26 matches found
CVE-2026-29205
Incorrect privileges management and insufficient path filtering allow to read arbitrary file on the server via the cpdavd attachment download endpoints...
CVE-2026-29205
Incorrect privileges management and insufficient path filtering allow to read arbitrary file on the server via the cpdavd attachment download endpoints...
CVE-2026-29205
Incorrect privileges management and insufficient path filtering allow to read arbitrary file on the server via the cpdavd attachment download endpoints...
EUVD-2021-18718
Malware in sbrugna...
EUVD-2025-12338
Malicious code in bioql PyPI...
CVE-2021-31843
Improper privileges management vulnerability in McAfee Endpoint Security ENS Windows prior to 10.7.0 September 2021 Update allows local users to access files which they would otherwise not have access to via manipulating junction links to redirect McAfee folder operations to an unintended locatio...
CVE-2019-25071 Apple iOS Siri Self privileges management
A vulnerability was found in Apple iPhone up to 12.4.1. It has been declared as critical. Affected by this vulnerability is Siri. Playing an audio or video file might be able to initiate Siri on the same device which makes it possible to execute commands remotely. Exploit details have been...
CVE-2017-20080 Hindu Matrimonial Script googleads.php privileges management
A vulnerability, which was classified as critical, has been found in Hindu Matrimonial Script. Affected by this issue is some unknown functionality of the file /admin/googleads.php. The manipulation leads to improper privilege management. The attack may be launched remotely. The exploit has been...
CVE-2017-20079 Hindu Matrimonial Script photo.php privileges management
A vulnerability classified as critical was found in Hindu Matrimonial Script. Affected by this vulnerability is an unknown functionality of the file /admin/photo.php. The manipulation leads to improper privilege management. The attack can be launched remotely. The exploit has been disclosed to th...
CVE-2017-20075 Hindu Matrimonial Script payment.php privileges management
A vulnerability was found in Hindu Matrimonial Script. It has been classified as critical. This affects an unknown part of the file /admin/payment.php. The manipulation leads to improper privilege management. It is possible to initiate the attack remotely. The exploit has been disclosed to the...
CVE-2017-20073 Hindu Matrimonial Script cms.php privileges management
A vulnerability has been found in Hindu Matrimonial Script and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/cms.php. The manipulation leads to improper privilege management. The attack can be launched remotely. The exploit has been disclose...
CVE-2017-20071 Hindu Matrimonial Script renewaldue.php privileges management
A vulnerability, which was classified as critical, has been found in Hindu Matrimonial Script. This issue affects some unknown processing of the file /admin/renewaldue.php. The manipulation leads to improper privilege management. The attack may be initiated remotely. The exploit has been disclose...
CVE-2017-20070 Hindu Matrimonial Script communitymanagement.php privileges management
A vulnerability classified as critical was found in Hindu Matrimonial Script. This vulnerability affects unknown code of the file /admin/communitymanagement.php. The manipulation leads to improper privilege management. The attack can be initiated remotely. The exploit has been disclosed to the...
CVE-2020-36549 GE Voluson S8 Windows Operating System Patches privileges management
A vulnerability classified as critical was found in GE Voluson S8. Affected is the underlying Windows XP operating system. Missing patches might introduce an excessive attack surface. Access to the local network is required for this attack to succeed...
CVE-2020-36549 GE Voluson S8 Windows Operating System Patches privileges management
A vulnerability classified as critical was found in GE Voluson S8. Affected is the underlying Windows XP operating system. Missing patches might introduce an excessive attack surface. Access to the local network is required for this attack to succeed...
CVE-2017-20028 HumHub privileges management
A vulnerability was found in HumHub 0.20.1/1.0.0-beta.3. It has been classified as critical. This affects an unknown part. The manipulation leads to privilege escalation. It is possible to initiate the attack remotely. Upgrading to version 1.0.0 is able to address this issue. It is recommended to...
CVE-2020-36542 Demokratian install3.php privileges management
A vulnerability classified as critical has been found in Demokratian. This affects an unknown part of the file install/install3.php. The manipulation leads to privilege escalation. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. It is...
The vulnerability of the Windows Event Tracing service allows attackers to escalate their privileges.
The vulnerability of the Windows Event Tracing service is related to the insecure management of privileges. Exploiting this vulnerability can allow an attacker to enhance their privileges...
The vulnerability of the Windows AppContracts API Server component of the Windows operating system, related to insecure management of privileges, allows a perpetrator to escalate their privileges.
The vulnerability of the Windows AppContracts API Server component of the operating system is related to insecure management of privileges. Exploiting this vulnerability could allow an attacker to enhance their privileges...
CVE-2021-31843
Improper privileges management vulnerability in McAfee Endpoint Security ENS Windows prior to 10.7.0 September 2021 Update allows local users to access files which they would otherwise not have access to via manipulating junction links to redirect McAfee folder operations to an unintended locatio...