Vulnerabilities (CVE)

Filtered by CWE-863
Total 1603 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-3469 1 Theforeman 1 Foreman 2024-02-28 3.5 LOW 5.4 MEDIUM
Foreman versions before 2.3.4 and before 2.4.0 is affected by an improper authorization handling flaw. An authenticated attacker can impersonate the foreman-proxy if product enable the Puppet Certificate authority (CA) to sign certificate requests that have subject alternative names (SANs). Foreman do not enable SANs by default and `allow-authorization-extensions` is set to `false` unless user change `/etc/puppetlabs/puppetserver/conf.d/ca.conf` configuration explicitly.
CVE-2021-23015 1 F5 14 Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager, Big-ip Advanced Web Application Firewall and 11 more 2024-02-28 6.5 MEDIUM 7.2 HIGH
On BIG-IP 15.1.x before 15.1.3, 14.1.x before 14.1.4.2, 13.1.0.8 through 13.1.3.6, and all versions of 16.0.x, when running in Appliance Mode, an authenticated user assigned the 'Administrator' role may be able to bypass Appliance Mode restrictions utilizing undisclosed iControl REST endpoints. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
CVE-2010-1435 1 Joomla 1 Joomla\! 2024-02-28 7.5 HIGH 9.8 CRITICAL
Joomla! Core is prone to a security bypass vulnerability. Exploiting this issue may allow attackers to perform otherwise restricted actions and subsequently retrieve password reset tokens from the database through an already existing SQL injection vector. Joomla! Core versions 1.5.x ranging from 1.5.0 and up to and including 1.5.15 are vulnerable.
CVE-2021-28825 2 Microsoft, Tibco 2 Windows, Messaging - Eclipse Mosquitto Distribution - Core 2024-02-28 7.2 HIGH 7.8 HIGH
The Windows Installation component of TIBCO Software Inc.'s TIBCO Messaging - Eclipse Mosquitto Distribution - Core - Community Edition and TIBCO Messaging - Eclipse Mosquitto Distribution - Core - Enterprise Edition contains a vulnerability that theoretically allows a low privileged attacker with local access on some versions of the Windows operating system to insert malicious software. The affected component can be abused to execute the malicious software inserted by the attacker with the elevated privileges of the component. This vulnerability results from a lack of access restrictions on certain files and/or folders in the installation. Affected releases are TIBCO Software Inc.'s TIBCO Messaging - Eclipse Mosquitto Distribution - Core - Community Edition: versions 1.3.0 and below and TIBCO Messaging - Eclipse Mosquitto Distribution - Core - Enterprise Edition: versions 1.3.0 and below.
CVE-2020-25564 1 Sapphireims 1 Sapphireims 2024-02-28 6.5 MEDIUM 8.8 HIGH
In SapphireIMS 5.0, it is possible to create local administrator on any client with credentials of a non-privileged user by directly accessing RemoteMgmtTaskSave (Automation Tasks) feature.
CVE-2021-36758 1 1password 1 Connect 2024-02-28 5.5 MEDIUM 5.4 MEDIUM
1Password Connect server before 1.2 is missing validation checks, permitting users to create Secrets Automation access tokens that can be used to perform privilege escalation. Malicious users authorized to create Secrets Automation access tokens can create tokens that have access beyond what the user is authorized to access, but limited to the existing authorizations of the Secret Automation the token is created in.
CVE-2021-3493 1 Canonical 1 Ubuntu Linux 2024-02-28 7.2 HIGH 7.8 HIGH
The overlayfs implementation in the linux kernel did not properly validate with respect to user namespaces the setting of file capabilities on files in an underlying file system. Due to the combination of unprivileged user namespaces along with a patch carried in the Ubuntu kernel to allow unprivileged overlay mounts, an attacker could use this to gain elevated privileges.
CVE-2021-24278 1 Querysol 1 Redirection For Contact Form 7 2024-02-28 5.0 MEDIUM 7.5 HIGH
In the Redirection for Contact Form 7 WordPress plugin before 2.3.4, unauthenticated users can use the wpcf7r_get_nonce AJAX action to retrieve a valid nonce for any WordPress action/function.
