Total
312 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-49932 | 2024-11-21 | 5.4 Medium | ||
| An issue was discovered in Couchbase Server before 7.2.4. An attacker can bypass SQL++ N1QL cURL host restrictions. | ||||
| CVE-2023-48240 | 1 Xwiki | 1 Xwiki | 2024-11-21 | 9.1 Critical |
| XWiki Platform is a generic wiki platform. The rendered diff in XWiki embeds images to be able to compare the contents and not display a difference for an actually unchanged image. For this, XWiki requests all embedded images on the server side. These requests are also sent for images from other domains and include all cookies that were sent in the original request to ensure that images with restricted view right can be compared. Starting in version 11.10.1 and prior to versions 14.10.15, 15.5.1, and 15.6, this allows an attacker to steal login and session cookies that allow impersonating the current user who views the diff. The attack can be triggered with an image that references the rendered diff, thus making it easy to trigger. Apart from stealing login cookies, this also allows server-side request forgery (the result of any successful request is returned in the image's source) and viewing protected content as once a resource is cached, it is returned for all users. As only successful requests are cached, the cache will be filled by the first user who is allowed to access the resource. This has been patched in XWiki 14.10.15, 15.5.1 and 15.6. The rendered diff now only downloads images from trusted domains. Further, cookies are only sent when the image's domain is the same the requested domain. The cache has been changed to be specific for each user. As a workaround, the image embedding feature can be disabled by deleting `xwiki-platform-diff-xml-<version>.jar` in `WEB-INF/lib/`. | ||||
| CVE-2023-47463 | 1 Gl-inet | 2 Gl-ax1800, Gl-ax1800 Firmware | 2024-11-21 | 9.8 Critical |
| Insecure Permissions vulnerability in GL.iNet AX1800 version 4.0.0 before 4.5.0 allows a remote attacker to execute arbitrary code via a crafted script to the gl_nas_sys authentication function. | ||||
| CVE-2023-45807 | 1 Amazon | 1 Opensearch | 2024-11-21 | 5.4 Medium |
| OpenSearch is a community-driven, open source fork of Elasticsearch and Kibana following the license change in early 2021. There is an issue with the implementation of tenant permissions in OpenSearch Dashboards where authenticated users with read-only access to a tenant can perform create, edit and delete operations on index metadata of dashboards and visualizations in that tenant, potentially rendering them unavailable. This issue does not affect index data, only metadata. Dashboards correctly enforces read-only permissions when indexing and updating documents. This issue does not provide additional read access to data users don’t already have. This issue can be mitigated by disabling the tenants functionality for the cluster. Versions 1.3.14 and 2.11.0 contain a fix for this issue. | ||||
| CVE-2023-43612 | 1 Openatom | 1 Openharmony | 2024-11-21 | 8.4 High |
| in OpenHarmony v3.2.2 and prior versions allow a local attacker arbitrary file read and write through improper preservation of permissions. | ||||
| CVE-2023-41939 | 1 Jenkins | 1 Ssh2 Easy | 2024-11-21 | 8.8 High |
| Jenkins SSH2 Easy Plugin 1.4 and earlier does not verify that permissions configured to be granted are enabled, potentially allowing users formerly granted (typically optional permissions, like Overall/Manage) to access functionality they're no longer entitled to. | ||||
| CVE-2023-39902 | 1 Nxp | 5 I.mx 8m, I.mx 8m Mini, I.mx 8m Nano and 2 more | 2024-11-21 | 7 High |
| A software vulnerability has been identified in the U-Boot Secondary Program Loader (SPL) before 2023.07 on select NXP i.MX 8M family processors. Under certain conditions, a crafted Flattened Image Tree (FIT) format structure can be used to overwrite SPL memory, allowing unauthenticated software to execute on the target, leading to privilege escalation. This affects i.MX 8M, i.MX 8M Mini, i.MX 8M Nano, and i.MX 8M Plus. | ||||
| CVE-2023-35938 | 1 Enalean | 1 Tuleap | 2024-11-21 | 4.1 Medium |
