Exposure of Resource to Wrong Sphere

The product exposes a resource to the wrong control sphere, providing unintended actors with inappropriate access to the resource.

CVEs (717)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2016-11008 1Usabilitydynamics 1Wp Invoice Nov 21, 2024 Sep 20, 2019 N/A· v4 5.3 MEDIUM· v3 5.0 MEDIUM· v2 The wp-invoice plugin before 4.1.1 for WordPress has incorrect access control over wpi_paypal payer metadata updates.
CVE-2016-11007 1Usabilitydynamics 1Wp Invoice Nov 21, 2024 Sep 20, 2019 N/A· v4 5.3 MEDIUM· v3 5.0 MEDIUM· v2 The wp-invoice plugin before 4.1.1 for WordPress has incorrect access control over wpi_user_id for invoice retrieval.
CVE-2016-11006 1Usabilitydynamics 1Wp Invoice Nov 21, 2024 Sep 20, 2019 N/A· v4 5.3 MEDIUM· v3 5.0 MEDIUM· v2 The wp-invoice plugin before 4.1.1 for WordPress has incorrect access control for admin_init settings changes.
CVE-2018-20947 1Cpanel 1Cpanel Nov 21, 2024 Aug 1, 2019 N/A· v4 5.5 MEDIUM· v3 2.1 LOW· v2 cPanel before 68.0.27 allows certain file-write operations via the telnetcrt script (SEC-356).
CVE-2016-10840 1Cpanel 1Cpanel Nov 21, 2024 Aug 1, 2019 N/A· v4 8.8 HIGH· v3 9.0 HIGH· v2 cPanel before 11.54.0.4 allows arbitrary code execution during locale duplication (SEC-72).
CVE-2019-10365 1Google 1Kubernetes Engine Nov 21, 2024 Jul 31, 2019 N/A· v4 4.3 MEDIUM· v3 4.0 MEDIUM· v2 Jenkins Google Kubernetes Engine Plugin 0.6.2 and earlier created a temporary file containing a temporary access token in the project workspace, where it could be accessed by users with Job/Read permission.
CVE-2019-11728 2Mozilla Opensuse 2Firefox Leap Nov 21, 2024 Jul 23, 2019 N/A· v4 4.7 MEDIUM· v3 4.3 MEDIUM· v2 The HTTP Alternative Services header, Alt-Svc, can be used by a malicious site to scan all TCP ports of any host that the accessible to a user when web content is loaded. This vulnerability affects Firefox < 68.
CVE-2019-3970 1Comodo 1Antivirus Nov 21, 2024 Jul 17, 2019 N/A· v4 5.5 MEDIUM· v3 2.1 LOW· v2 Comodo Antivirus versions up to 12.0.0.6810 are vulnerable to Arbitrary File Write due to Cavwp.exe handling of Comodo's Antivirus database. Cavwp.exe loads Comodo antivirus definition database in unsecured global sectio...Show more Comodo Antivirus versions up to 12.0.0.6810 are vulnerable to Arbitrary File Write due to Cavwp.exe handling of Comodo's Antivirus database. Cavwp.exe loads Comodo antivirus definition database in unsecured global section objects, allowing a local low privileged process to modify this data directly and change virus signatures.Show less
CVE-2019-13379 1Avtech 1Room Alert 3e Firmware Nov 21, 2024 Jul 7, 2019 N/A· v4 8.8 HIGH· v3 9.0 HIGH· v2 On AVTECH Room Alert 3E devices before 2.2.5, an attacker with access to the device's web interface may escalate privileges from an unauthenticated user to administrator by performing a cmd.cgi?action=ResetDefaults&src=R...Show more On AVTECH Room Alert 3E devices before 2.2.5, an attacker with access to the device's web interface may escalate privileges from an unauthenticated user to administrator by performing a cmd.cgi?action=ResetDefaults&src=RA reset and using the default credentials to get in.Show less
CVE-2019-9186 1Jetbrains 1Intellij Idea Nov 21, 2024 Jul 3, 2019 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 In several JetBrains IntelliJ IDEA versions, a Spring Boot run configuration with the default setting allowed remote attackers to execute code when the configuration is running, because a JMX server listens on all interf...Show more In several JetBrains IntelliJ IDEA versions, a Spring Boot run configuration with the default setting allowed remote attackers to execute code when the configuration is running, because a JMX server listens on all interfaces (instead of listening on only the localhost interface). This issue has been fixed in the following versions: 2019.1, 2018.3.4, 2018.2.8, 2018.1.8, and 2017.3.7.Show less
CVE-2019-3569 1Facebook 1Hhvm Nov 21, 2024 Jun 26, 2019 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 HHVM, when used with FastCGI, would bind by default to all available interfaces. This behavior could allow a malicious individual unintended direct access to the application, which could result in information disclosure....Show more HHVM, when used with FastCGI, would bind by default to all available interfaces. This behavior could allow a malicious individual unintended direct access to the application, which could result in information disclosure. This issue affects versions 4.3.0, 4.4.0, 4.5.0, 4.6.0, 4.7.0, 4.8.0, versions 3.30.5 and below, and all versions in the 4.0, 4.1, and 4.2 series.Show less
CVE-2019-12929 1Qemu 1Qemu Nov 21, 2024 Jun 24, 2019 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 The QMP guest_exec command in QEMU 4.0.0 and earlier is prone to OS command injection, which allows the attacker to achieve code execution, denial of service, or information disclosure by sending a crafted QMP command to...Show more The QMP guest_exec command in QEMU 4.0.0 and earlier is prone to OS command injection, which allows the attacker to achieve code execution, denial of service, or information disclosure by sending a crafted QMP command to the listening server. Note: This has been disputed as a non-issue since QEMU's -qmp interface is meant to be used by trusted users. If one is able to access this interface via a tcp socket open to the internet, then it is an insecure configuration issueShow less
CVE-2019-12928 1Qemu 1Qemu Nov 21, 2024 Jun 24, 2019 N/A· v4 9.8 CRITICAL· v3 10.0 HIGH· v2 The QMP migrate command in QEMU version 4.0.0 and earlier is vulnerable to OS command injection, which allows the remote attacker to achieve code execution, denial of service, or information disclosure by sending a craft...Show more The QMP migrate command in QEMU version 4.0.0 and earlier is vulnerable to OS command injection, which allows the remote attacker to achieve code execution, denial of service, or information disclosure by sending a crafted QMP command to the listening server. Note: This has been disputed as a non-issue since QEMU's -qmp interface is meant to be used by trusted users. If one is able to access this interface via a tcp socket open to the internet, then it is an insecure configuration issueShow less
CVE-2019-1848 1Cisco 1Digital Network Architecture Center Nov 21, 2024 Jun 20, 2019 N/A· v4 9.3 CRITICAL· v3 4.8 MEDIUM· v2 A vulnerability in Cisco Digital Network Architecture (DNA) Center could allow an unauthenticated, adjacent attacker to bypass authentication and access critical internal services. The vulnerability is due to insufficien...Show more A vulnerability in Cisco Digital Network Architecture (DNA) Center could allow an unauthenticated, adjacent attacker to bypass authentication and access critical internal services. The vulnerability is due to insufficient access restriction to ports necessary for system operation. An attacker could exploit this vulnerability by connecting an unauthorized network device to the subnet designated for cluster services. A successful exploit could allow an attacker to reach internal services that are not hardened for external access.Show less
CVE-2019-12904 2Gnupg Opensuse 2Leap Libgcrypt Nov 21, 2024 Jun 20, 2019 N/A· v4 5.9 MEDIUM· v3 4.3 MEDIUM· v2 In Libgcrypt 1.8.4, the C implementation of AES is vulnerable to a flush-and-reload side-channel attack because physical addresses are available to other processes. (The C implementation is used on platforms where an ass...Show more In Libgcrypt 1.8.4, the C implementation of AES is vulnerable to a flush-and-reload side-channel attack because physical addresses are available to other processes. (The C implementation is used on platforms where an assembly-language implementation is unavailable.) NOTE: the vendor's position is that the issue report cannot be validated because there is no description of an attackShow less
CVE-2019-12875 1Alpinelinux 1Abuild Nov 21, 2024 Jun 18, 2019 N/A· v4 6.5 MEDIUM· v3 4.0 MEDIUM· v2 Alpine Linux abuild through 3.4.0 allows an unprivileged member of the abuild group to add an untrusted package via a --keys-dir option that causes acceptance of an untrusted signing key.
CVE-2019-12274 1Suse 1Rancher Nov 21, 2024 Jun 6, 2019 N/A· v4 8.8 HIGH· v3 4.0 MEDIUM· v2 In Rancher 1 and 2 through 2.2.3, unprivileged users (if allowed to deploy nodes) can gain admin access to the Rancher management plane because node driver options intentionally allow posting certain data to the cloud. T...Show more In Rancher 1 and 2 through 2.2.3, unprivileged users (if allowed to deploy nodes) can gain admin access to the Rancher management plane because node driver options intentionally allow posting certain data to the cloud. The problem is that a user could choose to post a sensitive file such as /root/.kube/config or /var/lib/rancher/management-state/cred/kubeconfig-system.yaml.Show less
CVE-2018-4048 1Gog 1Galaxy Nov 21, 2024 May 30, 2019 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 An exploitable local privilege elevation vulnerability exists in the file system permissions of the `Temp` directory in GOG Galaxy 1.2.48.36 (Windows 64-bit Installer). An attacker can overwrite executables of the Deskto...Show more An exploitable local privilege elevation vulnerability exists in the file system permissions of the `Temp` directory in GOG Galaxy 1.2.48.36 (Windows 64-bit Installer). An attacker can overwrite executables of the Desktop Galaxy Updater to exploit this vulnerability and execute arbitrary code with SYSTEM privileges.Show less
CVE-2018-7846 1Schneider Electric 4Modicon M340 Firmware Modicon M580 FirmwareModicon Premium Firmware+1 more Nov 21, 2024 May 22, 2019 N/A· v4 9.8 CRITICAL· v3 5.0 MEDIUM· v2 A CWE-501: Trust Boundary Violation vulnerability on connection to the Controller exists in all versions of the Modicon M580, Modicon M340, Modicon Quantum and Modicon Premium which could cause unauthorized access by con...Show more A CWE-501: Trust Boundary Violation vulnerability on connection to the Controller exists in all versions of the Modicon M580, Modicon M340, Modicon Quantum and Modicon Premium which could cause unauthorized access by conducting a brute force attack on Modbus protocol to the controller.Show less
CVE-2018-20321 1Suse 1Rancher Nov 21, 2024 Apr 10, 2019 N/A· v4 8.8 HIGH· v3 9.0 HIGH· v2 An issue was discovered in Rancher 2 through 2.1.5. Any project member with access to the default namespace can mount the netes-default service account in a pod, and then use that pod to execute administrative privileged...Show more An issue was discovered in Rancher 2 through 2.1.5. Any project member with access to the default namespace can mount the netes-default service account in a pod, and then use that pod to execute administrative privileged commands against the k8s cluster. This could be mitigated by isolating the default namespace in a separate project, where only cluster admins can be given permissions to access. As of 2018-12-20, this bug affected ALL clusters created or imported by Rancher.Show less

Previous 1...323334 35 36 Next