CVE-2021-39138 1 Parseplatform 1 Parse-server 2024-02-28 6.4 MEDIUM 6.5 MEDIUM
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Developers can use the REST API to signup users and also allow users to login anonymously. Prior to version 4.5.1, when an anonymous user is first signed up using REST, the server creates session incorrectly. Particularly, the `authProvider` field in `_Session` class under `createdWith` shows the user logged in creating a password. If a developer later depends on the `createdWith` field to provide a different level of access between a password user and anonymous user, the server incorrectly classified the session type as being created with a `password`. The server does not currently use `createdWith` to make decisions about internal functions, so if a developer is not using `createdWith` directly, they are not affected. The vulnerability only affects users who depend on `createdWith` by using it directly. The issue is patched in Parse Server version 4.5.1. As a workaround, do not use the `createdWith` Session field to make decisions if one allows anonymous login.
CVE-2020-26560 1 Bluetooth 1 Mesh Profile 2024-02-28 4.8 MEDIUM 8.1 HIGH
Bluetooth Mesh Provisioning in the Bluetooth Mesh profile 1.0 and 1.0.1 may permit a nearby device, reflecting the authentication evidence from a Provisioner, to complete authentication without possessing the AuthValue, and potentially acquire a NetKey and AppKey.
CVE-2021-22211 1 Gitlab 1 Gitlab 2024-02-28 3.5 LOW 4.3 MEDIUM
An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.7. GitLab Dependency Proxy, under certain circumstances, can impersonate a user resulting in possibly incorrect access handling.
CVE-2021-30925 1 Apple 4 Ipados, Iphone Os, Macos and 1 more 2024-02-28 6.4 MEDIUM 9.1 CRITICAL
The issue was addressed with improved permissions logic. This issue is fixed in watchOS 8, macOS Big Sur 11.6, iOS 15 and iPadOS 15. A malicious application may be able to bypass Privacy preferences.
CVE-2021-1539 1 Cisco 5 Asr 5000, Asr 5500, Asr 5700 and 2 more 2024-02-28 6.5 MEDIUM 8.8 HIGH
Multiple vulnerabilities in the authorization process of Cisco ASR 5000 Series Software (StarOS) could allow an authenticated, remote attacker to bypass authorization and execute a subset of CLI commands on an affected device. For more information about these vulnerabilities, see the Details section of this advisory.
CVE-2021-35949 1 Owncloud 1 Owncloud 2024-02-28 5.0 MEDIUM 5.3 MEDIUM
The shareinfo controller in the ownCloud Server before 10.8.0 allows an attacker to bypass the permission checks for upload only shares and list metadata about the share.
CVE-2021-31876 1 Bitcoin 1 Bitcoin 2024-02-28 6.4 MEDIUM 6.5 MEDIUM
Bitcoin Core 0.12.0 through 0.21.1 does not properly implement the replacement policy specified in BIP125, which makes it easier for attackers to trigger a loss of funds, or a denial of service attack against downstream projects such as Lightning network nodes. An unconfirmed child transaction with nSequence = 0xff_ff_ff_ff, spending an unconfirmed parent with nSequence <= 0xff_ff_ff_fd, should be replaceable because there is inherited signaling by the child transaction. However, the actual PreChecks implementation does not enforce this. Instead, mempool rejects the replacement attempt of the unconfirmed child transaction.
CVE-2021-0571 1 Google 1 Android 2024-02-28 4.6 MEDIUM 7.8 HIGH
In ActivityTaskManagerService.startActivity() and AppTaskImpl.startActivity() of ActivityTaskManagerService.java and AppTaskImpl.java, there is possible access to restricted activities due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-137395936
CVE-2021-20429 1 Ibm 1 Qradar User Behavior Analytics 2024-02-28 5.0 MEDIUM 5.3 MEDIUM
IBM QRadar User Behavior Analytics 1.0.0 through 4.1.0 could disclose sensitive information due an overly permissive cross-domain policy. IBM X-Force ID: 196334.
CVE-2021-25410 1 Google 1 Android 2024-02-28 3.6 LOW 7.1 HIGH
Improper access control of a component in CallBGProvider prior to SMR JUN-2021 Release 1 allows local attackers to access arbitrary files with an escalated privilege.
CVE-2021-24244 1 Wpbakery Page Builder Clipboard Project 1 Wpbakery Page Builder Clipboard 2024-02-28 4.0 MEDIUM 6.5 MEDIUM
An AJAX action registered by the WPBakery Page Builder (Visual Composer) Clipboard WordPress plugin before 4.5.8 did not have capability checks, allowing low privilege users, such as subscribers, to update the license options (key, email).
CVE-2020-27901 1 Apple 1 Macos 2024-02-28 4.3 MEDIUM 6.3 MEDIUM
A logic issue was addressed with improved restrictions. This issue is fixed in macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, macOS Big Sur 11.0.1. A sandboxed process may be able to circumvent sandbox restrictions.