Lucene search
K

72 matches found

Cvelist
Cvelist
added 3 days ago31 views

CVE-2026-14719 SourceCodester Onlne Examination & Learning Management System Registration Endpoint register.php privileges management

A flaw has been found in SourceCodester Onlne Examination & Learning Management System 1.0. The impacted element is an unknown function of the file register.php of the component Registration Endpoint. Executing a manipulation of the argument role can lead to improper privilege management. The...

7.5CVSS0.00288EPSS
Exploits0References6
The Hacker News
The Hacker News
added 2026/06/30 5:4 a.m.13 views

Oracle E-Business Suite Flaw CVE-2026-46817 Actively Exploited in the Wild

A critical security flaw impacting Oracle E-Business Suite has come under active exploitation in the wild, according to Defused Cyber. The vulnerability, tracked as CVE-2026-46817 CVSS score: 9.8, refers to an improper privilege management and authentication flaw in Oracle Payments that could be...

9.8CVSS6AI score0.00677EPSS
Exploits2
RedhatCVE
RedhatCVE
added 2026/06/12 2:35 p.m.9 views

CVE-2026-44119

A flaw was found in Apache HTTP Server. This improper privilege management vulnerability allows local .htaccess authors to read files with the privileges of the httpd user. This could lead to unauthorized information disclosure...

5.5CVSS5.2AI score0.00171EPSS
Exploits0References4
AlpineLinux
AlpineLinux
added 2026/06/08 3:17 p.m.8 views

CVE-2026-44119

Improper Privilege Management vulnerability in Apache HTTP Server 2.4.67 and earlier allows local .htaccess authors to read files with the privileges of the httpd user. This issue affects Apache HTTP Server: from through 2.4.67. Users are recommended to upgrade to version 2.4.68, which fixes the...

5.5CVSS5.4AI score0.00171EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2026/06/01 2:45 a.m.12 views

CVE-2026-10217 nextlevelbuilder GoClaw RoleAdmin Gateway tts_config.go handleSave privileges management

A flaw has been found in nextlevelbuilder GoClaw up to 3.11.3. The impacted element is the function handleSave of the file internal/http/ttsconfig.go of the component RoleAdmin Gateway. This manipulation causes improper privilege management. Remote exploitation of the attack is possible. The...

6.5CVSS5.3AI score0.00209EPSS
Exploits0References6
CVE
CVE
added 2026/06/01 2:45 a.m.25 views

CVE-2026-10217

Nextlevelbuilder GoClaw up to v3.11.3 is affected by a flaw in the handleSave function of internal/http/tts_config.go within the RoleAdmin Gateway, causing improper privilege management. Remote exploitation is possible; a public exploit exists, and the issue has been labeled as a bug by the proje...

6.5CVSS6.1AI score0.00209EPSS
Exploits0References6
CVE
CVE
added 2026/05/13 6:51 p.m.15 views

CVE-2026-0246

CVE-2026-0246: Prisma Access Agent contains a privilege management flaw that allows a locally authenticated non-administrative user to escalate to root on macOS/Linux or NT AUTHORITY\SYSTEM on Windows, enabling arbitrary code execution and access to privileged data. Affected: Prisma Access Agent ...

8.5CVSS6.1AI score0.00144EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/13 12:0 a.m.14 views

PT-2026-40575

Name of the Vulnerable Software and Affected Versions Samsung System Support Service versions prior to 8.0.8.0 Description Improper privilege management allows local attackers to trigger privileged functions. Recommendations Update to version 8.0.8.0 or later...

6.3CVSS5.8AI score0.00091EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/05/12 12:0 a.m.13 views

PT-2026-40140

Improper privilege management in Microsoft Dynamics 365 Customer Insights allows an authorized attacker to elevate privileges over a network...

7.7CVSS5.8AI score0.00659EPSS
Exploits0References2
NVD
NVD
added 2026/05/11 10:16 a.m.17 views

CVE-2026-26946

Dell ECS versions 3.8.1.0 through 3.8.1.7 and Dell ObjectScale versions prior to 4.3.0.0, contains an improper privilege management vulnerability in the OS. A high privileged attacker with local access could potentially exploit this vulnerability, leading to elevation of privileges...

6.7CVSS0.00104EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/11 9:39 a.m.8 views

CVE-2026-26946

Dell ECS versions 3.8.1.0 through 3.8.1.7 and Dell ObjectScale versions prior to 4.3.0.0, contains an improper privilege management vulnerability in the OS. A high privileged attacker with local access could potentially exploit this vulnerability, leading to elevation of privileges...

6.7CVSS5.8AI score0.00104EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/04/16 8:30 a.m.7 views

CVE-2026-23772

Dell Storage Manager - Replay Manager for Microsoft Servers, versions 8.0, contains an Improper Privilege Management vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges...

7.3CVSS5.8AI score0.00122EPSS
Exploits0References2
EUVD
EUVD
added 2026/03/11 9:31 p.m.4 views

EUVD-2026-11303

Dell Alienware Command Center AWCC, versions prior to 6.12.24.0, contain an Improper Privilege Management vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of Privileges...

6.7CVSS5.8AI score0.00084EPSS
Exploits0References2
Snyk
Snyk
added 2026/02/26 3:13 a.m.3 views

Improper Privilege Management

Overview Affected versions of this package are vulnerable to Improper Privilege Management via the IsAdmin field in the user profile update process. An attacker can gain unauthorized administrative privileges by sending a crafted PUT request to their own user profile endpoint with IsAdmin set to...

8.8CVSS6AI score0.00306EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/12/05 12:0 a.m.4 views

Dell PowerScale OneFS 8.2.2 <= 9.4.0.17 / 9.5.0 <= 9.5.0.8 / 9.6.0.0 <= 9.7.0.3 / 9.8.0.0 < 9.8.0.1 Privilege Management (DSA-2024-255)

The Dell PowerScale OneFS on the remote device is missing a security patch and is, therefore, affected by privilege management vulnerability: - Dell PowerScale OneFS versions 8.2.2.x through 9.8.0.0 contain an improper privilege management vulnerability. A local high privileged attacker could...

6.7CVSS5.5AI score0.00157EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/11/30 10:32 a.m.8 views

CVE-2025-13787 ZenTao File control.php delete privileges management

A flaw has been found in ZenTao up to 21.7.6-8564. The affected element is the function file::delete of the file module/file/control.php of the component File Handler. Executing manipulation of the argument fileID can lead to improper privilege management. It is possible to launch the attack...

5.5CVSS0.00328EPSS
Exploits1References6
CNNVD
CNNVD
added 2025/11/18 12:0 a.m.5 views

Fortinet多款产品 安全漏洞

Fortinet FortiOS and others are products of Fortinet, Inc.Fortinet FortiOS is a dedicated security operating system on the FortiGate network security platform.Fortinet FortiProxy is a secure network proxy that protects employees by combining a variety of detection technologies such as Web...

6CVSS6.5AI score0.00135EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/11/18 12:0 a.m.44 views

Fortinet Fortigate Trusted hosts bypass via SSH (FG-IR-25-545)

The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-25-545 advisory. - An Improper Privilege Management vulnerability CWE-269 in FortiOS, FortiProxy and FortiPAM may allow an authenticated...

6CVSS5.5AI score0.00135EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/11/11 4:50 p.m.3 views

CVE-2025-24863

Improper privilege management for some IntelR CIP software before version WINDCA2.4.0.11001 within Ring 3: User Applications may allow an information disclosure. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable data exposure. This result...

6.5CVSS5.9AI score0.00268EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/11/11 12:0 a.m.4 views

PT-2025-46398

Name of the Vulnerable Software and Affected Versions IntelR CIP software versions prior to WIN DCA 2.4.0.11001 Description An improper privilege management issue exists in some IntelR CIP software. This may allow an information disclosure within Ring 3 User Applications. An unprivileged software...

6.5CVSS5.7AI score0.00268EPSS
Exploits0References3
Rows per page
Query Builder