3975 matches found
CVE-2026-22267
Dell PowerProtect Data Manager, versions prior to 19.22, contains an Incorrect Privilege Assignment vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Elevation of privileges...
CVE-2026-22268
Dell PowerProtect Data Manager, versions prior to 19.22, contains an Incorrect Privilege Assignment vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to denial of service of a Dell Enterprise Support connection...
PT-2026-20779
Dell PowerProtect Data Manager, versions prior to 19.22, contains an Incorrect Privilege Assignment vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Elevation of privileges...
FLIR Systems AX8 Cameras Incorrect Privilege Assignment (CVE-2024-3013)
A flaw has been found in Teledyne FLIR AX8 up to 1.46.16. The impacted element is an unknown function of the file /tools/testlogin.php?action=register of the component User Registration. Executing manipulation can lead to improper authorization. The attack may be performed from remote. The exploi...
CVE-2013-5629
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: A public posting on 20130831 referenced this ID for a specific issue, but that issue had not been assigned this ID by any CNA. Notes: The posting will later have IDs assigned in accordance with CVE content decisions...
CVE-2013-5621
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: A public posting on 20130831 referenced this ID for a specific issue, but that issue had not been assigned this ID by any CNA. Notes: The posting will later have IDs assigned in accordance with CVE content decisions...
CVE-2025-61969
Incorrect permission assignment in AMD µProf may allow a local user-privileged attacker to achieve privilege escalation, potentially resulting in arbitrary code execution...
CVE-2026-25057
MarkUs is a web application for the submission and grading of student assignments. Prior to 2.9.1, instructors are able to upload a zip file to create an assignment from an exported configuration courses//assignments/uploadconfigfiles. The uploaded zip file entry names are used to create paths to...
CVE-2026-24885
Kanboard (Kanban project management software) is affected by a CSRF flaw in the ProjectPermissionController prior to version 1.2.50. The root cause is the server not strictly enforcing Content-Type: application/json for the changeUserRole action, accepting text/plain despite a JSON body. This all...
CVE-2026-24885 Kanboard Affected by Cross-Site Request Forgery (CSRF) via Content-Type Misconfiguration in Project Role Assignment
Kanboard is project management software focused on Kanban methodology. Prior to 1.2.50, a Cross-Site Request Forgery CSRF vulnerability exists in the ProjectPermissionController within the Kanboard application. The application fails to strictly enforce the application/json Content-Type for the...
AMD µProf Vulnerability
CVE Details Refer to Glossary for explanation of terms CVE| CVE Description| CVSS Score ---|---|--- CVE-2025-61969| Incorrect permission assignment in AMD µProf performance analysis tool-suite may allow a local user-privileged attacker to achieve privilege escalation, potentially resulting in...
CVE-2026-25057
MarkUs is a web application for the submission and grading of student assignments. Prior to 2.9.1, instructors are able to upload a zip file to create an assignment from an exported configuration courses//assignments/uploadconfigfiles. The uploaded zip file entry names are used to create paths to...
CVE-2026-25057 Zip Slip in MarkUs config upload allowing RCE
MarkUs is a web application for the submission and grading of student assignments. Prior to 2.9.1, instructors are able to upload a zip file to create an assignment from an exported configuration courses//assignments/uploadconfigfiles. The uploaded zip file entry names are used to create paths to...
CVE-2026-25057
MarkUs is a web application for the submission and grading of student assignments. Prior to 2.9.1, instructors are able to upload a zip file to create an assignment from an exported configuration courses//assignments/uploadconfigfiles. The uploaded zip file entry names are used to create paths to...
Incorrect Privilege Assignment
Overview org.keycloak:keycloak-services is an open source identity and access management solution for modern applications and services. Affected versions of this package are vulnerable to Incorrect Privilege Assignment due to insufficient ownership verification in the UserManagedPermissionService...
PT-2026-7132
Name of the Vulnerable Software and Affected Versions MarkUs versions prior to 2.9.1 Description MarkUs is a web application used for submitting and grading student assignments. Prior to version 2.9.1, instructors could upload a zip file to create an assignment from an exported configuration via...
Integer Overflow or Wraparound
Overview Affected versions of this package are vulnerable to Integer Overflow or Wraparound due to an arithmetic overflow in the network policy priority assignment process. An attacker can cause incorrect traffic enforcement by creating a large number of policies with various priority values...
Exploit for Expression Language Injection in Siemens 6Bk1602-0Aa12-0Tp0_Firmware
ButtF - Backend Misconfiguration & Logic Flaw Exploitation Too...
Exploit for CVE-2025-2304
CVE-2025-2304 - Camaleon CMS 2.9.0 - Privilege Escalation Expl...
Exploit for CVE-2025-2304
Exploit-for-CVE-2025-2304 usage: exploit.py -h --url URL --...