| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Windows Defender Remote Credential Guard Elevation of Privilege Vulnerability |
| in OpenHarmony v3.2.4 and prior versions allow a local attacker cause apps crash through get permission. |
| A vulnerability classified as critical was found in Beijing Yunfan Internet Technology Yunfan Learning Examination System 1.9.2. Affected by this vulnerability is an unknown functionality of the file src/main/java/com/yf/exam/modules/sys/user/controller/SysUserControl of the component JWT Token Handler. The manipulation leads to improper authentication. The attack can be launched remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. |
| A vulnerability was found in Beijing Yunfan Internet Technology Yunfan Learning Examination System 1.9.2. It has been rated as critical. This issue affects some unknown processing of the file /doc.html. The manipulation leads to improper authorization. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. |
| GLPI is a Free Asset and IT Management Software package, Data center management, ITIL Service Desk, licenses tracking and software auditing. An authenticated user can obtain the email address of all GLPI users. This issue has been patched in version 10.0.13.
|
| GLPI is a Free Asset and IT Management Software package, Data center management, ITIL Service Desk, licenses tracking and software auditing. An authenticated user can access sensitive fields data from items on which he has read access. This issue has been patched in version 10.0.13. |
| A vulnerability classified as problematic has been found in Beijing Yunfan Internet Technology Yunfan Learning Examination System 1.9.2. Affected is an unknown function of the file src/main/java/com/yf/exam/modules/paper/controller/PaperController.java, of the component Exam Answer Handler. The manipulation leads to information disclosure. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. |
| Azure DevOps Server Spoofing Vulnerability |
| Windows DPAPI (Data Protection Application Programming Interface) Spoofing Vulnerability |
| Windows Group Policy Security Feature Bypass Vulnerability |
| Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability |
| Windows Server Service Security Feature Bypass Vulnerability |
| Windows Collaborative Translation Framework Elevation of Privilege Vulnerability |
| Microsoft OneNote Elevation of Privilege Vulnerability |
| Windows Kerberos Elevation of Privilege Vulnerability |
| Azure App Service on Azure Stack Hub Elevation of Privilege Vulnerability |
| Windows Backup Service Elevation of Privilege Vulnerability |
| Windows Kernel Elevation of Privilege Vulnerability |
| Windows SMB Witness Service Elevation of Privilege Vulnerability |
| Azure Service Fabric Container Elevation of Privilege Vulnerability |
