WordPress User Registration & Membership plugin <= 5.1.4 - Missing Authorization to Authenticated (Contributor+) Content Access Rule Manipulation vulnerability

Missing Authorization to Authenticated Contributor+ Content Access Rule Manipulation vulnerability discovered by darkmode in WordPress Plugin User Registration versions = 5.1.4...

EUVD-2020-27167

Malware in sbrugna...

CVE-2020-6013

ZoneAlarm Firewall and Antivirus products before version 15.8.109.18436 allow an attacker who already has access to the system to execute code at elevated privileges through a combination of file permission manipulation and exploitation of Windows CVE-2020-00896 on unpatched systems...

Improper Preservation of Permissions

Overview mediawiki/core is a Free software wiki application developed by the Wikimedia Foundation and others. Note: This package is not maintained on Packagist anymore, but newer releases exist. Affected versions of this package are vulnerable to Improper Preservation of Permissions due to improp...

CVE-2024-11486 Code4Berry Decoration Management System User Permission user_permission.php

A vulnerability, which was classified as problematic, was found in Code4Berry Decoration Management System 1.0. This affects an unknown part of the file /decoration/admin/userpermission.php of the component User Permission Handler. The manipulation leads to permission issues. It is possible to...

CVE-2024-1873 Path Traversal and Denial of Service in parisneo/lollms-webui

parisneo/lollms-webui is vulnerable to path traversal and denial of service attacks due to an exposed /selectdatabase endpoint in version a9d16b0. The endpoint improperly handles file paths, allowing attackers to specify absolute paths when interacting with the DiscussionsDB instance. This flaw...

CVE-2024-0770

A vulnerability, which was classified as critical, was found in European Chemicals Agency IUCLID 7.10.3 on Windows. Affected is an unknown function of the file iuclid6.exe of the component Desktop Installer. The manipulation leads to incorrect default permissions. The attack needs to be approache...

CVE-2023-6302 CSZCMS File Manager Page templates permission

A vulnerability was found in CSZCMS 1.3.0 and classified as critical. Affected by this issue is some unknown functionality of the file \views\templates of the component File Manager Page. The manipulation leads to permission issues. The attack may be launched remotely. The exploit has been...

Permissioned nature of TwapOracle allows owner to manipulate oracle

Handle TomFrench Vulnerability details Impact Potentially frozen or purposefully inaccurate USDV:VADER price feed. Proof of Concept Only the owner of TwapOracle can call update on the oracle. Should the owner desire they could cease calling update on the oracle for a period. Over this period the...

CVE-2020-6013

ZoneAlarm Firewall and Antivirus products before version 15.8.109.18436 allow an attacker who already has access to the system to execute code at elevated privileges through a combination of file permission manipulation and exploitation of Windows CVE-2020-00896 on unpatched systems...

CVE-2020-6013

ZoneAlarm Firewall and Antivirus products before version 15.8.109.18436 allow an attacker who already has access to the system to execute code at elevated privileges through a combination of file permission manipulation and exploitation of Windows CVE-2020-00896 on unpatched systems...

Design/Logic Flaw

ZoneAlarm Firewall and Antivirus products before version 15.8.109.18436 allow an attacker who already has access to the system to execute code at elevated privileges through a combination of file permission manipulation and exploitation of Windows CVE-2020-00896 on unpatched systems...

CVE-2020-6013

ZoneAlarm Firewall and Antivirus products before version 15.8.109.18436 allow an attacker who already has access to the system to execute code at elevated privileges through a combination of file permission manipulation and exploitation of Windows CVE-2020-00896 on unpatched systems...

File Permission Manipulation Via Symlink Attack

hadoop-common-yarn is vulnerable to file permission manipulation. Using a symlink attack in a public tar archive, attackers can change the permissions on files to be world-readable...

[SECURITY] [DSA 1846-1] New kvm packages fix denial of service

------------------------------------------------------------------------ Debian Security Advisory DSA-1846-1 [email protected] http://www.debian.org/security/ Dann Frazier July 28, 2009 http://www.debian.org/security/faq - ------------------------------------------------------------------------...

DSA-1846-1 kvm - denial of service

Bulletin has no description...

Hidden administrator account the three minutes to get-vulnerability warning-the black bar safety net

On the regedit. exe everyone is familiar with, but not to the registry key set permissions, regedt32. exe the biggest advantages is the ability to the registry key set permissions. nt/2 0 0 0/xp account information in the registry HKEYLOCALMACHINE\SAM\SAM key, but in addition to the system user...

IRIX 5.26.0 - Permissions File Manipulation

IRIX 5.26.0 - Permissions File Manipulation source: https://www.securityfocus.com/bid/1751/info The IRIX's /usr/lib/desktop/permissions tool is a suid and sgid root applications normally used by users to modify permissions of their files and files they are privileged for. A vulnerability in the...