| Tuleap is a Free & Open Source Suite to improve management of software developments and collaboration. When switching from a project visibility that allows restricted users to `Private without restricted`, restricted users that are project administrators keep this access right. Restricted users that were project administrators before the visibility switch keep the possibility to access the project and do some administration actions. This issue has been resolved in Tuleap version 14.9.99.63. Users are advised to upgrade. There are no known workarounds for this issue. | ||||
| CVE-2023-34034 | 2 Redhat, Vmware | 2 Jboss Fuse, Spring Security | 2024-11-21 | 9.1 Critical |
| Using "**" as a pattern in Spring Security configuration for WebFlux creates a mismatch in pattern matching between Spring Security and Spring WebFlux, and the potential for a security bypass. | ||||
| CVE-2023-30735 | 1 Samsung | 1 Sassistant | 2024-11-21 | 5.1 Medium |
| Improper Preservation of Permissions vulnerability in SAssistant prior to version 8.7 allows local attackers to access backup data in SAssistant. | ||||
| CVE-2023-2993 | 1 Lenovo | 16 Nextscale N1200 Enclosure, Nextscale N1200 Enclosure Firmware, Thinkagile Cp-cb-10 and 13 more | 2024-11-21 | 5.4 Medium |
| A valid, authenticated user with limited privileges may be able to use specifically crafted web management server API calls to execute a limited number of commands on SMM v1, SMM v2, and FPC that the user does not normally have sufficient privileges to execute. | ||||
| CVE-2023-2818 | 1 Proofpoint | 1 Insider Threat Management | 2024-11-21 | 5.5 Medium |
| An insecure filesystem permission in the Insider Threat Management Agent for Windows enables local unprivileged users to disrupt agent monitoring. All versions prior to 7.14.3 are affected. Agents for MacOS and Linux and Cloud are unaffected. | ||||
| CVE-2023-21464 | 2 Google, Samsung | 2 Android, Calendar | 2024-11-21 | 4 Medium |
| Improper access control in Samsung Calendar prior to versions 12.4.02.9000 in Android 13 and 12.3.08.2000 in Android 12 allows local attacker to configure improper status. | ||||
| CVE-2023-21249 | 1 Google | 1 Android | 2024-11-21 | 5.5 Medium |
| In multiple functions of OneTimePermissionUserManager.java, there is a possible one-time permission retention due to a permissions bypass. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2023-1386 | 3 Fedoraproject, Qemu, Redhat | 4 Fedora, Qemu, Advanced Virtualization and 1 more | 2024-11-21 | 3.3 Low |
| A flaw was found in the 9p passthrough filesystem (9pfs) implementation in QEMU. When a local user in the guest writes an executable file with SUID or SGID, none of these privileged bits are correctly dropped. As a result, in rare circumstances, this flaw could be used by malicious users in the guest to elevate their privileges within the guest and help a host local user to elevate privileges on the host. | ||||
| CVE-2022-4326 | 2 Microsoft, Trellix | 2 Windows, Endpoint Security | 2024-11-21 | 5.5 Medium |
| Improper preservation of permissions vulnerability in Trellix Endpoint Agent (xAgent) prior to V35.31.22 on Windows allows a local user with administrator privileges to bypass the product protection to uninstall the agent via incorrectly applied permissions in the removal protection functionality. | ||||
| CVE-2022-4139 | 2 Linux, Redhat | 4 Linux Kernel, Enterprise Linux, Rhel Eus and 1 more | 2024-11-21 | 7.8 High |
| An incorrect TLB flush issue was found in the Linux kernel’s GPU i915 kernel driver, potentially leading to random memory corruption or data leaks. This flaw could allow a local user to crash the system or escalate their privileges on the system. | ||||
| CVE-2022-48301 | 1 Huawei | 2 Emui, Harmonyos | 2024-11-21 | 7.5 High |
| The bundle management module lacks permission verification in some APIs. Successful exploitation of this vulnerability may restore the pre-installed apps that have been uninstalled. | ||||
| CVE-2022-48296 | 1 Huawei | 2 Emui, Harmonyos | 2024-11-21 | 5.3 Medium |
| The SystemUI has a vulnerability in permission management. Successful exploitation of this vulnerability may cause users to receive broadcasts from malicious apps, conveying false alarm information about external storage devices. | ||||
| CVE-2022-48295 | 1 Huawei | 2 Emui, Harmonyos | 2024-11-21 | 7.5 High |
| The IHwAntiMalPlugin interface lacks permission verification. Successful exploitation of this vulnerability can lead to filling problems (batch installation of applications). | ||||