Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
acl vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2001-0865
Cisco 12000 with IOS 12.0 and line cards based on Engine 2 does not support the "fragment" keyword in an outgoing ACL, which could allow fragmented packets in violation of the intended access.
Cisco 12000 Router
9.8
CVSSv3
CVE-2020-29006
MISP prior to 2.4.135 lacks an ACL check, related to app/Controller/GalaxyElementsController.php and app/Model/GalaxyElement.php.
Misp Misp
7.8
CVSSv3
CVE-2021-23177
An improper link resolution flaw while extracting an archive can lead to changing the access control list (ACL) of the target of the link. An attacker may provide a malicious archive to a victim user, who would trigger this flaw when trying to extract the archive. A local attacke...
Libarchive Libarchive
Fedoraproject Fedora 35
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux For Power Little Endian 8.0
Redhat Enterprise Linux For Ibm Z Systems 8.0
Redhat Enterprise Linux Server For Power Little Endian Update Services For Sap Solutions 8.6
Redhat Enterprise Linux For Ibm Z Systems Eus 8.6
Redhat Enterprise Linux Server Aus 8.6
Redhat Enterprise Linux Server Tus 8.6
Redhat Enterprise Linux Eus 8.6
Redhat Enterprise Linux For Power Little Endian Eus 8.6
Redhat Codeready Linux Builder -
Debian Debian Linux 10.0
NA
CVE-2001-0867
Cisco 12000 with IOS 12.0 and line cards based on Engine 2 does not properly filter does not properly filter packet fragments even when the "fragment" keyword is used in an ACL, which allows remote malicious users to bypass the intended access controls.
Cisco 12000 Router
5.3
CVSSv3
CVE-2022-47543
An issue exists in Siren Investigate prior to 12.1.7. There is an ACL bypass on global objects.
Siren Investigate
6.5
CVSSv3
CVE-2021-3667
An improper locking issue was found in the virStoragePoolLookupByTargetPath API of libvirt. It occurs in the storagePoolLookupByTargetPath function where a locked virStoragePoolObj object is not properly released on ACL permission failure. Clients connecting to the read-write soc...
Redhat Libvirt
Redhat Enterprise Linux 8.0
Netapp Ontap Select Deploy Administration Utility -
6.5
CVSSv3
CVE-2017-18478
In cPanel prior to 62.0.4 incorrect ACL checks could occur in xml-api for Rearrange Account actions (SEC-207).
Cpanel Cpanel
9.8
CVSSv3
CVE-2020-15411
An issue exists in MISP 2.4.128. app/Controller/AttributesController.php has insufficient ACL checks in the attachment downloader.
Misp Misp 2.4.128
7.5
CVSSv3
CVE-2019-9713
An issue exists in Joomla! prior to 3.9.4. The sample data plugins lack ACL checks, allowing unauthorized access.
Joomla Joomla\\!
NA
CVE-2010-3304
The ACL plugin in Dovecot 1.2.x prior to 1.2.13 propagates INBOX ACLs to newly created mailboxes in certain configurations, which might allow remote malicious users to read mailboxes that have unintended weak ACLs.
Dovecot Dovecot 1.2.2
Dovecot Dovecot 1.2.3
Dovecot Dovecot 1.2.12
Dovecot Dovecot 1.2.10
Dovecot Dovecot 1.2.11
Dovecot Dovecot 1.2.8
Dovecot Dovecot 1.2.9
Dovecot Dovecot 1.2.4
Dovecot Dovecot 1.2.5
Dovecot Dovecot 1.2.0
Dovecot Dovecot 1.2.1
Dovecot Dovecot 1.2.6
Dovecot Dovecot 1.2.7
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »