CWE-842
9 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-842page 1 of 1
- CVE-2022-2989HIGHCVSS 7.1EG 7.12022-09-13
An incorrect handling of the supplementary groups in the Podman container engine might lead to the sensitive information disclosure or possible data modification if an attacker has direct access to the affected container where supplementar…
- CVE-2022-2990HIGHCVSS 7.1EG 7.12022-09-13
An incorrect handling of the supplementary groups in the Buildah container engine might lead to the sensitive information disclosure or possible data modification if an attacker has direct access to the affected container where supplementa…
- CVE-2022-31007MEDIUMCVSS 4.9EG 4.92022-05-31
eLabFTW is an electronic lab notebook manager for research teams. Prior to version 4.3.0, a vulnerability allows an authenticated user with an administrator role in a team to assign itself system administrator privileges within the applica…
- CVE-2022-3650HIGHCVSS 7.8EG 7.82023-01-17
A privilege escalation flaw was found in Ceph. Ceph-crash.service allows a local attacker to escalate privileges to root in the form of a crash dump, and dump privileged information.
- CVE-2022-45097MEDIUMCVSS 6.3EG 8.82023-02-01
Dell PowerScale OneFS 9.0.0.x-9.4.0.x contains an Incorrect User Management vulnerability. A low privileged network attacker could potentially exploit this vulnerability, leading to escalation of privileges, and information disclosure. …
- CVE-2023-25575HIGHCVSS 7.7EG 7.72023-02-28
API Platform Core is the server component of API Platform: hypermedia and GraphQL APIs. Resource properties secured with the `security` option of the `ApiPlatform\Metadata\ApiProperty` attribute can be disclosed to unauthorized users. The …
- CVE-2024-10082HIGHCVSS 8.7EG 8.72024-11-06
CodeChecker is an analyzer tooling, defect database and viewer extension for the Clang Static Analyzer and Clang Tidy. Authentication method confusion allows logging in as the built-in root user from an external service. The built-in root…
- CVE-2024-25632HIGHCVSS 8.6EG 8.62024-10-01
eLabFTW is an open source electronic lab notebook for research labs. In the context of eLabFTW, an administrator is a user account with certain privileges to manage users and content in their assigned team/teams. A user may be an administr…
- CVE-2024-9412HIGHCVSS 8.4EG 0.02024-10-08
An improper authorization vulnerability exists in the Rockwell Automation affected products that could allow an unauthorized user to sign in. While removal of all role mappings is unlikely, it could occur in the case of unexpected or accid…
Map vulnerabilities like CWE-842 to your infrastructure
EchelonGraph correlates every CVE — across CWE-842 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →