CVE-2025-64634

Missing Authorization vulnerability in ThemeFusion Avada avada allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Avada: from n/a through = 7.13.2...

CVE-2025-57983 WordPress BP Disable Activation Reloaded Plugin <= 1.2.1 - Cross Site Request Forgery (CSRF) Vulnerability

Cross-Site Request Forgery CSRF vulnerability in Damian BP Disable Activation Reloaded bp-disable-activation-reloaded allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects BP Disable Activation Reloaded: from n/a through = 1.2.1...

Code injection

SafeNet Authentication Service Windows Logon Agent uses a weak ACL for unspecified installation directories and executable modules, which allows local users to gain privileges by modifying an executable module, a different vulnerability than CVE-2015-7965...

CVE-2016-10072

WampServer 3.0.6 has two files called 'wampmanager.exe' and 'unins000.exe' with a weak ACL for Modify. This could potentially allow an authorized but non-privileged local user to execute arbitrary code with elevated privileges on the system. To properly exploit this vulnerability, the local...

Code injection

Lenovo Fingerprint Manager before 8.01.57 and Touch Fingerprint before 1.00.08 use weak ACLs for unspecified 1 services and 2 files, which allows local users to gain privileges by invalidating local checks...

CVE-2009-0080

The ThreadPool class in Windows Vista Gold and SP1, and Server 2008, does not properly implement isolation among a set of distinct processes that 1 all run under the NetworkService account or 2 all run under the LocalService account, which allows local users to gain privileges by leveraging...

rPSA-2007-0161-1 dovecot

rPath Security Advisory: 2007-0161-1 Published: 2007-08-14 Products: rPath Linux 1 Rating: Minor Exposure Level Classification: Remote User Deterministic Privilege Escalation Updated Versions: dovecot=/conary.rpath.com@rpl:devel//1/1.0.3-0.1-1 References: https://vulners.com/cve/CVE-2007-4211...