CVE-2023-38734

IBM Robotic Process Automation 21.0.0 through 21.0.7.1 and 23.0.0 through 23.0.1 is vulnerable to incorrect privilege assignment when importing users from an LDAP directory. IBM X-Force ID: 262481...

CVE-2023-23430

Some Honor products are affected by incorrect privilege assignment vulnerability, successful exploitation could cause device service exceptions...

CVE-2023-51431

Some Honor products are affected by incorrect privilege assignment vulnerability, successful exploitation could cause device service exceptions...

CVE-2022-48283

A piece of Huawei whole-home intelligence software has an Incorrect Privilege Assignment vulnerability. Successful exploitation of this vulnerability could allow attackers to access restricted functions...

WordPress plugin Hospital Management System 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. WordPress is a blogging platform developed using the PHP language, which supports personal blogs on PHP and MySQL servers, and the WordPress plugin is an...

PT-2025-22765 · Mojoomla · Mojoomla Hospital Management System

Name of the Vulnerable Software and Affected Versions: mojoomla Hospital Management System versions 4.7.020 through 11 Description: The issue is related to an Incorrect Privilege Assignment vulnerability that allows Privilege Escalation in the mojoomla Hospital Management System. Recommendations:...

WordPress plugin Simple Business Directory Pro 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

The vulnerability of the /cgi-bin/ExportSyslog.sh script, a microprogramming solution for TOTOLINK A3000RU routers, allows a hacker to circumvent existing security restrictions.

The vulnerability of the /cgi-bin/ExportSyslog.sh script, a microprogramming solution for TOTOLINK A3000RU routers, is related to the improper assignment of privileges. Exploiting this vulnerability could allow an attacker to bypass security restrictions remotely...

CVE-2022-20051

In ims service, there is a possible unexpected application behavior due to incorrect privilege assignment. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06219127; Issue ID: ALPS06219127...

CVE-2022-48284

A piece of Huawei whole-home intelligence software has an Incorrect Privilege Assignment vulnerability. Successful exploitation of this vulnerability could allow attackers to access restricted functions...

CVE-2022-1225

Incorrect Privilege Assignment in GitHub repository phpipam/phpipam prior to 1.4.6...

CVE-2020-9225

FusionSphere OpenStack 6.5.1 have an improper permissions management vulnerability. The software does not correctly perform a privilege assignment when an actor attempts to perform an action. Successful exploit could allow certain user to do certain operations beyond its privilege...

CVE-2025-39405

Incorrect Privilege Assignment vulnerability in mojoomla WPAMS apartment-management allows Privilege Escalation.This issue affects WPAMS: from n/a through = 44.0 17-08-2023...

CVE-2025-39366

Incorrect Privilege Assignment vulnerability in Rocket Apps wProject.This issue affects wProject: from n/a before 5.8.0...

Incorrect Privilege Assignment

Overview Affected versions of this package are vulnerable to Incorrect Privilege Assignment due to the incorrect assignment of cgroup hierarchy. An attacker can cause a denial of service of the Kubernetes node by exploiting this misconfiguration, where some Kubernetes limits are not honored. This...

CVE-2025-39366

Incorrect Privilege Assignment vulnerability in Rocket Apps wProject.This issue affects wProject: from n/a before 5.8.0...

CVE-2025-39366

CVE-2025-39366 corresponds to an Incorrect Privilege Assignment vulnerability in WordPress theme wProject (versions before 5.8.0). It enables Privilege Escalation for authenticated users with Subscriber+ privileges. The CVSSv3.1 vector is AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H with a base score of 8...

CVE-2025-39459

Incorrect Privilege Assignment vulnerability in contempoinc Real Estate 7 realestate-7 allows Privilege Escalation.This issue affects Real Estate 7: from n/a through = 3.5.2...

CVE-2025-39405

Incorrect Privilege Assignment vulnerability in mojoomla WPAMS apartment-management allows Privilege Escalation.This issue affects WPAMS: from n/a through = 44.0 17-08-2023...

CVE-2025-39405

CVE-2025-39405 describes an "Incorrect Privilege Assignment" vulnerability in the WordPress WPAMS plugin. Affected software: WPAMS – Apartment Management System for WordPress (versions up to and including 44.0; dated 17-08-2023). Root cause per sources: improper privilege handling enabling privil...