132 matches found
PT-2025-44305
Name of the Vulnerable Software and Affected Versions ThreatFire System Monitor version 4.7.0.53 Description A flaw exists in the kernel driver of ThreatFire System Monitor that allows for privilege escalation and arbitrary command execution. This is due to insecure access control through an...
EUVD-2019-4857
Malware in sbrugna...
EUVD-2002-0066
Malware in sbrugna...
EUVD-2018-21447
Malware in sbrugna...
EUVD-2024-26815
Malicious code in bioql PyPI...
EUVD-2023-42712
Malicious code in bioql PyPI...
EUVD-2025-20000
Malicious code in bioql PyPI...
PT-2025-33203 · Syedamirhussain91 · Db Backup
Name of the Vulnerable Software and Affected Versions: syedamirhussain91 DB Backup versions through 6.0 Description: A missing authorization flaw in syedamirhussain91 DB Backup allows exploitation due to incorrectly configured access control security levels. Recommendations: Update to a version...
CVE-2025-49154
An insecure access control vulnerability in Trend Micro Apex One and Trend Micro Worry-Free Business Security could allow a local attacker to overwrite key memory-mapped files which could then have severe consequences for the security and stability of affected installations. Please note: an...
CVE-2025-49154
An insecure access control vulnerability in Trend Micro Apex One and Trend Micro Worry-Free Business Security could allow a local attacker to overwrite key memory-mapped files which could then have severe consequences for the security and stability of affected installations. Please note: an...
CVE-2025-49154
An insecure access control vulnerability in Trend Micro Apex One and Trend Micro Worry-Free Business Security could allow a local attacker to overwrite key memory-mapped files which could then have severe consequences for the security and stability of affected installations. Please note: an...
CVE-2025-49154
An insecure access control vulnerability in Trend Micro Apex One and Trend Micro Worry-Free Business Security could allow a local attacker to overwrite key memory-mapped files which could then have severe consequences for the security and stability of affected installations. Please note: an...
CVE-2025-49154
An insecure access control vulnerability in Trend Micro Apex One and Trend Micro Worry-Free Business Security could allow a local attacker to overwrite key memory-mapped files which could then have severe consequences for the security and stability of affected installations. Please note: an...
PT-2025-25746 · Trend Micro · Trend Micro Apex One +1
Name of the Vulnerable Software and Affected Versions: Trend Micro Apex One affected versions not specified Trend Micro Worry-Free Business Security affected versions not specified Description: An insecure access control issue could allow a local attacker to overwrite key memory-mapped files,...
CVE-2024-37742
Insecure Access Control in Safe Exam Browser SEB = 3.5.0 on Windows. The vulnerability allows an attacker to share clipboard data between the SEB kiosk mode and the underlying system, compromising exam integrity. By exploiting this flaw, an attacker can bypass exam controls and gain an unfair...
CVE-2023-38952
Insecure access control in ZKTeco BioTime through 9.0.1 allows authenticated attackers to escalate their privileges due to the fact that session ids are not validated for the type of user accessing the application by default. Privilege restrictions between non-admin and admin users are not enforc...
VulnCheck KEV: CVE-2023-38952
Insecure access control in ZKTeco BioTime through 9.0.1 allows authenticated attackers to escalate their privileges due to the fact that session ids are not validated for the type of user accessing the application by default. Privilege restrictions between non-admin and admin users are not...
CVE-2025-32790 Dify Allows Insecure User Role Access Control for APP DSL Exporting
Dify is an open-source LLM app development platform. In versions 0.6.8 and prior, a vulnerability was identified in the DIFY AI where normal users are improperly granted permissions to export APP DSL. The feature in '/export' should only allow administrator users to export DSL. A workaround for...
CVE-2024-9097
ManageEngine Endpoint Central versions before 11.3.2440.09 are vulnerable to IDOR vulnerability which allows the attacker to change the username in the chat...
GO-2024-3220 Rancher allows privilege escalation in Windows nodes due to Insecure Access Control Lists in github.com/rancher/rancher
Rancher allows privilege escalation in Windows nodes due to Insecure Access Control Lists in github.com/rancher/rancher. NOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions. If this is causing false-positive...