• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-732

CVE-2021-40343

February 23, 2023 by

An issue was discovered in Nagios XI 5.8.5. Insecure file permissions on the nagios_unbundler.py file allow the nagios user to elevate their privileges to the root user.

CVE-2021-40101

February 23, 2023 by

An issue was discovered in Concrete CMS before 8.5.7. The Dashboard allows a user’s password to be changed without a prompt for the current password.

CVE-2021-40066

February 23, 2023 by

The access controls on the Mobility read-only API improperly validate user access permissions. Attackers with both network access to the API and valid credentials can read data from it; regardless of access control group membership settings. This vulnerability is fixed in Mobility v11.76 and Mobility v12.14.

CVE-2021-40067

February 23, 2023 by

The access controls on the Mobility read-write API improperly validate user access permissions; this API is disabled by default. If the API is manually enabled, attackers with both network access to the API and valid credentials can read and write data to it; regardless of access control group membership settings. This vulnerability is fixed in Mobility v12.14.

CVE-2021-39992

February 23, 2023 by

There is an improper security permission configuration vulnerability on ACPU.Successful exploitation of this vulnerability may affect service confidentiality, integrity, and availability.

CVE-2021-39868

February 23, 2023 by

In all versions of GitLab CE/EE since version 8.12, an authenticated low-privileged malicious user may create a project with unlimited repository size by modifying values in a project export.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 99
  • Go to page 100
  • Go to page 101
  • Go to page 102
  • Go to page 103
  • Interim pages omitted …
  • Go to page 144
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE