Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-31677PUBLISHED: 2022-07-06An issue was discovered in PESCMS-V2.3.3. There is a CSRF vulnerability that can modify admin and other members' passwords.
CVE-2021-31678PUBLISHED: 2022-07-06An issue was discovered in PESCMS-V2.3.3. There is a CSRF vulnerability that can delete import information about a user's company.
CVE-2021-31679PUBLISHED: 2022-07-06An issue was discovered in PESCMS-V2.3.3. There is a CSRF vulnerability that allows attackers to delete admin and other members' account numbers.
CVE-2021-37839PUBLISHED: 2022-07-06Apache Superset up to 1.5.1 allowed for authenticated users to access metadata information related to datasets they have no permission on. This metadata included the dataset name, columns and metrics.
CVE-2022-24138PUBLISHED: 2022-07-06
IOBit Advanced System Care (Asc.exe) 15 and Action Download Center both download components of IOBit suite into ProgramData folder, ProgramData folder has "rwx" permissions for unprivileged users. Low privilege users can use SetOpLock to wait for CreateProcess and switch the genuine compon...
User Rank: Apprentice
12/16/2020 | 10:21:11 PM