<?xml version="1.0" encoding="UTF-8"?><rss version="2.0"
	xmlns:content="http://purl.org/rss/1.0/modules/content/"
	xmlns:wfw="http://wellformedweb.org/CommentAPI/"
	xmlns:dc="http://purl.org/dc/elements/1.1/"
	xmlns:atom="http://www.w3.org/2005/Atom"
	xmlns:sy="http://purl.org/rss/1.0/modules/syndication/"
	xmlns:slash="http://purl.org/rss/1.0/modules/slash/"
	>

<channel>
	<title>CWE-863 Archives - CVE Vulnerability</title>
	<atom:link href="https://cvevulnerability.com/cwe_categories/cwe-863/feed/" rel="self" type="application/rss+xml" />
	<link>https://cvevulnerability.com/cwe_categories/cwe-863/</link>
	<description></description>
	<lastBuildDate>Sun, 26 Feb 2023 09:11:52 +0000</lastBuildDate>
	<language>en-US</language>
	<sy:updatePeriod>
	hourly	</sy:updatePeriod>
	<sy:updateFrequency>
	1	</sy:updateFrequency>
	<generator>https://wordpress.org/?v=7.0</generator>

<image>
	<url>https://cvevulnerability.com/wp-content/uploads/2023/02/cropped-Screenshot-2023-02-27-at-3.52.32-PM-32x32.png</url>
	<title>CWE-863 Archives - CVE Vulnerability</title>
	<link>https://cvevulnerability.com/cwe_categories/cwe-863/</link>
	<width>32</width>
	<height>32</height>
</image> 
	<item>
		<title>CVE-2008-7109</title>
		<link>https://cvevulnerability.com/cve_vulnerabilities/cve-2008-7109/</link>
		
		<dc:creator><![CDATA[]]></dc:creator>
		<pubDate>Sun, 26 Feb 2023 09:11:52 +0000</pubDate>
				<guid isPermaLink="false">https://www.cvevulnerability.com/cve_vulnerabilities/cve-2008-7109/</guid>

					<description><![CDATA[<p>The Scanner File Utility (aka listener) in Kyocera Mita (KM) 3.3.0.1 allows remote attackers to bypass authorization and upload arbitrary files to the client system via a modified program that does not prompt the user for a password.</p>
<p>The post <a rel="nofollow" href="https://cvevulnerability.com/cve_vulnerabilities/cve-2008-7109/">CVE-2008-7109</a> appeared first on <a rel="nofollow" href="https://cvevulnerability.com">CVE Vulnerability</a>.</p>
]]></description>
										<content:encoded><![CDATA[<p>The Scanner File Utility (aka listener) in Kyocera Mita (KM) 3.3.0.1 allows remote attackers to bypass authorization and upload arbitrary files to the client system via a modified program that does not prompt the user for a password.</p>
<p>The post <a rel="nofollow" href="https://cvevulnerability.com/cve_vulnerabilities/cve-2008-7109/">CVE-2008-7109</a> appeared first on <a rel="nofollow" href="https://cvevulnerability.com">CVE Vulnerability</a>.</p>
]]></content:encoded>
					
		
		
			</item>
		<item>
		<title>CVE-2008-6123</title>
		<link>https://cvevulnerability.com/cve_vulnerabilities/cve-2008-6123/</link>
		
		<dc:creator><![CDATA[]]></dc:creator>
		<pubDate>Sun, 26 Feb 2023 09:11:21 +0000</pubDate>
				<guid isPermaLink="false">https://www.cvevulnerability.com/cve_vulnerabilities/cve-2008-6123/</guid>

					<description><![CDATA[<p>The netsnmp_udp_fmtaddr function (snmplib/snmpUDPDomain.c) in net-snmp 5.0.9 through 5.4.2.1, when using TCP wrappers for client authorization, does not properly parse hosts.allow rules, which allows remote attackers to bypass intended access restrictions and execute SNMP queries, related to &#8220;source/destination IP address confusion.&#8221;</p>
<p>The post <a rel="nofollow" href="https://cvevulnerability.com/cve_vulnerabilities/cve-2008-6123/">CVE-2008-6123</a> appeared first on <a rel="nofollow" href="https://cvevulnerability.com">CVE Vulnerability</a>.</p>
]]></description>
										<content:encoded><![CDATA[<p>The netsnmp_udp_fmtaddr function (snmplib/snmpUDPDomain.c) in net-snmp 5.0.9 through 5.4.2.1, when using TCP wrappers for client authorization, does not properly parse hosts.allow rules, which allows remote attackers to bypass intended access restrictions and execute SNMP queries, related to &#8220;source/destination IP address confusion.&#8221;</p>
<p>The post <a rel="nofollow" href="https://cvevulnerability.com/cve_vulnerabilities/cve-2008-6123/">CVE-2008-6123</a> appeared first on <a rel="nofollow" href="https://cvevulnerability.com">CVE Vulnerability</a>.</p>
]]></content:encoded>
					
		
		
			</item>
		<item>
		<title>CVE-2008-4577</title>
		<link>https://cvevulnerability.com/cve_vulnerabilities/cve-2008-4577/</link>
		
		<dc:creator><![CDATA[]]></dc:creator>
		<pubDate>Sun, 26 Feb 2023 09:10:36 +0000</pubDate>
				<guid isPermaLink="false">https://www.cvevulnerability.com/cve_vulnerabilities/cve-2008-4577/</guid>

					<description><![CDATA[<p>The ACL plugin in Dovecot before 1.1.4 treats negative access rights as if they are positive access rights, which allows attackers to bypass intended access restrictions.</p>
<p>The post <a rel="nofollow" href="https://cvevulnerability.com/cve_vulnerabilities/cve-2008-4577/">CVE-2008-4577</a> appeared first on <a rel="nofollow" href="https://cvevulnerability.com">CVE Vulnerability</a>.</p>
]]></description>
										<content:encoded><![CDATA[<p>The ACL plugin in Dovecot before 1.1.4 treats negative access rights as if they are positive access rights, which allows attackers to bypass intended access restrictions.</p>
<p>The post <a rel="nofollow" href="https://cvevulnerability.com/cve_vulnerabilities/cve-2008-4577/">CVE-2008-4577</a> appeared first on <a rel="nofollow" href="https://cvevulnerability.com">CVE Vulnerability</a>.</p>
]]></content:encoded>
					
		
		
			</item>
		<item>
		<title>CVE-2008-3424</title>
		<link>https://cvevulnerability.com/cve_vulnerabilities/cve-2008-3424/</link>
		
		<dc:creator><![CDATA[]]></dc:creator>
		<pubDate>Sun, 26 Feb 2023 09:10:00 +0000</pubDate>
				<guid isPermaLink="false">https://www.cvevulnerability.com/cve_vulnerabilities/cve-2008-3424/</guid>

					<description><![CDATA[<p>Condor before 7.0.4 does not properly handle wildcards in the ALLOW_WRITE, DENY_WRITE, HOSTALLOW_WRITE, or HOSTDENY_WRITE configuration variables in authorization policy lists, which might allow remote attackers to bypass intended access restrictions.</p>
<p>The post <a rel="nofollow" href="https://cvevulnerability.com/cve_vulnerabilities/cve-2008-3424/">CVE-2008-3424</a> appeared first on <a rel="nofollow" href="https://cvevulnerability.com">CVE Vulnerability</a>.</p>
]]></description>
										<content:encoded><![CDATA[<p>Condor before 7.0.4 does not properly handle wildcards in the ALLOW_WRITE, DENY_WRITE, HOSTALLOW_WRITE, or HOSTDENY_WRITE configuration variables in authorization policy lists, which might allow remote attackers to bypass intended access restrictions.</p>
<p>The post <a rel="nofollow" href="https://cvevulnerability.com/cve_vulnerabilities/cve-2008-3424/">CVE-2008-3424</a> appeared first on <a rel="nofollow" href="https://cvevulnerability.com">CVE Vulnerability</a>.</p>
]]></content:encoded>
					
		
		
			</item>
		<item>
		<title>CVE-2008-0595</title>
		<link>https://cvevulnerability.com/cve_vulnerabilities/cve-2008-0595/</link>
		
		<dc:creator><![CDATA[]]></dc:creator>
		<pubDate>Sun, 26 Feb 2023 09:08:37 +0000</pubDate>
				<guid isPermaLink="false">https://www.cvevulnerability.com/cve_vulnerabilities/cve-2008-0595/</guid>

					<description><![CDATA[<p>dbus-daemon in D-Bus before 1.0.3, and 1.1.x before 1.1.20, recognizes send_interface attributes in allow directives in the security policy only for fully qualified method calls, which allows local users to bypass intended access restrictions via a method call with a NULL interface.</p>
<p>The post <a rel="nofollow" href="https://cvevulnerability.com/cve_vulnerabilities/cve-2008-0595/">CVE-2008-0595</a> appeared first on <a rel="nofollow" href="https://cvevulnerability.com">CVE Vulnerability</a>.</p>
]]></description>
										<content:encoded><![CDATA[<p>dbus-daemon in D-Bus before 1.0.3, and 1.1.x before 1.1.20, recognizes send_interface attributes in allow directives in the security policy only for fully qualified method calls, which allows local users to bypass intended access restrictions via a method call with a NULL interface.</p>
<p>The post <a rel="nofollow" href="https://cvevulnerability.com/cve_vulnerabilities/cve-2008-0595/">CVE-2008-0595</a> appeared first on <a rel="nofollow" href="https://cvevulnerability.com">CVE Vulnerability</a>.</p>
]]></content:encoded>
					
		
		
			</item>
		<item>
		<title>CVE-2007-2586</title>
		<link>https://cvevulnerability.com/cve_vulnerabilities/cve-2007-2586/</link>
		
		<dc:creator><![CDATA[]]></dc:creator>
		<pubDate>Sun, 26 Feb 2023 09:06:22 +0000</pubDate>
				<guid isPermaLink="false">https://www.cvevulnerability.com/cve_vulnerabilities/cve-2007-2586/</guid>

					<description><![CDATA[<p>The FTP Server in Cisco IOS 11.3 through 12.4 does not properly check user authorization, which allows remote attackers to execute arbitrary code, and have other impact including reading startup-config, as demonstrated by a crafted MKD command that involves access to a VTY device and overflows a buffer, aka bug ID CSCek55259.</p>
<p>The post <a rel="nofollow" href="https://cvevulnerability.com/cve_vulnerabilities/cve-2007-2586/">CVE-2007-2586</a> appeared first on <a rel="nofollow" href="https://cvevulnerability.com">CVE Vulnerability</a>.</p>
]]></description>
										<content:encoded><![CDATA[<p>The FTP Server in Cisco IOS 11.3 through 12.4 does not properly check user authorization, which allows remote attackers to execute arbitrary code, and have other impact including reading startup-config, as demonstrated by a crafted MKD command that involves access to a VTY device and overflows a buffer, aka bug ID CSCek55259.</p>
<p>The post <a rel="nofollow" href="https://cvevulnerability.com/cve_vulnerabilities/cve-2007-2586/">CVE-2007-2586</a> appeared first on <a rel="nofollow" href="https://cvevulnerability.com">CVE Vulnerability</a>.</p>
]]></content:encoded>
					
		
		
			</item>
		<item>
		<title>CVE-2018-9488</title>
		<link>https://cvevulnerability.com/cve_vulnerabilities/cve-2018-9488/</link>
		
		<dc:creator><![CDATA[]]></dc:creator>
		<pubDate>Sun, 26 Feb 2023 06:51:49 +0000</pubDate>
				<guid isPermaLink="false">https://www.cvevulnerability.com/cve_vulnerabilities/cve-2018-9488/</guid>

					<description><![CDATA[<p>In the SELinux permissions of crash_dump.te, there is a permissions bypass due to a missing restriction. This could lead to a local escalation of privilege, with System privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-8.0 Android-8.1 Android-9.0 Android ID: A-110107376.</p>
<p>The post <a rel="nofollow" href="https://cvevulnerability.com/cve_vulnerabilities/cve-2018-9488/">CVE-2018-9488</a> appeared first on <a rel="nofollow" href="https://cvevulnerability.com">CVE Vulnerability</a>.</p>
]]></description>
										<content:encoded><![CDATA[<p>In the SELinux permissions of crash_dump.te, there is a permissions bypass due to a missing restriction. This could lead to a local escalation of privilege, with System privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-8.0 Android-8.1 Android-9.0 Android ID: A-110107376.</p>
<p>The post <a rel="nofollow" href="https://cvevulnerability.com/cve_vulnerabilities/cve-2018-9488/">CVE-2018-9488</a> appeared first on <a rel="nofollow" href="https://cvevulnerability.com">CVE Vulnerability</a>.</p>
]]></content:encoded>
					
		
		
			</item>
		<item>
		<title>CVE-2018-9492</title>
		<link>https://cvevulnerability.com/cve_vulnerabilities/cve-2018-9492/</link>
		
