z2 Tower G5, Hp Z2 Tower G9 | 2024-08-02 | 4.1 Medium |
The FACSChorus software database can be accessed directly with the privileges of the currently logged-in user. A threat actor with physical access could potentially gain credentials, which could be used to alter or destroy data stored in the database. | ||||
CVE-2023-28960 | 1 Juniper | 1 Junos Os Evolved | 2024-08-02 | 8.2 High |
An Incorrect Permission Assignment for Critical Resource vulnerability in Juniper Networks Junos OS Evolved allows a local, authenticated low-privileged attacker to copy potentially malicious files into an existing Docker container on the local system. A follow-on administrator could then inadvertently start the Docker container leading to the malicious files being executed as root. This issue only affects systems with Docker configured and enabled, which is not enabled by default. Systems without Docker started are not vulnerable to this issue. This issue affects Juniper Networks Junos OS Evolved: 20.4 versions prior to 20.4R3-S5-EVO; 21.2 versions prior to 21.2R3-EVO; 21.3 versions prior to 21.3R3-EVO; 21.4 versions prior to 21.4R2-EVO. This issue does not affect Juniper Networks Junos OS Evolved versions prior to 19.2R1-EVO. |