109 matches found
Astra Linux – Vulnerability in sudo
A flaw was discovered in sudo’s handling of ipahostname. In this process, the ipahostname value from /etc/sssd/sssd.conf was not propagated to sudo. As a result, this leads to a privilege management vulnerability in applications, where client hosts retain privileges even after those privileges ha...
Improper Privilege Management
Overview @budibase/worker is a Budibase background service Affected versions of this package are vulnerable to Improper Privilege Management through the onboardUsers function. An attacker can gain unauthorized administrative privileges by sending crafted requests to the affected endpoint, allowin...
CVE-2025-62625
Improper privilege management in the KVM key download component could allow an attacker to swap tokens and download sensitive keys, potentially resulting in unauthorized access to privileged resources and loss of confidentiality...
CVE-2026-29205
The CVE-2026-29205 issue affects cPanel & WHM. The vulnerability arises from incorrect privileges management and insufficient path filtering, enabling an attacker to read arbitrary files on the server via the cpdavd attachment download endpoints. PT Security reports indicate multiple vulnerabilit...
CVE-2026-29205
Incorrect privileges management and insufficient path filtering allow to read arbitrary file on the server via the cpdavd attachment download endpoints...
EUVD-2026-29909
Improper privilege management in Samsung System Support Service prior to version 8.0.8.0 allows local attackers to trigger privileged functions...
Google Android Permission Mismanagement Vulnerability
Google Android is a Linux-based open source operating system from Google. Google Android suffers from a mismanagement of privileges vulnerability that can be exploited by attackers to cause memory corruption and local elevation of privileges...
Google Android 安全漏洞
Google Android is a Linux-based open source operating system from Google. Google Android suffers from a mismanagement of privileges vulnerability that can be exploited by attackers to cause memory corruption and local elevation of privileges...
ZTE ElasticNet UME R32 on Linux Mismanagement of Privileges Vulnerability
ZTE ElasticNet UME R32 is a service management and traffic processing platform from China's ZTE Corporation ZTE. A mismanagement of privileges vulnerability exists in ZTE ElasticNet UME R32 on Linux, which can be exploited by an attacker to gain access to functionality that is not properly...
Intel CIP Information Disclosure Vulnerability (CNVD-2025-28673)
Intel CIP is an optional program from Intel designed to improve products by collecting performance data from users' computers. Intel CIP suffers from an information disclosure vulnerability that stems from mismanagement of privileges, which can be exploited by an attacker to cause information...
EUVD-2025-26510
Malicious code in bioql PyPI...
EUVD-2024-19835
Malicious code in bioql PyPI...
EUVD-2023-59274
Malicious code in bioql PyPI...
ZOHO ManageEngine Endpoint Central 安全漏洞
ZOHO ManageEngine Endpoint Central is a desktop management system from ZOHO USA. A security vulnerability exists in ZOHO ManageEngine Endpoint Central versions 11.4.2500.25 and earlier and 11.4.2508.13 and earlier, which stems from improper privilege management...
Apple macOS Tahoe Privilege Mismanagement Vulnerability
Apple macOS Tahoe is the 26th major release of Apple's macOS operating system, which was released on June 10, 2025, and features a new "Liquid Glass" visual design that significantly optimizes interface aesthetics, feature integration, and cross-device collaboration. The 26th major version of the...
Online Library Management System Elevation of Privilege Vulnerability
Online Library Management System is an online library management system. An elevation of privilege vulnerability exists in Online Library Management System, which stems from a mismanagement of privileges in index.php and can be exploited by an attacker to cause an elevation of privilege...
PHPGurukul Online Library Management System 安全漏洞
Online Library Management System is an online library management system. An elevation of privilege vulnerability exists in Online Library Management System, which stems from a mismanagement of privileges in index.php and can be exploited by an attacker to cause an elevation of privilege...
Apple macOS 安全漏洞
Apple macOS Tahoe is the 26th major release of Apple's macOS operating system, which was released on June 10, 2025, and features a new "Liquid Glass" visual design that significantly optimizes interface aesthetics, feature integration, and cross-device collaboration. The 26th major version of the...
Wavlink WL-WN578W2 授权问题漏洞
The Wavlink WL-WN578W2 is a wireless repeater from China's Wavlink. An authorization issue vulnerability exists in Wavlink WL-WN578W2 version 221110, which stems from improper privilege management of the parameter newpass/confpass in the file /sysinit.html, which can be exploited by an attacker t...
CVE-2025-40594
Summary of CVE-2025-40594 : Siemens SINAMICS G220 (V6.4 before HF2), SINAMICS S200 (V6.4), and SINAMICS S210 (V6.4 before HF2) expose a privilege-escalation risk due to improper privilege management and leaked privileges from prior sessions, enabling a factory reset without required privileges. T...