Lucene search
K

109 matches found

AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability in sudo

A flaw was discovered in sudo’s handling of ipahostname. In this process, the ipahostname value from /etc/sssd/sssd.conf was not propagated to sudo. As a result, this leads to a privilege management vulnerability in applications, where client hosts retain privileges even after those privileges ha...

8.8CVSS7.2AI score0.00687EPSS
Exploits0References2
Snyk
Snyk
added 2026/05/18 5:42 p.m.11 views

Improper Privilege Management

Overview @budibase/worker is a Budibase background service Affected versions of this package are vulnerable to Improper Privilege Management through the onboardUsers function. An attacker can gain unauthorized administrative privileges by sending crafted requests to the affected endpoint, allowin...

8.8CVSS5.8AI score0.00261EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/05/14 2:31 p.m.36 views

CVE-2025-62625

Improper privilege management in the KVM key download component could allow an attacker to swap tokens and download sensitive keys, potentially resulting in unauthorized access to privileged resources and loss of confidentiality...

6CVSS0.0017EPSS
Exploits0References1
CVE
CVE
added 2026/05/13 10:6 p.m.23 views

CVE-2026-29205

The CVE-2026-29205 issue affects cPanel & WHM. The vulnerability arises from incorrect privileges management and insufficient path filtering, enabling an attacker to read arbitrary files on the server via the cpdavd attachment download endpoints. PT Security reports indicate multiple vulnerabilit...

8.6CVSS5.9AI score0.07244EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/13 10:6 p.m.6 views

CVE-2026-29205

Incorrect privileges management and insufficient path filtering allow to read arbitrary file on the server via the cpdavd attachment download endpoints...

8.6CVSS5.9AI score0.07244EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/13 6:30 p.m.12 views

EUVD-2026-29909

Improper privilege management in Samsung System Support Service prior to version 8.0.8.0 allows local attackers to trigger privileged functions...

6.3CVSS5.8AI score0.00091EPSS
Exploits0References2
CNVD
CNVD
added 2026/03/06 12:0 a.m.6 views

Google Android Permission Mismanagement Vulnerability

Google Android is a Linux-based open source operating system from Google. Google Android suffers from a mismanagement of privileges vulnerability that can be exploited by attackers to cause memory corruption and local elevation of privileges...

8.4CVSS5.8AI score0.00107EPSS
Exploits0
CNNVD
CNNVD
added 2026/03/02 12:0 a.m.6 views

Google Android 安全漏洞

Google Android is a Linux-based open source operating system from Google. Google Android suffers from a mismanagement of privileges vulnerability that can be exploited by attackers to cause memory corruption and local elevation of privileges...

8.4CVSS5.8AI score0.00107EPSS
Exploits0References4
CNVD
CNVD
added 2025/11/28 12:0 a.m.3 views

ZTE ElasticNet UME R32 on Linux Mismanagement of Privileges Vulnerability

ZTE ElasticNet UME R32 is a service management and traffic processing platform from China's ZTE Corporation ZTE. A mismanagement of privileges vulnerability exists in ZTE ElasticNet UME R32 on Linux, which can be exploited by an attacker to gain access to functionality that is not properly...

7.5CVSS5.9AI score0.00241EPSS
Exploits0
CNVD
CNVD
added 2025/11/14 12:0 a.m.4 views

Intel CIP Information Disclosure Vulnerability (CNVD-2025-28673)

Intel CIP is an optional program from Intel designed to improve products by collecting performance data from users' computers. Intel CIP suffers from an information disclosure vulnerability that stems from mismanagement of privileges, which can be exploited by an attacker to cause information...

6.5CVSS6.4AI score0.00268EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-26510

Malicious code in bioql PyPI...

5.5CVSS6.5AI score0.001EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-19835

Malicious code in bioql PyPI...

4.9CVSS6.4AI score0.00369EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2023-59274

Malicious code in bioql PyPI...

8.8CVSS7.4AI score0.00687EPSS
Exploits0References5
CNNVD
CNNVD
added 2025/09/25 12:0 a.m.3 views

ZOHO ManageEngine Endpoint Central 安全漏洞

ZOHO ManageEngine Endpoint Central is a desktop management system from ZOHO USA. A security vulnerability exists in ZOHO ManageEngine Endpoint Central versions 11.4.2500.25 and earlier and 11.4.2508.13 and earlier, which stems from improper privilege management...

7.8CVSS6.8AI score0.0025EPSS
Exploits0References1
CNVD
CNVD
added 2025/09/18 12:0 a.m.3 views

Apple macOS Tahoe Privilege Mismanagement Vulnerability

Apple macOS Tahoe is the 26th major release of Apple's macOS operating system, which was released on June 10, 2025, and features a new "Liquid Glass" visual design that significantly optimizes interface aesthetics, feature integration, and cross-device collaboration. The 26th major version of the...

5.5CVSS6.6AI score0.00183EPSS
Exploits0References1
CNVD
CNVD
added 2025/09/18 12:0 a.m.1 views

Online Library Management System Elevation of Privilege Vulnerability

Online Library Management System is an online library management system. An elevation of privilege vulnerability exists in Online Library Management System, which stems from a mismanagement of privileges in index.php and can be exploited by an attacker to cause an elevation of privilege...

9.8CVSS7.2AI score0.00527EPSS
Exploits1References1
CNNVD
CNNVD
added 2025/09/15 12:0 a.m.3 views

PHPGurukul Online Library Management System 安全漏洞

Online Library Management System is an online library management system. An elevation of privilege vulnerability exists in Online Library Management System, which stems from a mismanagement of privileges in index.php and can be exploited by an attacker to cause an elevation of privilege...

9.8CVSS7.1AI score0.00527EPSS
Exploits1References3
CNNVD
CNNVD
added 2025/09/15 12:0 a.m.3 views

Apple macOS 安全漏洞

Apple macOS Tahoe is the 26th major release of Apple's macOS operating system, which was released on June 10, 2025, and features a new "Liquid Glass" visual design that significantly optimizes interface aesthetics, feature integration, and cross-device collaboration. The 26th major version of the...

5.5CVSS6.5AI score0.00183EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/09/12 12:0 a.m.4 views

Wavlink WL-WN578W2 授权问题漏洞

The Wavlink WL-WN578W2 is a wireless repeater from China's Wavlink. An authorization issue vulnerability exists in Wavlink WL-WN578W2 version 221110, which stems from improper privilege management of the parameter newpass/confpass in the file /sysinit.html, which can be exploited by an attacker t...

6.9CVSS7AI score0.00439EPSS
Exploits1References5
CVE
CVE
added 2025/09/09 8:47 a.m.15 views

CVE-2025-40594

Summary of CVE-2025-40594 : Siemens SINAMICS G220 (V6.4 before HF2), SINAMICS S200 (V6.4), and SINAMICS S210 (V6.4 before HF2) expose a privilege-escalation risk due to improper privilege management and leaked privileges from prior sessions, enabling a factory reset without required privileges. T...

9.8CVSS5.6AI score0.00201EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder