89 matches found
CVE-2025-54735 WordPress CubeWP Framework Plugin <= 1.1.24 - Privilege Escalation Vulnerability
Incorrect Privilege Assignment vulnerability in Imran Tauqeer CubeWP cubewp-framework allows Privilege Escalation.This issue affects CubeWP: from n/a through = 1.1.24...
CVE-2025-36613
SupportAssist for Home PCs versions 4.6.3 and prior and SupportAssist for Business PCs versions 4.5.3 and prior, contains an Incorrect Privilege Assignment vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to unauthorized access...
CVE-2025-36613
SupportAssist for Home PCs versions 4.6.3 and prior and SupportAssist for Business PCs versions 4.5.3 and prior, contains an Incorrect Privilege Assignment vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to unauthorized access...
CVE-2025-54697
CVE-2025-54697 concerns Kadence WooCommerce Email Designer for WordPress (Kadence plugin). Connected sources confirm an Incorrect Privilege Assignment vulnerability that could enable privilege escalation in versions up to and including 1.5.16. No exploit details are provided in the documents. The...
TeamViewer Remote Management 安全漏洞
TeamViewer Remote Management is a remote management software from TeamViewer, Inc. A security vulnerability exists in TeamViewer Remote Management versions prior to 15.67, which stems from an improperly assigned privilege that results in arbitrary file deletion...
CVE-2025-4493
Improper privilege assignment in PAM JIT privilege sets in Devolutions Server allows a PAM user to perform PAM JIT requests on unauthorized groups by exploiting a user interface issue. This issue affects the following versions : Devolutions Server 2025.1.3.0 through 2025.1.7.0 Devolutions Server...
CVE-2025-0135
An incorrect privilege assignment vulnerability in the Palo Alto Networks GlobalProtect™ App on macOS devices enables a locally authenticated non administrative user to disable the app. The GlobalProtect app on Windows, Linux, iOS, Android, Chrome OS and GlobalProtect UWP app are not affected...
Inaba Denki Sangyo Wi-Fi AP UNIT 安全漏洞
Inaba Denki Sangyo Wi-Fi AP UNIT is a Wi-Fi AP unit from Inaba Denki Sangyo Inaba Denki Sangyo, a Japanese company. A security vulnerability exists in Inaba Denki Sangyo Wi-Fi AP UNIT v2.0.03P and prior versions, which stems from an improperly assigned privilege that could lead to tampered settin...
IBM Security Verify Access 安全漏洞
IBM Security Verify Access ISAM is a service from International Business Machines IBM that improves user access security. The service enables secure and simple access to platforms such as web, mobile, IoT and cloud technologies through the use of risk-based access, single sign-on, integrated acce...
CVE-2024-13248
Incorrect Privilege Assignment vulnerability in Drupal Private content allows Target Influence via Framing.This issue affects Private content: from 0.0.0 before 2.1.0...
PT-2024-32444 · Huawei · Honor
Name of the Vulnerable Software and Affected Versions: Honor products affected versions not specified Description: The issue is related to an incorrect privilege assignment, which could lead to device service exceptions if successfully exploited. Recommendations: At the moment, there is no...
Devolutions Server 产品安全漏洞
Devolutions Server is an application from Devolutions Canada Inc. which provides a full-featured shared account and password management solution. A security vulnerability exists in Devolutions Server version 2024.3.8.0 and prior versions, which stems from an incorrect assignment of privileges in...
WAGO多款产品 安全漏洞
WAGO PFC100 and others are products of WAGO, Germany.WAGO PFC100 is a programmable logic controller PLC.WAGO CC100 0751-9x01 is a compact controller.WAGO Edge Controller 0752-8303/8000-0002 is a controller. A security vulnerability exists in a number of WAGO products. The vulnerability stems from...
AZL-53209 CVE-2024-10978 affecting package postgresql for versions less than 16.5-1
Incorrect privilege assignment in PostgreSQL allows a less-privileged application user to view or change different rows from those intended. An attack requires the application to use SET ROLE, SET SESSION AUTHORIZATION, or an equivalent feature. The problem arises when an application query uses...
DEBIAN-CVE-2024-10978
Incorrect privilege assignment in PostgreSQL allows a less-privileged application user to view or change different rows from those intended. An attack requires the application to use SET ROLE, SET SESSION AUTHORIZATION, or an equivalent feature. The problem arises when an application query uses...
UBUNTU-CVE-2024-10978
Incorrect privilege assignment in PostgreSQL allows a less-privileged application user to view or change different rows from those intended. An attack requires the application to use SET ROLE, SET SESSION AUTHORIZATION, or an equivalent feature. The problem arises when an application query uses...
Veeam ONE 安全漏洞
Veeam ONE is a suite of IT monitoring and reporting tools from Veeam USA. The product supports features such as backup monitoring, operational status monitoring of virtual and physical environments. A security vulnerability exists in Veeam ONE version 12.1.0.3208 and previous versions 12, which...
Zexeron ZWX-2000CSW2-HN 安全漏洞
The Zexeron ZWX-2000CSW2-HN is a high-speed coaxial modem from Zexeron Japan. A security vulnerability exists in the Zexeron ZWX-2000CSW2-HN prior to version 0.3.15, which stems from the presence of incorrect privilege assignments for critical resource issues, which could allow a network-adjacent...
Siemens RUGGEDCOM 安全漏洞
Siemens RuggedCom ROS is an operating system from Siemens, Germany, used in the RuggedCom series of switches. An incorrect privilege assignment vulnerability exists in Siemens RUGGEDCOM ROS, which can be exploited by an attacker to create a remote shell for an affected system...
Siemens SINEMA Remote Connect Server 安全漏洞
Siemens SINEMA Remote Connect Server is a remote network management platform from Siemens, Germany. The platform is used to remotely access, maintain, control and diagnose the underlying network. Siemens SINEMA Remote Connect Server suffers from an incorrect assignment of critical resource...