CVE-2026-23634

Pepr is a type safe K8s middleware. Prior to 1.0.5 , Pepr defaults to a cluster-admin RBAC configuration and does not explicitly force or enforce least-privilege guidance for module authors. The default behavior exists to make the “getting started” experience smooth: new users can experiment with...

CVE-2009-4438

The Query Compiler, Rewrite, and Optimizer component in IBM DB2 9.1 before FP8, 9.5 before FP5, and 9.7 before FP1 does not enforce privilege requirements for access to a 1 sequence or 2 global-variable object, which allows remote authenticated users to make use of data via unspecified vectors...

CVE-2009-4526

The Send by e-mail sub-module in the Print aka Printer, e-mail and PDF versions module 5.x before 5.x-4.9 and 6.x before 6.x-1.9, a module for Drupal, does not properly enforce privilege requirements, which allows remote attackers to read page titles by requesting a "Send to friend" form...

EUVD-2009-4481

Malware in sbrugna...

EUVD-2017-18718

Malware in sbrugna...

EUVD-2010-3473

Malware in sbrugna...

EUVD-2008-6079

Malware in sbrugna...

EUVD-2012-3964

Malware in sbrugna...

EUVD-2011-1845

Malware in sbrugna...

EUVD-2017-15867

Malware in sbrugna...

EUVD-2011-1409

Malware in sbrugna...

EUVD-2017-17397

Malware in sbrugna...

EUVD-2009-4492

Malware in sbrugna...

EUVD-2025-21879

Malicious code in bioql PyPI...

EUVD-2021-29120

Malicious code in bioql PyPI...

Improper Access Control

unopim/unopim is vulnerable to Improper Access Control. The vulnerability is due to insufficient privilege enforcement on the mass-delete endpoint, which allows an attacker without "Delete" permissions to bypass restrictions and delete products...

Enhancing Microsoft 365 security by eliminating high-privilege access

In this blog you will hear directly from Microsoft’s Deputy Chief Information Security Officer CISO for Experiences and Devices, Naresh Kannan, about eliminating high-privileged access across all Microsoft 365 applications. This blog is part of an ongoing series where our Deputy CISOs share their...

Velociraptor 安全漏洞

Velociraptor is a Velocidex open source tool for collecting host-based state information using Velociraptor Query Language VQL queries. A security vulnerability exists in Velociraptor that stems from the failure of the Admin.Client.UpdateClientConfig artifact to enforce additional privileges, whi...

10 Most Impactful PAM Use Cases for Enhancing Organizational Security

Privileged access management PAM plays a pivotal role in building a strong security strategy. PAM empowers you to significantly reduce cybersecurity risks, gain tighter control over privileged access, achieve regulatory compliance, and reduce the burden on your IT team. As an established provider...

Google Chrome 安全漏洞

Google Chrome is a web browser from Google, an American company. A security vulnerability exists in Google Chrome prior to version 130.0.6723.58 that stems from improper privilege enforcement and can be exploited by a local attacker to perform elevation of privilege via a crafted HTML page...