Lucene search
+L

4 matches found

redhat
redhat
added 2026/07/01 5:33 p.m.7 views

foreman: Foreman: Privilege escalation to administrator-level access via usergroup role assignment manipulation

A flaw was found in Foreman. The Usergroup model in Foreman does not properly validate role assignments against the calling user's permissions. This allows an authenticated user with usergroup management permissions to attach arbitrary roles, including administrative roles, to a user group and th...

8.8CVSS5.8AI score0.00297EPSS
Exploits0References4
redhatcve
redhatcve
added 2025/09/27 9:42 a.m.7 views

CVE-2025-7691

A privilege escalation issue has been discovered in GitLab EE affecting all versions from 16.6 prior to 18.2.7, 18.3 prior to 18.3.3, and 18.4 prior to 18.4.1 that could have allowed a developer with specific group management permissions to escalate their privileges and obtain unauthorized access...

8.8CVSS7.2AI score0.00347EPSS
Exploits0References1
cvelist
cvelist
added 2025/09/26 9:5 a.m.8 views

CVE-2025-7691 Privilege Defined With Unsafe Actions in GitLab

A privilege escalation issue has been discovered in GitLab EE affecting all versions from 16.6 prior to 18.2.7, 18.3 prior to 18.3.3, and 18.4 prior to 18.4.1 that could have allowed a developer with specific group management permissions to escalate their privileges and obtain unauthorized access...

6.5CVSS0.00347EPSS
Exploits0References2
ptsecurity
ptsecurity
added 2025/09/25 12:0 a.m.3 views

PT-2025-39627

Name of the Vulnerable Software and Affected Versions GitLab EE versions 16.6 through 18.2.6 GitLab EE versions 18.3 through 18.3.2 GitLab EE versions 18.4 through 18.4.0 Description A privilege escalation issue exists in GitLab EE. A developer possessing specific group management permissions may...

9CVSS7.2AI score0.00347EPSS
Exploits0References10
Rows per page
Query Builder