| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| The SOAP API in MantisBT before 1.2.9 does not properly enforce the bugnote_allow_user_edit_delete and delete_bug_threshold permissions, which allows remote authenticated users with read and write SOAP API privileges to delete arbitrary bug reports and bug notes. |
| Newgen OmniDocs allows remote attackers to bypass intended access restrictions via (1) a modified FolderRights parameter to doccab/doclist.jsp, which leads to arbitrary permission changes; or (2) a modified UserIndex parameter to doccab/userprofile/editprofile.jsp, which selects the settings page of an arbitrary user. |
| Apache Struts 2.3.1.2 and earlier, 2.3.19-2.3.23, provides interfaces that do not properly restrict access to collections such as the session and request collections, which might allow remote attackers to modify run-time data values via a crafted parameter to an application that implements an affected interface, as demonstrated by the SessionAware, RequestAware, ApplicationAware, ServletRequestAware, ServletResponseAware, and ParameterAware interfaces. NOTE: the vendor disputes the significance of this report because of an "easy work-around in existing apps by configuring the interceptor." |
| The Organic Groups (OG) module 6.x-2.x before 6.x-2.3 for Drupal does not properly restrict access, which allows remote attackers to obtain sensitive information such as private group titles via a request through the Views module. |
| The installer in VMware Workstation 7.x before 7.1.2 build 301548 and VMware Player 3.x before 3.1.2 build 301548 renders an index.htm file if present in the installation directory, which might allow local users to trigger unintended interpretation of web script or HTML by creating this file. |
| The vbd_create function in Xen 3.1.2, when the Linux kernel 2.6.18 on Red Hat Enterprise Linux (RHEL) 5 is used, allows guest OS users to cause a denial of service (host OS panic) via an attempted access to a virtual CD-ROM device through the blkback driver. NOTE: some of these details are obtained from third party information. |
| Multiple array index errors in sound/oss/opl3.c in the Linux kernel before 2.6.39 allow local users to cause a denial of service (heap memory corruption) or possibly gain privileges by leveraging write access to /dev/sequencer. |
| Google Chrome before 24.0.1312.52 on Linux uses weak permissions for shared memory segments, which has unspecified impact and attack vectors. |
| Google Chrome before 26.0.1410.43 does not properly restrict brute-force access attempts against web sites that require HTTP Basic Authentication, which has unspecified impact and attack vectors. |
| The extension functionality in Google Chrome before 26.0.1410.43 does not verify that use of the permissions API is consistent with file permissions, which has unspecified impact and attack vectors. |
| utils/ecryptfs-recover-private in ecryptfs-utils before 90 does not establish a subdirectory with safe permissions, which might allow local users to bypass intended access restrictions via standard filesystem operations during the recovery process. |
| RSA Authentication Client 2.0.x, 3.0, and 3.5.x before 3.5.3 does not properly handle a SENSITIVE or NON-EXTRACTABLE tag on a secret key object that is stored on a SecurID 800 authenticator, which allows local users to bypass intended access restrictions and read keys via unspecified PKCS#11 API requests. |
| The nsAPI interface in Cisco Cloud Portal 9.1 SP1 and SP2, and 9.3 through 9.3.2, does not properly check privileges, which allows remote authenticated users to obtain sensitive information via a crafted URL, aka Bug ID CSCud81134. |
| The sandbox environment in the Google App Engine Python SDK before 1.5.4 does not properly prevent use of the os module, which allows local users to bypass intended access restrictions and execute arbitrary commands via a file_blob_storage.os reference within the code parameter to _ah/admin/interactive/execute, a different vulnerability than CVE-2011-1364. |
| The time-based ACL implementation on Cisco Adaptive Security Appliances (ASA) devices, and in Cisco Firewall Services Module (FWSM), does not properly handle periodic statements for the time-range command, which allows remote attackers to bypass intended access restrictions by sending network traffic during denied time periods, aka Bug IDs CSCuf79091 and CSCug45850. |
| Cerberus FTP Server before 4.0.3.0 allows remote authenticated users to list hidden files, even when the "Display hidden files" option is enabled, via the (1) MLSD or (2) MLST commands. |
| IBM DB2 9.7 before FP3 does not perform the expected drops or invalidations of dependent functions upon a loss of privileges by the functions' owners, which allows remote authenticated users to bypass intended access restrictions via calls to these functions, a different vulnerability than CVE-2009-3471. |
| IBM DB2 9.7 before FP3 does not properly enforce privilege requirements for execution of entries in the dynamic SQL cache, which allows remote authenticated users to bypass intended access restrictions by leveraging the cache to execute an UPDATE statement contained in a compiled compound SQL statement. |
| Mozilla Firefox before 7.0 and SeaMonkey before 2.4 do not properly restrict availability of motion data events, which makes it easier for remote attackers to read keystrokes by leveraging JavaScript code running in a background tab. |
| Symantec Norton AntiVirus 2011 does not properly interact with the processing of hcp:// URLs by the Microsoft Help and Support Center, which makes it easier for remote attackers to execute arbitrary code via malware that is correctly detected by this product, but with a detection approach that occurs too late to stop the code execution. NOTE: the researcher indicates that a vendor response was received, stating that this issue "falls into the work of our Firewall and not our AV (per our methodology of layers of defense)." |
