148 matches found
CVE-2025-54511
Improper handling of insufficient privileges in the AMD Secure Processor ASP could allow an attacker to provide an input value to a function without sufficient privileges and successfully write data, potentially resulting in loss of integrity of availability...
CVE-2026-21017
Improper handling of insufficient privileges in SecTelephonyProvider prior to SMR Jun-2026 Release 1 allows local attackers to access privileged files...
CVE-2025-54511
Improper handling of insufficient privileges in the AMD Secure Processor ASP could allow an attacker to provide an input value to a function without sufficient privileges and successfully write data, potentially resulting in loss of integrity of availability...
EUVD-2025-209878
Improper handling of insufficient privileges in the AMD Secure Processor ASP could allow an attacker to provide an input value to a function without sufficient privileges and successfully write data, potentially resulting in loss of integrity of availability...
CVE-2025-54511
CVE-2025-54511 affects the AMD Secure Processor (ASP). The AMD bulletin and NVD entry state that improper handling of insufficient privileges could allow an attacker to provide an input value to a function without sufficient privileges and write data, potentially impacting integrity and availabil...
CVE-2025-54511
Improper handling of insufficient privileges in the AMD Secure Processor ASP could allow an attacker to provide an input value to a function without sufficient privileges and successfully write data, potentially resulting in loss of integrity of availability...
CVE-2025-54511
Improper handling of insufficient privileges in the AMD Secure Processor ASP could allow an attacker to provide an input value to a function without sufficient privileges and successfully write data, potentially resulting in loss of integrity of availability...
CVE-2025-54511
Improper handling of insufficient privileges in the AMD Secure Processor ASP could allow an attacker to provide an input value to a function without sufficient privileges and successfully write data, potentially resulting in loss of integrity of availability...
PT-2026-41254
Improper handling of insufficient privileges in the AMD Secure Processor ASP could allow an attacker to provide an input value to a function without sufficient privileges and successfully write data, potentially resulting in loss of integrity of availability...
CVE-2025-15633
The CVE describes an improper authorization flaw in HCL BigFix WebUI. An authenticated user lacking Master Operator privileges can access internal data (site names, versions, configuration variables) via unprotected endpoints that do not enforce security headers. This indicates a privilege check ...
GHSA-78CG-FC6C-W44W Apache OpenMeetings has an Improper Handling of Insufficient Privileges vulnerability
Sny registered user can query web service with their credentials and get files/sub-folders of any folder by ID metadata only NOT contents. Metadata includes id, type, name and some other field. Full list of fields get be checked at FileItemDTO object. This issue affects Apache OpenMeetings: from...
EUVD-2026-20934
Improper Handling of Insufficient Privileges vulnerability in Apache OpenMeetings. Any registered user can query web service with their credentials and get files/sub-folders of any folder by ID metadata only NOT contents. Metadata includes id, type, name and some other field. Full list of fields...
Apache OpenMeetings has an Improper Handling of Insufficient Privileges vulnerability
Sny registered user can query web service with their credentials and get files/sub-folders of any folder by ID metadata only NOT contents. Metadata includes id, type, name and some other field. Full list of fields get be checked at FileItemDTO object. This issue affects Apache OpenMeetings: from...
CVE-2026-33005
Improper Handling of Insufficient Privileges vulnerability in Apache OpenMeetings. Any registered user can query web service with their credentials and get files/sub-folders of any folder by ID metadata only NOT contents. Metadata includes id, type, name and some other field. Full list of fields...
CVE-2026-33005 Apache OpenMeetings: Insufficient checks in FileWebService
Improper Handling of Insufficient Privileges vulnerability in Apache OpenMeetings. Any registered user can query web service with their credentials and get files/sub-folders of any folder by ID metadata only NOT contents. Metadata includes id, type, name and some other field. Full list of fields...
CVE-2026-33005
Improper Handling of Insufficient Privileges vulnerability in Apache OpenMeetings. Any registered user can query web service with their credentials and get files/sub-folders of any folder by ID metadata only NOT contents. Metadata includes id, type, name and some other field. Full list of fields...
CVE-2026-33005
Apache OpenMeetings is affected by an Improper Handling of Insufficient Privileges vulnerability. A registered user can query the web service with their credentials and retrieve metadata (e.g., id, type, name, and other FileItemDTO fields) for files and sub-folders of any folder by ID, with no co...
PT-2026-31639
Name of the Vulnerable Software and Affected Versions Apache OpenMeetings versions prior to 9.0.0 Description A registered user can query a web service with their credentials and retrieve metadata id, type, name, and other fields from the FileItemDTO object for files and sub-folders of any folder...
BIT-GITLAB-2026-1747 Authentication Bypass Using an Alternate Path or Channel in GitLab
GitLab has remediated an issue in GitLab EE affecting all versions from 17.11 before 18.7.5, 18.8 before 18.8.5, and 18.9 before 18.9.1 that, under certain conditions, could have allowed Developer-role users with insufficient privileges to make unauthorized modifications to protected Conan packag...
EUVD-2026-8724
GitLab has remediated an issue in GitLab EE affecting all versions from 17.11 before 18.7.5, 18.8 before 18.8.5, and 18.9 before 18.9.1 that, under certain conditions, could have allowed Developer-role users with insufficient privileges to make unauthorized modifications to protected Conan packag...