Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel, which stems from a call to the bind callback function despite a failed privilege check, which could lead to unauthorized...

Polska Akademia Dostępności CMS 代码问题漏洞

Polska Akademia Dostępności CMS is an accessible web content management system from Polska Akademia Dostępności, Poland. A code issue vulnerability exists in Polska Akademia Dostępności CMS, which stems from a client control privilege check parameter that could allow an unauthenticated, remote...

Oracle Linux 7 / 8 : Unbreakable Enterprise kernel (ELSA-2025-20632)

The remote Oracle Linux 7 / 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-20632 advisory. - cloneprivatemnt: make sure that caller has CAPSYSADMIN in the right userns Al Viro Orabug: 38453918 CVE-2025-38499 Tenable has extracted the...

Apple macOS Tahoe Permission Check Insufficiency Vulnerability

Apple macOS Tahoe is the 26th major release of Apple's macOS operating system, which was released on June 10, 2025, and features a new "Liquid Glass" visual design that significantly optimizes interface aesthetics, feature integration, and cross-device collaboration. The 26th major version of the...

Jenkins 安全漏洞

Jenkins is a Jenkins open source application. An open source automation server Jenkins provides hundreds of plugins to support building, deploying and automating any project. A security vulnerability exists in Jenkins 2.527 and earlier and LTS 2.516.2 and earlier, which stems from a failure to...

Apple macOS 安全漏洞

Apple macOS Tahoe is the 26th major release of Apple's macOS operating system, which was released on June 10, 2025, and features a new "Liquid Glass" visual design that significantly optimizes interface aesthetics, feature integration, and cross-device collaboration. The 26th major version of the...

Apple macOS 安全漏洞

Apple macOS is a suite of specialized operating systems developed for Mac computers by Apple Inc. in the United States. A security vulnerability exists in Apple macOS that stems from insufficient privilege checking and could cause an application to access protected user data. The following versio...

Google Android Missing Privilege Check Vulnerability

Google Android is a free and open source mobile operating system based on the Linux kernel, developed by Google Inc. and the Open Handset Alliance, and is mainly used for smartphones, tablets and other devices. Google Android suffers from a missing privilege check vulnerability, which can be...

Google Android 安全漏洞

Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability due to a missing privilege check in the onCreate function in UninstallerActivity.java. An attacker can exploit this vulnerability to gain elevated privileg...

CVE-2025-55627

The issue CVE-2025-55627 affects Reolink Smart 2K+ Plug-in Wi-Fi Video Doorbell with Chime (firmware 3.0.0.4662_2503122283). Root cause: insufficient privilege verification allows authenticated attackers to create accounts with elevated privileges. Impact: potential unauthorized account elevation...

Linux Distros Unpatched Vulnerability : CVE-2023-38058

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An improper privilege check in the OTRS ticket move action in the agent interface allows any as agent authenticated attacker to to perform a move of an ticket...

IBM i 安全漏洞

IBM i is a suite of operating systems from International Business Machines IBM running in IBM Power Systems and IBM PureSystems. A security vulnerability exists in IBM i versions 7.2, 7.3, 7.4, 7.5, and 7.6 that stems from an invalid database privilege check, which could lead to elevation of...

ZITADEL 安全漏洞

ZITADEL is a modern open source alternative to Auth0, Firebase Auth, AWS Cognito, and Keycloak built for the container and serverless era from the Swiss ZITADEL open source. A security vulnerability exists in ZITADEL versions 4.0.0-rc.2, 3.3.2, 2.71.13, and prior to 2.70.14, which stems from a la...

CVE-2023-20909

In multiple functions of RunningTasks.java, there is a possible privilege escalation due to a missing privilege check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-...

PT-2025-49: Insufficient authorization in FreeScout

The vulnerability was identified in FreeScout, versions v.1.8.173 and 1.8.174. The discovered vulnerability allows an attacker to access information or functionality that exceeds the privileges granted to the user because the application checks access rights incorrectly. Vulnerability status:...

CVE-2021-38137

Corero SecureWatch Managed Services 9.7.2.0020 does not correctly check swa-monitor and cns-monitor user’s privileges, allowing a user to perform actions not belonging to his role...

Apple多款产品 安全漏洞

Apple iOS is an operating system developed for mobile devices. apple macOS is a specialized operating system developed for Mac computers. apple iPadOS is an operating system for the iPad tablet computer. A security vulnerability exists in several Apple products that stems from insufficient...

XWiki Platform 安全漏洞

XWiki Platform is the XWiki open source suite of Wiki platforms for creating web collaboration applications. A security vulnerability exists in XWiki Platform versions prior to 15.10.13, prior to 16.4.4, and prior to 16.8.0-rc-1, which stems from an improper privilege check in the Solr script...

SUSE CVE-2017-9792

In Apache Impala incubating before 2.10.0, a malicious user with "ALTER" permissions on an Impala table can access any other Kudu table data by altering the table properties to make it "external" and then changing the underlying table mapping to point to other Kudu tables. This violates and works...

CVE-2024-8765

In lunary-ai/lunary, the privilege check mechanism is flawed in version git afc5df4. The system incorrectly identifies certain endpoints as public if the path contains '/auth/' anywhere within it. This allows unauthenticated attackers to access sensitive endpoints by including '/auth/' in the pat...