Incorrect User Management

Overview Affected versions of this package are vulnerable to Incorrect User Management via the session function. An attacker can gain unauthorized access to sensitive operations and escalate privileges by bypassing the intended verification step during authenticated sessions. Remediation Upgrade...

EUVD-2025-10307

Malicious code in bioql PyPI...

Incorrect User Management

Overview thorsten/phpmyfaq is a FAQ system for PHP and MySQL, PostgreSQL and other databases Affected versions of this package are vulnerable to Incorrect User Management due to allowing multiple accounts connected to the same email address. An attacker can cause account ambiguity by registering...

Incorrect User Management

Overview jeecgboot-vue3 is an Agent =============== 当前最新版本： 3.8.1（预计发布时间：2025-04-21） Affected versions of this package are vulnerable to Incorrect User Management via the sendMsg function in the /message/sysMessageTemplate/sendMsg path. An attacker can gain unauthorized access to sensitive...

CVE-2024-46671

An Incorrect User Management vulnerability CWE-286 in FortiWeb version 7.6.2 and below, version 7.4.6 and below, version 7.2.10 and below, version 7.0.11 and below widgets dashboard may allow an authenticated attacker with at least read-only admin permission to perform operations on the dashboard...

Incorrect User Management

Overview org.keycloak:keycloak-services is an open source identity and access management solution for modern applications and services. Affected versions of this package are vulnerable to Incorrect User Management in oidc/OrganizationMembershipMapper.java, which relies on matching the domain of a...

PT-2025-15427 · Fortinet · Fortiweb

Name of the Vulnerable Software and Affected Versions: FortiWeb versions 7.6.2 and below FortiWeb versions 7.4.6 and below FortiWeb versions 7.2.10 and below FortiWeb versions 7.0.11 and below Description: The issue is related to Incorrect User Management, allowing an authenticated attacker with ...

Incorrect User Management

github.com/ubuntu/authd is vulnerable to Incorrect User Management. The vulnerability is due to insufficient randomization of user IDs, allowing a local attacker to register usernames and spoof another user's ID, gaining their privileges. This issue affects Authd through version 0.3.6...

CVE-2022-45097

Dell PowerScale OneFS 9.0.0.x-9.4.0.x contains an Incorrect User Management vulnerability. A low privileged network attacker could potentially exploit this vulnerability, leading to escalation of privileges, and information disclosure...

CVE-2021-21553

Dell PowerScale OneFS versions 8.1.0-9.1.0 contain an Incorrect User Management vulnerability.under some specific conditions, this can allow the CompAdmin user to elevate privileges and break out of Compliance mode. This is a critical vulnerability and Dell recommends upgrading at the earliest...

GE Healthcare Ultrasound products (Update A)

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 8.4 ATTENTION : low attack complexity Vendor : GE Healthcare Equipment : Ultrasound Products Vulnerability : Protection Mechanism Failure, Incorrect User Management 2. RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker...

ICSA-19-162-01 Siemens Siveillance VMS

1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: Siemens Equipment: Siveillance VMS Vulnerabilities: Improper Authorization, Incorrect User Management, Missing Authorization 2. RISK EVALUATION Successful exploitation of these vulnerabilities...

Prolink PRN2001 Multiple Vulnerabilities

This host is Prolink PRN2001 and is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...