168 matches found
Checkmk 安全漏洞
Checkmk is an IT monitoring platform from Checkmk, Inc. A security vulnerability exists in Checkmk version 2.4.0 up to and including 2.4.0p16, which stems from insufficient privilege validation and could lead to unauthorized operation or information disclosure...
Oracle Solaris Resource Management Error Vulnerability
Oracle Solaris is a Unix-like operating system developed by Oracle. A file system component vulnerability exists in Oracle Solaris version 11 that stems from a flaw in the system privilege validation mechanism. An attacker could use this vulnerability to cause a complete denial of service sustain...
EUVD-2021-11830
Malware in sbrugna...
EUVD-2020-3818
Malware in sbrugna...
EUVD-2021-10300
Malware in sbrugna...
EUVD-2021-28217
Malicious code in bioql PyPI...
EUVD-2023-29053
Malicious code in bioql PyPI...
EUVD-2023-26591
Malicious code in bioql PyPI...
EUVD-2022-15730
Malicious code in bioql PyPI...
EUVD-2025-27599
Malicious code in bioql PyPI...
EUVD-2023-27668
Malicious code in bioql PyPI...
CVE-2025-50892
The eudskacs.sys driver version 20250328 shipped with EaseUs Todo Backup 1.2.0.1 fails to properly validate privileges for I/O requests IRPMJREAD/IRPMJWRITE sent to its device object. This allows a local, low-privileged attacker to perform arbitrary raw disk reads and writes, leading to sensitive...
Mattermost Permission Issues Vulnerability
Mattermost is an open source collaboration platform from Mattermost, Inc. in the United States. Mattermost suffers from a privilege issue vulnerability that stems from insufficient privilege validation, which can be exploited by an attacker to access team invitation IDs...
Mattermost 安全漏洞
Mattermost is an open source collaboration platform from Mattermost, Inc. in the United States. Mattermost suffers from a privilege issue vulnerability that stems from insufficient privilege validation, which can be exploited by an attacker to access team invitation IDs...
CVE-2023-22428
Improper privilege validation in Command Centre Server allows authenticated operators to modify Division lineage. This issue affects Command Centre: vEL8.80 prior to vEL8.80.1192 MR2, vEL8.70 prior to vEL8.70.2185 MR4, vEL8.60 prior to vEL8.60.2347 MR6, vEL8.50 prior to vEL8.50.2831MR8, vEL8.40 a...
CVE-2023-23568
Improper privilege validation in Command Centre Server allows authenticated unprivileged operators to modify and view Personal Data Fields. This issue affects Command Centre: vEL 8.90 prior to vEL8.90.1318 MR1, vEL8.80 prior to vEL8.80.1192 MR2, vEL8.70 prior to vEL8.70.2185 MR4, vEL8.60 prior to...
CVE-2021-41066
An issue was discovered in Listary through 6. When Listary is configured as admin, Listary will not ask for permissions again if a user tries to access files on the system from Listary itself it will bypass UAC protection; there is no privilege validation of the current user that runs via Listary...
CVE-2021-25059
The Download Plugin WordPress plugin before 2.0.0 does not properly validate a user has the required privileges to access a backup's nonce identifier, which may allow any users with an account on the site such as subscriber to download a full copy of the website...
CVE-2020-11464
An issue was discovered in Deskpro before 2019.8.0. The /api/people endpoint failed to properly validate a user's privilege, allowing an attacker to retrieve sensitive information about all users registered on the system. This includes their full name, privilege, email address, phone number, etc...
CVE-2020-11463
An issue was discovered in Deskpro before 2019.8.0. The /api/emailaccounts endpoint failed to properly validate a user's privilege, allowing an attacker to retrieve cleartext credentials of all helpdesk email accounts, including incoming and outgoing email credentials. This enables an attacker to...