PT-2025-38076

Name of the Vulnerable Software and Affected Versions Ilevia EVE X1/X5 Server versions prior to 4.7.18.0.eden Description The Ilevia EVE X1/X5 Server authentication mechanism has a flaw where unsanitized input is passed to a system call during authentication. This allows attackers to inject speci...

CVE-2023-0963

A vulnerability was found in SourceCodester Music Gallery Site 1.0. It has been rated as critical. This issue affects some unknown processing of the file Users.php of the component POST Request Handler. The manipulation leads to improper access controls. The attack may be initiated remotely. The...

The vulnerability of the Login module in Drupal CMS systems, related to deficiencies in authentication procedures, allows attackers to bypass existing security restrictions.

The vulnerability of the Login module in Drupal CMS systems is related to deficiencies in authentication procedures. Exploiting this vulnerability allows attackers to bypass existing security restrictions remotely...

PT-2024-10092 · Drupal · Drupal +1

Name of the Vulnerable Software and Affected Versions: Drupal Pages Restriction Access versions 2.0.0 through 2.0.2 Description: The issue is related to an incorrect authorization mechanism in the Pages Restriction Access module of the Drupal CMS system. This allows a remote attacker to bypass...

The vulnerability of the Apache Hadoop distributed development and execution platform, related to the improper assignment of permissions for files, allows a hacker to circumvent access restrictions on files.

The vulnerability of the Apache Hadoop distributed development and execution platform is related to the improper assignment of permissions for files. Exploiting this vulnerability allows a malicious actor to circumvent restrictions on file access remotely...

PT-2023-3121 · Microsoft · Windows Smb Witness Service +1

Name of the Vulnerable Software and Affected Versions: Windows SMB Witness Service affected versions not specified Description: The issue is related to errors in security settings, allowing a remote attacker to bypass access checks to RPC procedures using a specially crafted script. This can affe...

SUSE CVE-2011-5063

The HTTP Digest Access Authentication implementation in Apache Tomcat 5.5.x before 5.5.34, 6.x before 6.0.33, and 7.x before 7.0.12 does not check realm values, which might allow remote attackers to bypass intended access restrictions by leveraging the availability of a protection space with weak...

CVE-2021-29215

A potential security vulnerability in HPE Ezmeral Data Fabric that may allow a remote access restriction bypass in the TEZ MapR ecosystem component was discovered in versions: Prior to Tez-0.8: mapr-tez-0.8.201907081100-1.noarch; prior to Tez-0.9: mapr-tez-0.9.201907090334-1.noarch; prior to...

HPE Ezmeral Data Fabric 安全漏洞

Hpe Ezmeral Data Fabric is a data fabric from Hewlett-Packard Hpe in the United States that combines S3 native objects, files, streams, and databases into a single scalable data platform. A security vulnerability exists in the HPE Ezmeral Data Fabric that could allow bypassing remote access...

CVE-2019-11653

Remote Access Control Bypass in Micro Focus Content Manager. versions 9.1, 9.2, 9.3. The vulnerability could be exploited to manipulate data stored during another user’s CheckIn request...

CVE-2017-17434

The daemon in rsync 3.1.2, and 3.1.3-development before 2017-12-03, does not check for fnamecmp filenames in the daemonfilterlist data structure in the recvfiles function in receiver.c and also does not apply the sanitizepaths protection mechanism to pathnames found in "xname follows" strings in...

rsync access restriction bypass vulnerability (CNVD-2018-00212)

rsync is a data mirroring backup application for Unix-like systems developed by Australian software developers Andrew Tridgell and Paul Mackerras that synchronizes file and directory updates between two computers and uses differential encoding to reduce data transfers. A security vulnerability in...

Multiple SUSE Products SuSEfirewall2 Package Security Bypass Vulnerability

SUSE Linux Enterprise SLE Desktop and others are products of SUSE Corporation, U.S.A. SUSE Linux Enterprise SLE Desktop is an enterprise Linux desktop edition system.SLE Server is a server edition Linux system. SuSEfirewall2 package is one of the packages with network data filtering. A security...

CVE-2016-3012

IBM API Connect aka APIConnect before 5.0.3.0 with NPM before 2.2.8 includes certain internal server credentials in the software package, which might allow remote attackers to bypass intended access restrictions by leveraging knowledge of these credentials...

CVE-2016-3985

The Terminal Services Remote Desktop Protocol RDP client session restrictions feature in Pulse Connect Secure aka PCS 8.1R7 and 8.2R1 allow remote authenticated users to bypass intended access restrictions via unspecified vectors...

Apple OS X Server Access Restriction Bypass Vulnerability

Apple OS X Server is a UNIX server operating tool. An access restriction bypass vulnerability exists in Apple OS X Server. A remote attacker could exploit this vulnerability to bypass targeted access restrictions...

The vulnerability of Adobe Acrobat DC, a PDF editing software, allows a hacker to circumvent existing access restrictions.

The vulnerability of the Adobe Acrobat DC PDF editing program is related to lack of access control mechanisms. Exploiting this vulnerability could allow a malicious actor to circumvent existing access restrictions remotely...

The vulnerability of the Acrobat text viewing program allows a violator to circumvent access restrictions.

The vulnerability of the Acrobat text viewing program arises when using the JavaScript API, and it could allow a malicious actor to circumvent current access control regulations remotely...

DEBIAN-CVE-2011-2166

script-login in Dovecot 2.0.x before 2.0.13 does not follow the user and group configuration settings, which might allow remote authenticated users to bypass intended access restrictions by leveraging a script...

PT-2006-3507 · Edimax · Edimax Br-6104K

Name of the Vulnerable Software and Affected Versions: Edimax BR-6104K router affected versions not specified Description: The issue allows remote attackers to bypass access restrictions and conduct unauthorized operations. This is achieved via a UPnP request with a modified InternalClient...