CVE-2016-10852

cPanel before 11.54.0.4 lacks ACL enforcement in the AppConfig subsystem SEC-85...

EUVD-2005-1348

Malware in sbrugna...

EUVD-2007-5546

Malware in sbrugna...

EUVD-2021-1487

Malware in sbrugna...

EUVD-2022-4378

Malicious code in bioql PyPI...

EUVD-2024-1140

Malicious code in bioql PyPI...

PT-2024-30818 · Unknown · Memberpress

Name of the Vulnerable Software and Affected Versions: Memberpress versions 1.11.34 and earlier Description: The issue is related to a Missing Authorization vulnerability, which allows accessing functionality not properly constrained by ACLs. Recommendations: For versions 1.11.34 and earlier,...

PT-2024-30493 · Unknown · Plugin Notes Plus

Name of the Vulnerable Software and Affected Versions: Plugin Notes Plus versions 1.2.7 and earlier Description: The issue is related to a Missing Authorization vulnerability, which allows accessing functionality not properly constrained by ACLs. Recommendations: For Plugin Notes Plus versions...

BIT-KAFKA-2024-27309

While an Apache Kafka cluster is being migrated from ZooKeeper mode to KRaft mode, in some cases ACLs will not be correctly enforced.Two preconditions are needed to trigger the bug:1. The administrator decides to remove an ACL2. The resource associated with the removed ACL continues to have two o...

CVE-2024-27309

While an Apache Kafka cluster is being migrated from ZooKeeper mode to KRaft mode, in some cases ACLs will not be correctly enforced. Two preconditions are needed to trigger the bug: 1. The administrator decides to remove an ACL 2. The resource associated with the removed ACL continues to have tw...

GHSA-WC8W-GH5M-62FV MoinMoin Access Restrictions Bypassed due to improper ACL enforcement

MoinMoin 1.6.2 and 1.7 does not properly enforce ACL checks when aclhierarchic is set to True, which might allow remote attackers to bypass intended access restrictions, a different vulnerability than CVE-2008-1937...

MoinMoin Improper Access Control

macroGetval in wikimacro.py in MoinMoin 1.5.8 and earlier does not properly enforce ACLs, which allows remote attackers to read protected pages. The issue has been fixed on 4a7de0173734...

CVE-2020-14196

In PowerDNS Recursor versions up to and including 4.3.1, 4.2.2 and 4.1.16, the ACL restricting access to the internal web server is not properly enforced...

Design/Logic Flaw

cPanel before 11.54.0.4 lacks ACL enforcement in the AppConfig subsystem SEC-85...

CVE-2016-10852

cPanel before 11.54.0.4 lacks ACL enforcement in the AppConfig subsystem SEC-85...

CVE-2016-10852

cPanel versions prior to 11.54.0.4 are affected by a lack of ACL enforcement in the AppConfig subsystem (SEC-85). Red Hat and NVD references confirm the issue, affecting cPanel’s AppConfig handling; no explicit exploit details or fix version are provided in the connected documents. The reports de...

Scientific Linux Security Update : pacemaker on SL6.x i386/x86_64 (20150722)

A flaw was found in the way pacemaker, a cluster resource manager, evaluated added nodes in certain situations. A user with read-only access could potentially assign any other existing roles to themselves and then add privileges to other users as well. CVE-2015-1867 This update also fixes the...

CVE-2012-4430

The dumpresource function in dird/dirdconf.c in Bacula before 5.2.11 does not properly enforce ACL rules, which allows remote authenticated users to obtain resource dump information via unspecified vectors...

[SECURITY] [DSA 2558-1] bacula security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2558-1 [email protected] http://www.debian.org/security/ Raphael Geissert October 08, 2012 http://www.debian.org/security/faq -...

CVE-2012-4737

channels/chaniax2.c in Asterisk Open Source 1.8.x before 1.8.15.1 and 10.x before 10.7.1, Certified Asterisk 1.8.11 before 1.8.11-cert7, Asterisk Digiumphones 10.x.x-digiumphones before 10.7.1-digiumphones, and Asterisk Business Edition C.3.x before C.3.7.6 does not enforce ACL rules during certa...