Ivanti Endpoint Manager 安全漏洞

Ivanti Endpoint Manager is a comprehensive endpoint management solution developed by Ivanti to unify the management of all types of devices in an enterprise network, including Windows, macOS, Linux, ChromeOS, mobile devices and IoT devices. Ivanti Endpoint Manager suffers from a privilege issue...

EUVD-2000-0350

Malware in sbrugna...

LangChain-ChatGLM-Webui 安全漏洞

LangChain-ChatGLM-Webui is an X-D Lab open source AI based on automated quizzing against a local knowledge base. A security vulnerability exists in LangChain-ChatGLM-Webui version ef829, which stems from insecure privileges that allow an attacker to view and download sensitive files via a special...

The vulnerability of the GoldenDB database management system, related to insecure privilege management, allows attackers to elevate their privileges.

The vulnerability of the GoldenDB database management system is related to insecure management of privileges. Exploiting this vulnerability can allow a malicious actor to enhance their privileges remotely...

The vulnerability of the upKeeper Instant Privilege Access software lies in its insecure management of privileges, allowing attackers to escalate their own privileges.

The vulnerability of the upKeeper Instant Privilege Access software lies in the insecure management of privileges. Exploiting this vulnerability could allow a malicious actor to increase their privileges remotely...

The vulnerability of the Windows Installer component on Windows operating systems allows a perpetrator to elevate their privileges to the SYSTEM level.

The vulnerability of the Windows Installer component in Windows operating systems is related to insecure management of privileges. Exploiting this vulnerability can allow an attacker to elevate their privileges to the SYSTEM level...

foxmarks 安全漏洞

foxmarks is an extremely fast, highly extensible and easy to integrate command line read-only interface by zefr0x individual developers. A security vulnerability exists in foxmarks versions prior to v2.1.0, which stems from the presence of insecure privileges that allow a malicious user to read t...

Kuma 安全漏洞

Kuma is a modern Envoy-based service grid open-sourced by Kuma. It can be run on Kubernetes and VMs with single or multiple zones capacity on each cloud. A security vulnerability exists in Kuma v2.7.0 and prior versions that stems from the presence of insecure privileges that allow an attacker to...

The vulnerability of Zoom’s video conferencing software relates to the insecure management of privileges, allowing attackers to escalate their privileges.

The vulnerability of Zoom’s video conferencing software relates to the insecure management of privileges. Exploiting this vulnerability can allow a hacker to escalate their privileges...

CVE-2024-4884

The CVE-2024-4884 family affects Progress WhatsUp Gold versions released before 2023.1.3, with unauthenticated remote code execution via the CommunityController (Apm.UI.Areas.APM.Controllers.CommunityController) and related paths (GetFileWithoutZip) that allow command execution with iisapppool\nm...

Netgear WNR614 Security Vulnerability

The Netgear WNR614 is an N300 wireless router with external antenna from Netgear USA. A security vulnerability exists in the Netgear WNR614 version V1.1.0.541.0.1, which stems from the presence of insecure privileges that allow an attacker to access URLs and directories embedded in the firmware v...

Human Resource Management System 安全漏洞

Human Resource Management System is a human resource management system by maverickosama Individual Developer. A security vulnerability exists in Sourcecodester Human Resource Management System version 1.0, which stems from the presence of insecure privileges...

The vulnerability of the GLPI system’s request, incident, and asset inventory management, related to insecure privilege management, allows a malicious actor to gain unauthorized access to any user’s account.

The vulnerability of the GLPI system for requests, incidents, and inventory management is related to insecure management of privileges. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain unauthorized access to the account of any user...

TinyLab linux-lab Security Vulnerabilities

linux-lab is Tai Xiao Technology tinyclub open source a Docker/Qemu-based Linux kernel learning, development and testing environment. TinyLab linux-lab v1.1-rc1, cloud-labv0.8-rc2, v1.1-rc1 version of the security vulnerability , the vulnerability stems from the application is susceptible to...

Mobile Security Framework Security Vulnerability

Mobile Security Framework MobSF is Mobile Security Framework open source an automated all-in-one mobile application . Used for penetration testing, malware analysis and security assessments, it is capable of performing both static and dynamic analysis. A security vulnerability exists in Mobile...

Stormshield Network Security (SNS) VPN SSL Client 安全漏洞

Stormshield Network Security is a next-generation UTM Unified Threat Management firewall from the French company Stormshield. A security vulnerability exists in the Stormshield Network Security SNS VPN SSL Client versions 2.1.0 through 2.8.0 that stems from having insecure privileges...

The vulnerability of the access control system for the virtual environment, previously known as Citrix Secure Access (formerly Citrix Gateway), is related to insecure management of privileges. This issue needs to be addressed to enhance the security of privileges.

The vulnerability of the access control system for the virtual environment, previously known as Citrix Secure Access formerly Citrix Gateway, is related to insecure management of privileges. Exploiting this vulnerability could allow attackers to enhance their privileges...

The vulnerability of the Repository component of the Oracle Hyperion Financial Reporting application, which allows a perpetrator to gain unauthorized access to protected information or cause partial service failure.

The vulnerability of the Repository component in Oracle Hyperion Financial Reporting’s budget management automation processes is related to insecure management of privileges. Exploiting this vulnerability could allow an attacker to gain unauthorized access to protected information or cause a...

CVE-2023-34844

Play With Docker 0.0.2 has an insecure CAPSYSADMIN privileged mode causing the docker container to escape...

PowerJob 安全漏洞

PowerJob is an open source distributed computing and job scheduling framework that allows developers to easily schedule tasks in their applications. A security vulnerability exists in PowerJob version V4.3.1 that stems from the presence of insecure privileges...