Vulnerabilities (CVE)

Filtered by CWE-863
Total 1609 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2018-10925 3 Canonical, Debian, Postgresql 3 Ubuntu Linux, Debian Linux, Postgresql 2024-02-28 5.5 MEDIUM 8.1 HIGH
It was discovered that PostgreSQL versions before 10.5, 9.6.10, 9.5.14, 9.4.19, and 9.3.24 failed to properly check authorization on certain statements involved with "INSERT ... ON CONFLICT DO UPDATE". An attacker with "CREATE TABLE" privileges could exploit this to read arbitrary bytes server memory. If the attacker also had certain "INSERT" and limited "UPDATE" privileges to a particular table, they could exploit this to update other columns in the same table.
CVE-2018-1250 1 Dell 3 Emc Unity, Emc Unity Firmware, Emc Unityvsa 2024-02-28 4.0 MEDIUM 6.5 MEDIUM
Dell EMC Unity and UnityVSA versions prior to 4.3.1.1525703027 contains an Authorization Bypass vulnerability. A remote authenticated user could potentially exploit this vulnerability to read files in NAS server by directly interacting with certain APIs of Unity OE, bypassing Role-Based Authorization control implemented only in Unisphere GUI.
CVE-2018-16597 3 Linux, Netapp, Opensuse 4 Linux Kernel, Active Iq Performance Analytics Services, Element Software and 1 more 2024-02-28 4.9 MEDIUM 5.5 MEDIUM
An issue was discovered in the Linux kernel before 4.8. Incorrect access checking in overlayfs mounts could be used by local attackers to modify or truncate files in the underlying filesystem.
CVE-2018-1999004 2 Jenkins, Oracle 2 Jenkins, Communications Cloud Native Core Automated Test Suite 2024-02-28 4.0 MEDIUM 4.3 MEDIUM
A Improper authorization vulnerability exists in Jenkins 2.132 and earlier, 2.121.1 and earlier in SlaveComputer.java that allows attackers with Overall/Read permission to initiate agent launches, and abort in-progress agent launches.
CVE-2018-12369 2 Canonical, Mozilla 3 Ubuntu Linux, Firefox, Firefox Esr 2024-02-28 7.5 HIGH 9.8 CRITICAL
WebExtensions bundled with embedded experiments were not correctly checked for proper authorization. This allowed a malicious WebExtension to gain full browser permissions. This vulnerability affects Firefox ESR < 60.1 and Firefox < 61.
CVE-2018-1000412 1 Jenkins 1 Jira 2024-02-28 4.0 MEDIUM 8.8 HIGH
An improper authorization vulnerability exists in Jenkins Jira Plugin 3.0.1 and earlier in JiraSite.java that allows attackers with Overall/Read access to have Jenkins connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.
CVE-2018-15468 1 Xen 1 Xen 2024-02-28 4.9 MEDIUM 6.0 MEDIUM
An issue was discovered in Xen through 4.11.x. The DEBUGCTL MSR contains several debugging features, some of which virtualise cleanly, but some do not. In particular, Branch Trace Store is not virtualised by the processor, and software has to be careful to configure it suitably not to lock up the core. As a result, it must only be available to fully trusted guests. Unfortunately, in the case that vPMU is disabled, all value checking was skipped, allowing the guest to choose any MSR_DEBUGCTL setting it likes. A malicious or buggy guest administrator (on Intel x86 HVM or PVH) can lock up the entire host, causing a Denial of Service.
CVE-2018-2494 1 Sap 1 Business Application Software Integrated Solution 2024-02-28 6.5 MEDIUM 8.0 HIGH
Necessary authorization checks for an authenticated user, resulting in escalation of privileges, have been fixed in SAP Basis AS ABAP of SAP NetWeaver 700 to 750, from 750 onwards delivered as ABAP Platform.
CVE-2018-14666 1 Redhat 1 Satellite 2024-02-28 6.5 MEDIUM 7.2 HIGH
An improper authorization flaw was found in the Smart Class feature of Foreman. An attacker can use it to change configuration of any host registered in Red Hat Satellite, independent of the organization the host belongs to. This flaw affects all Red Hat Satellite 6 versions.
CVE-2018-0459 1 Cisco 1 Network Functions Virtualization Infrastructure 2024-02-28 6.8 MEDIUM 6.5 MEDIUM
A vulnerability in the web-based management interface of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, remote attacker to cause an affected system to reboot or shut down. The vulnerability is due to insufficient server-side authorization checks. An attacker who is logged in to the web-based management interface as a low-privileged user could exploit this vulnerability by sending a crafted HTTP request. A successful exploit could allow the attacker to use the low-privileged user account to reboot or shut down the affected system.
CVE-2018-1999047 1 Jenkins 1 Jenkins 2024-02-28 4.0 MEDIUM 6.5 MEDIUM
A improper authorization vulnerability exists in Jenkins 2.137 and earlier, 2.121.2 and earlier in UpdateCenter.java that allows attackers to cancel a Jenkins restart scheduled through the update center.
CVE-2018-18397 3 Canonical, Linux, Redhat 10 Ubuntu Linux, Linux Kernel, Enterprise Linux Desktop and 7 more 2024-02-28 2.1 LOW 5.5 MEDIUM
The userfaultfd implementation in the Linux kernel before 4.19.7 mishandles access control for certain UFFDIO_ ioctl calls, as demonstrated by allowing local users to write data into holes in a tmpfs file (if the user has read-only access to that file, and that file contains holes), related to fs/userfaultfd.c and mm/userfaultfd.c.
CVE-2018-15405 1 Cisco 1 Ucs Director 2024-02-28 4.0 MEDIUM 6.5 MEDIUM
A vulnerability in the web interface for specific feature sets of Cisco Integrated Management Controller (IMC) Supervisor and Cisco UCS Director could allow an authenticated, remote attacker to access sensitive information. The vulnerability is due to an authorization check that does not properly include the access level of the web interface user. An attacker who has valid application credentials could exploit this vulnerability by sending a crafted HTTP request to the web interface. A successful exploit could allow the attacker to view sensitive information that belongs to other users. The attacker could then use this information to conduct additional reconnaissance attacks.
CVE-2018-15774 1 Dell 3 Idrac7 Firmware, Idrac8 Firmware, Idrac9 Firmware 2024-02-28 6.5 MEDIUM 8.8 HIGH
Dell EMC iDRAC7/iDRAC8 versions prior to 2.61.60.60 and iDRAC9 versions prior to 3.20.21.20, 3.21.24.22, 3.21.26.22, and 3.23.23.23 contain a privilege escalation vulnerability. An authenticated malicious iDRAC user with operator privileges could potentially exploit a permissions check flaw in the Redfish interface to gain administrator access.
CVE-2018-13356 1 Terra-master 1 Terramaster Operating System 2024-02-28 9.0 HIGH 8.8 HIGH
Incorrect access control on ajaxdata.php in TerraMaster TOS version 3.1.03 allows attackers to elevate user permissions.
CVE-2018-7366 1 Zte 2 Zxv10 B860av2.1 Chinamobile, Zxv10 B860av2.1 Chinamobile Firmware 2024-02-28 4.6 MEDIUM 6.8 MEDIUM
ZTE ZXV10 B860AV2.1 product ChinaMobile branch with the ICNT versions up to V1.3.3, the BESTV versions up to V1.2.2, the WASU versions up to V1.1.7 and the MGTV versions up to V1.4.6 have an authentication bypass vulnerability, which may allows an unauthorized user to perform unauthorized operations.
CVE-2018-7363 1 Zte 2 Zxhn F670, Zxhn F670 Firmware 2024-02-28 3.3 LOW 8.8 HIGH
All versions up to V1.1.10P3T18 of ZTE ZXHN F670 product are impacted by improper authorization vulnerability. Since appviahttp service has no authorization delay, an attacker can be allowed to brute force account credentials.
CVE-2018-17950 1 Microfocus 1 Edirectory 2024-02-28 5.0 MEDIUM 7.5 HIGH
Incorrect enforcement of authorization checks in eDirectory prior to 9.1 SP2
CVE-2019-7639 2 Fedoraproject, Gsi-openssh Project 2 Fedora, Gsi-openssh 2024-02-28 4.3 MEDIUM 8.1 HIGH
An issue was discovered in gsi-openssh-server 7.9p1 on Fedora 29. If PermitPAMUserChange is set to yes in the /etc/gsissh/sshd_config file, logins succeed with a valid username and an incorrect password, even though a failure entry is recorded in the /var/log/messages file.
CVE-2017-12115 1 Ethereum 1 Cpp-ethereum 2024-02-28 6.8 MEDIUM 8.1 HIGH
An exploitable improper authorization vulnerability exists in miner_setEtherbase API of cpp-ethereum's JSON-RPC (commit 4e1015743b95821849d001618a7ce82c7c073768). A JSON request can cause an access to the restricted functionality resulting in authorization bypass.