30 matches found
CVE-2025-36438
IBM Concert 1.0.0 through 2.2.0 could allow a privileged user to perform unauthorized actions due to improper restriction of channel communication to intended endpoints...
CVE-2025-36438 Multiple Vulnerabilities in IBM Concert Software
IBM Concert 1.0.0 through 2.2.0 could allow a privileged user to perform unauthorized actions due to improper restriction of channel communication to intended endpoints...
EUVD-2025-208895
An improper restriction of communication channel to intended endpoints vulnerability has been reported to affect QHora. If an attacker gains physical access, they can then exploit the vulnerability to gain the privileges that were intended for the original endpoint. We have already fixed the...
CVE-2025-62843 QuRouter
An improper restriction of communication channel to intended endpoints vulnerability has been reported to affect QHora. If an attacker gains physical access, they can then exploit the vulnerability to gain the privileges that were intended for the original endpoint. We have already fixed the...
CVE-2025-62843
CVE-2025-62843 affects QHora/QuRouter where an improper restriction of a communication channel to intended endpoints allows a user with physical access to gain privileges intended for the original endpoint. The issue is fixed in QuRouter 2.6.3.009 and later. The CVSS-like metrics indicate physica...
PT-2026-26633
Name of the Vulnerable Software and Affected Versions QHora versions prior to 2.6.3.009 Description An issue exists in QHora where an improper restriction of communication channels to intended endpoints can allow an attacker with physical access to gain elevated privileges. The issue was exploite...
CVE-2026-23664
Improper restriction of communication channel to intended endpoints in Azure IoT Explorer allows an unauthorized attacker to disclose information over a network...
CVE-2025-58742
Insufficiently Protected Credentials, Improper Restriction of Communication Channel to Intended Endpoints vulnerability in the Connection Settings dialog in Milner ImageDirector Capture on Windows allows Adversary in the Middle AiTM by modifying the 'Server' field to redirect client...
CVE-2025-33176
NVIDIA RunAI for all platforms is affected by a vulnerability allowing improper restriction of adjacent network communication channels. The issue could enable privilege escalation, data tampering, and information disclosure. Public-enriched sources (NVIDIA security bulletin and Red Hat advisory) ...
PT-2025-45038
Name of the Vulnerable Software and Affected Versions NVIDIA RunAI affected versions not specified Description The software contains a flaw that could allow a user to improperly restrict communications channels on a neighboring network. Exploitation of this issue may result in privilege escalatio...
EUVD-2025-27373
Malicious code in bioql PyPI...
PowerShell Direct Elevation of Privilege Vulnerability
Improper restriction of communication channel to intended endpoints in Windows PowerShell allows an authorized attacker to elevate privileges locally...
CVE-2025-48807
Improper restriction of communication channel to intended endpoints in Windows Hyper-V allows an authorized attacker to execute code locally...
CVE-2025-48807
Improper restriction of communication channel to intended endpoints in Windows Hyper-V allows an authorized attacker to execute code locally...
Windows Hyper-V Remote Code Execution Vulnerability
Improper restriction of communication channel to intended endpoints in Windows Hyper-V allows an authorized attacker to execute code locally...
CVE-2025-22251
An improper restriction of communication channel to intended endpoints vulnerability CWE-923 in FortiOS 7.6.0, 7.4.0 through 7.4.5, 7.2 all versions, 7.0 all versions, 6.4 all versions may allow an unauthenticated attacker to inject unauthorized sessions via crafted FGSP session synchronization...
PT-2025-25282 · Unknown · Updatenaviinstallservice Service +1
Name of the Vulnerable Software and Affected Versions: UpdateNavi versions 1.4 L10 through 1.4 L33 UpdateNaviInstallService Service versions 1.2.0091 through 1.2.0125 Description: The issue exists due to improper restriction of communication channel to intended endpoints. If a local authenticated...
CVE-2025-22251
An improper restriction of communication channel to intended endpoints vulnerability CWE-923 in FortiOS 7.6.0, 7.4.0 through 7.4.5, 7.2 all versions, 7.0 all versions, 6.4 all versions may allow an unauthenticated attacker to inject unauthorized sessions via crafted FGSP session synchronization...
CVE-2025-22251
FortiOS CVE-2025-22251: An improper restriction of the FGSP session synchronization channel allows an unauthenticated attacker to inject unauthorized sessions. Affected FortiOS versions are 7.6.0, 7.4.0–7.4.5, 7.2 all versions, 7.0 all versions, and 6.4 all versions. This CWE-923 issue can enable...
CVE-2025-23178
CWE-923: Improper Restriction of Communication Channel to Intended Endpoints...