CVE-2023-47250

HIGH Year: 2023
CVSS v3 Score
8.8
High
Weakness Type
CWE-276
View all →

Vulnerability Description

In mprivacy-tools before 2.0.406g in m-privacy TightGate-Pro Server, broken Access Control on X11 server sockets allows authenticated attackers (with access to a VNC session) to access the X11 desktops of other users by specifying their DISPLAY ID. This allows complete control of their desktop, including the ability to inject keystrokes and perform a keylogging attack.

Related Vulnerabilities

CVE-2006-5014

HIGH
CVSS:8.8(High)

Unspecified vulnerability in cPanel before 10.9.0 12 Tree allows remote authenticated users to gain privileges via unspecified vectors in (1) mysqladmin and (2) hooksadmin.

CWE-2762006

CVE-2012-4434

HIGH
CVSS:8.8(High)

fwknop before 2.0.3 allow remote authenticated users to cause a denial of service (server crash) or possibly execute arbitrary code.

CWE-2762012

CVE-2014-2721

HIGH
CVSS:8.8(High)

In FortiBalancer 400, 1000, 2000 and 3000, a platform-specific remote access vulnerability has been discovered that may allow a remote user to gain privileged access to affected systems using SSH. The...

CWE-2762014

CVE-2014-2722

HIGH
CVSS:8.8(High)

In FortiBalancer 400, 1000, 2000 and 3000, a platform-specific remote access vulnerability has been discovered that may allow a remote user to gain privileged access to affected systems using SSH. The...

CWE-2762014

CVE-2014-2723

HIGH
CVSS:8.8(High)

In FortiBalancer 400, 1000, 2000 and 3000, a platform-specific remote access vulnerability has been discovered that may allow a remote user to gain privileged access to affected systems using SSH. The...

CWE-2762014

CVE-2015-9474

HIGH
CVSS:8.8(High)

The Simpolio theme 1.3.2 for WordPress has insufficient restrictions on option updates.

CWE-2762015