CVE-2026-10217

A flaw has been found in nextlevelbuilder GoClaw up to 3.11.3. The impacted element is the function handleSave of the file internal/http/ttsconfig.go of the component RoleAdmin Gateway. This manipulation causes improper privilege management. Remote exploitation of the attack is possible. The...

PT-2026-41254

Improper handling of insufficient privileges in the AMD Secure Processor ASP could allow an attacker to provide an input value to a function without sufficient privileges and successfully write data, potentially resulting in loss of integrity of availability...

Ubuntu 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS : Apache HTTP Server vulnerabilities (USN-8239-1)

The remote Ubuntu 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-8239-1 advisory. Bartlomiej Dmitruk and Stanislaw Strzalkowski discovered that Apache HTTP Server incorrectly handled certain memory...

CVE-2025-69689

The Fan Control application V251 contains an improper privilege handling vulnerability in its Open File Dialog. The dialog processes user-supplied paths with elevated permissions, which can be exploited by a local attacker to perform actions with administrator-level privileges...

EUVD-2025-209578

The Fan Control application V251 contains an improper privilege handling vulnerability in its Open File Dialog. The dialog processes user-supplied paths with elevated permissions, which can be exploited by a local attacker to perform actions with administrator-level privileges...

CVE-2025-69689

The Fan Control application V251 contains an improper privilege handling vulnerability in its Open File Dialog. The dialog processes user-supplied paths with elevated permissions, which can be exploited by a local attacker to perform actions with administrator-level privileges...

CVE-2025-12485

Improper privilege management during pre-MFA cookie handling in Devolutions Server allows a low-privileged authenticated user to impersonate another account by replaying the pre-MFA cookie.This does not bypass the target account MFA verification step. This issue affects the following versions :...

EUVD-1999-0093

Malware in sbrugna...

EUVD-2019-9894

Malware in sbrugna...

ROS-20250923-06

A vulnerability in the Apache Cassandra distributed database management system is related to improper privilege handling. Exploitation of the vulnerability could allow a remote attacker to compromise the confidentiality, integrity, and availability of protected information. impact the...

WAGO Coupler Series 安全漏洞

WAGO Coupler Series is a series of Ethernet interface modules from WAGO Japan. A security vulnerability exists in the WAGO Coupler Series that stems from improper handling of privileges, which could result in elevated privileges and firmware modifications...

CVE-2023-20516

CVE-2023-20516 involves improper handling of insufficiency privileges in the ASP, potentially allowing a privileged attacker to modify Translation Map Registers (TMRs) and affecting confidentiality or integrity. The provided sources indicate a network-based, high-privilege requirement with no use...

PT-2025-36376

Name of the Vulnerable Software and Affected Versions: ASP affected versions not specified Description: Improper handling of insufficient privileges in the ASP could allow a privileged attacker to modify Translation Map Registers TMRs, potentially resulting in loss of confidentiality or integrity...

OESA-2025-1902 ceph security update

Ceph is a massively scalable, open-source, distributed storage system that runs on commodity hardware and delivers object, block and file system storage. Security Fixes: A vulnerability classified as problematic has been found in Ceph up to 17.2.7/18.2.4/19.2.2.CWE is classifying the issue as...

MongoDB Server 安全漏洞

MongoDB Server is a set of open source NoSQL databases from the American company MongoDB. The database provides collection-oriented storage, dynamic querying, data replication and automatic failover. A security vulnerability exists in MongoDB Server versions v5.0 prior to 5.0.31, v6.0 prior to...

CVE-1999-0093

AIX nslookup command allows local users to obtain root access by not dropping privileges correctly...

SAMSUNG SMR 安全漏洞

SAMSUNG SMR is a system patch package from the South Korean company Samsung SAMSUNG. It provides patches for Samsung mobile applications. SAMSUNG SMR suffers from a security vulnerability that stems from mishandling of insufficient privileges, which could lead to the use of privileged APIs by a...

SAMSUNG Mobile devices 安全漏洞

SAMSUNG Mobile devices are a range of Samsung mobile devices, including cell phones, tablets, etc., from the South Korean company Samsung SAMSUNG. A security vulnerability exists in SAMSUNG Mobile devices SMR Apr-2025 Release 1 prior to Release 1, which stems from improper handling of privileges...

CVE-2024-0105

NVIDIA ConnectX Firmware contains a vulnerability where an attacker may cause an improper handling of insufficient privileges issue. A successful exploit of this vulnerability may lead to denial of service, data tampering, and limited information disclosure...

HCL BigFix Inventory 安全漏洞

HCL BigFix Inventory is a software inventory from HCL USA. Maintaining software audits reduces security risks through software compliance and utilization management. HCL BigFix Inventory has a security vulnerability that stems from insufficient permissions or improper handling of privileges. An...