		<dc:creator><![CDATA[]]></dc:creator>
		<pubDate>Sun, 26 Feb 2023 06:51:49 +0000</pubDate>
				<guid isPermaLink="false">https://www.cvevulnerability.com/cve_vulnerabilities/cve-2018-9492/</guid>

					<description><![CDATA[<p>In checkGrantUriPermissionLocked of ActivityManagerService.java, there is a possible permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-8.0 Android-8.1 Android-9.0 Android ID: A-111934948</p>
<p>The post <a rel="nofollow" href="https://cvevulnerability.com/cve_vulnerabilities/cve-2018-9492/">CVE-2018-9492</a> appeared first on <a rel="nofollow" href="https://cvevulnerability.com">CVE Vulnerability</a>.</p>
]]></description>
										<content:encoded><![CDATA[<p>In checkGrantUriPermissionLocked of ActivityManagerService.java, there is a possible permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-8.0 Android-8.1 Android-9.0 Android ID: A-111934948</p>
<p>The post <a rel="nofollow" href="https://cvevulnerability.com/cve_vulnerabilities/cve-2018-9492/">CVE-2018-9492</a> appeared first on <a rel="nofollow" href="https://cvevulnerability.com">CVE Vulnerability</a>.</p>
]]></content:encoded>
					
		
		
			</item>
		<item>
		<title>CVE-2018-8927</title>
		<link>https://cvevulnerability.com/cve_vulnerabilities/cve-2018-8927/</link>
		
		<dc:creator><![CDATA[]]></dc:creator>
		<pubDate>Sun, 26 Feb 2023 06:51:40 +0000</pubDate>
				<guid isPermaLink="false">https://www.cvevulnerability.com/cve_vulnerabilities/cve-2018-8927/</guid>

					<description><![CDATA[<p>Improper authorization vulnerability in SYNO.Cal.Event in Calendar before 2.1.2-0511 allows remote authenticated users to create arbitrary events via the (1) cal_id or (2) original_cal_id parameter.</p>
<p>The post <a rel="nofollow" href="https://cvevulnerability.com/cve_vulnerabilities/cve-2018-8927/">CVE-2018-8927</a> appeared first on <a rel="nofollow" href="https://cvevulnerability.com">CVE Vulnerability</a>.</p>
]]></description>
										<content:encoded><![CDATA[<p>Improper authorization vulnerability in SYNO.Cal.Event in Calendar before 2.1.2-0511 allows remote authenticated users to create arbitrary events via the (1) cal_id or (2) original_cal_id parameter.</p>
<p>The post <a rel="nofollow" href="https://cvevulnerability.com/cve_vulnerabilities/cve-2018-8927/">CVE-2018-8927</a> appeared first on <a rel="nofollow" href="https://cvevulnerability.com">CVE Vulnerability</a>.</p>
]]></content:encoded>
					
		
		
			</item>
		<item>
		<title>CVE-2018-8724</title>
		<link>https://cvevulnerability.com/cve_vulnerabilities/cve-2018-8724/</link>
		
		<dc:creator><![CDATA[]]></dc:creator>
		<pubDate>Sun, 26 Feb 2023 06:51:34 +0000</pubDate>
				<guid isPermaLink="false">https://www.cvevulnerability.com/cve_vulnerabilities/cve-2018-8724/</guid>

					<description><![CDATA[<p>K7Computing Pvt Ltd K7AntiVirus Premium 15.1.0.53 is affected by: Incorrect Access Control. The impact is: gain privileges (local). The component is: K7TSMngr.exe.</p>
<p>The post <a rel="nofollow" href="https://cvevulnerability.com/cve_vulnerabilities/cve-2018-8724/">CVE-2018-8724</a> appeared first on <a rel="nofollow" href="https://cvevulnerability.com">CVE Vulnerability</a>.</p>
]]></description>
										<content:encoded><![CDATA[<p>K7Computing Pvt Ltd K7AntiVirus Premium 15.1.0.53 is affected by: Incorrect Access Control. The impact is: gain privileges (local). The component is: K7TSMngr.exe.</p>
<p>The post <a rel="nofollow" href="https://cvevulnerability.com/cve_vulnerabilities/cve-2018-8724/">CVE-2018-8724</a> appeared first on <a rel="nofollow" href="https://cvevulnerability.com">CVE Vulnerability</a>.</p>
]]></content:encoded>
					
		
		
			</item>
	</channel>
</rss>
