| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| GLPI is a Free Asset and IT Management Software package, Data center management, ITIL Service Desk, licenses tracking and software auditing. An authenticated user can obtain the email address of all GLPI users. This issue has been patched in version 10.0.13.
|
| GLPI is a Free Asset and IT Management Software package, Data center management, ITIL Service Desk, licenses tracking and software auditing. An authenticated user can access sensitive fields data from items on which he has read access. This issue has been patched in version 10.0.13. |
| A vulnerability classified as problematic has been found in Beijing Yunfan Internet Technology Yunfan Learning Examination System 1.9.2. Affected is an unknown function of the file src/main/java/com/yf/exam/modules/paper/controller/PaperController.java, of the component Exam Answer Handler. The manipulation leads to information disclosure. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. |
| Azure DevOps Server Spoofing Vulnerability |
| Windows DPAPI (Data Protection Application Programming Interface) Spoofing Vulnerability |
| Windows Group Policy Security Feature Bypass Vulnerability |
| Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability |
| Windows Server Service Security Feature Bypass Vulnerability |
| Windows Collaborative Translation Framework Elevation of Privilege Vulnerability |
| Microsoft OneNote Elevation of Privilege Vulnerability |
| Windows Kerberos Elevation of Privilege Vulnerability |
| Azure App Service on Azure Stack Hub Elevation of Privilege Vulnerability |
| Windows Backup Service Elevation of Privilege Vulnerability |
| Windows Kernel Elevation of Privilege Vulnerability |
| Windows SMB Witness Service Elevation of Privilege Vulnerability |
| Azure Service Fabric Container Elevation of Privilege Vulnerability |
| Microsoft Office Visio Remote Code Execution Vulnerability |
| Improper authorization in Dynamics 365 Business Central resulted in a vulnerability that allows an authenticated attacker to elevate privileges over a network. |
| Microsoft Power Automate Desktop Remote Code Execution Vulnerability |
| Windows Remote Desktop Licensing Service Denial of Service Vulnerability |