| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Software for Open Networking in the Cloud (SONiC) Elevation of Privilege Vulnerability |
| Microsoft Authenticator Elevation of Privilege Vulnerability |
| Azure Data Studio Elevation of Privilege Vulnerability |
| Microsoft Intune Linux Agent Elevation of Privilege Vulnerability |
| Windows Kerberos Security Feature Bypass Vulnerability |
| Azure CycleCloud Elevation of Privilege Vulnerability |
| Microsoft Defender for IoT Elevation of Privilege Vulnerability |
| Microsoft Defender for IoT Elevation of Privilege Vulnerability |
| Azure Arc-enabled Kubernetes Extension Cluster-Scope Elevation of Privilege Vulnerability |
| Proxy Driver Spoofing Vulnerability |
| Microsoft Azure Kubernetes Service Confidential Container Elevation of Privilege Vulnerability |
| Secure Boot Security Feature Bypass Vulnerability |
| Azure Compute Gallery Elevation of Privilege Vulnerability |
| Azure Migrate Remote Code Execution Vulnerability |
| Microsoft Intune for Android Mobile Application Management Tampering Vulnerability |
|
Broken access controls on PDFtron WebviewerUI in M-Files Hubshare before 3.3.11.3 allows unauthenticated attackers to upload malicious files to the application server.
|
| In Mahara 21.04 before 21.04.7, 21.10 before 21.10.5, 22.04 before 22.04.3, and 22.10 before 22.10.0, embedded images are accessible without a sufficient permission check under certain conditions. |
| A vulnerability classified as critical was found in D-Link DIR-816 A2 1.10CNB05_R1B011D88210. This vulnerability affects unknown code of the file /goform/DDNS of the component DDNS Service. The manipulation leads to improper access controls. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. |
| A vulnerability, which was classified as critical, has been found in D-Link DIR-816 A2 1.10CNB05_R1B011D88210. This issue affects some unknown processing of the file /goform/form2AddVrtsrv.cgi of the component Virtual Service Handler. The manipulation leads to improper access controls. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. |
| A vulnerability, which was classified as critical, was found in D-Link DIR-816 A2 1.10CNB05_R1B011D88210. Affected is an unknown function of the file /goform/form2AdvanceSetup.cgi of the component WiFi Settings Handler. The manipulation leads to improper access controls. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. |
