CVE-2026-2311

CVE-2026-2311 affects IBM i releases 7.6, 7.5, 7.4, 7.3, and 7.2. The root cause is an invalid authorization check in the IBM i Web Administration GUI, enabling privilege escalation where a malicious actor could cause user‑controlled code to execute with administrator privileges. Impact is high (...

CVE-2026-2311 IBM i is affected by a privilege escalation vulnerability in Web Administration GUI []

IBM i 7.6, 7.5, 7.4, 7.3, and 7.2 s vulnerable to privilege escalation caused by an invalid IBM i Web Administration GUI authorization check. A malicious actor could cause user-controlled code to run with administrator privilege...

Security Bulletin: IBM i is affected by a privilege escalation vulnerability in Web Administration GUI [CVE-2026-2311]

Summary Web Administration GUI for IBM i is vulnerable to privilege escalation caused by an invalid authorization check as described in the vulnerability details section. Vulnerability Details CVEID:CVE-2026-2311 DESCRIPTION: IBM i is vulnerable to privilege escalation caused by an invalid IBM i...

EUVD-2008-5400

Malware in sbrugna...

EUVD-2008-5399

Malware in sbrugna...

EUVD-2008-4320

Malware in sbrugna...

CVE-2021-28827

CVE-2021-28827 describes a stored cross-site scripting vulnerability in the Administration GUI components of TIBCO Administrator - Enterprise Edition (including Silver Fabric distributions) and TIBCO Runtime Agent (and z/Linux variants). The issue allows an unauthenticated attacker, via social en...

CVE-2020-3229

CVE-2020-3229 affects Cisco IOS XE Web UI RBAC: an incorrect RBAC handling in the admin GUI may allow a Read-Only authenticated attacker to execute commands or configuration changes as Admin by sending a modified HTTP request. Root cause: RBAC handling flaw in the Web UI. Affected product family:...

CVE-2020-3229 Cisco IOS XE Software Web UI Privilege Escalation Vulnerability

A vulnerability in Role Based Access Control RBAC functionality of Cisco IOS XE Web Management Software could allow a Read-Only authenticated, remote attacker to execute commands or configuration changes as an Admin user. The vulnerability is due to incorrect handling of RBAC for the administrati...

CVE-2017-10400

Vulnerability in the Oracle GlassFish Server component of Oracle Fusion Middleware subcomponent: Administration Graphical User Interface. The supported version that is affected is 3.1.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise...

Improper access control

The Administration GUI in the web framework in Cisco Unified Communications Domain Manager CDM in Unified CDM Application Software before 8.1.4 does not properly implement access control, which allows remote authenticated users to modify administrative credentials via a crafted URL, aka Bug ID...

CVE-2014-2197

The Administration GUI in the web framework in Cisco Unified Communications Domain Manager CDM in Unified CDM Application Software before 8.1.4 does not properly implement access control, which allows remote authenticated users to modify administrative credentials via a crafted URL, aka Bug ID...

CVE-2014-3282

The Administration GUI in the web framework in VOSS in Cisco Unified Communications Domain Manager CDM 9.0.1 and earlier does not properly implement access control, which allows remote authenticated users to obtain sensitive number-translation information by leveraging Location Administrator...

Improper access control

The Administration GUI in the web framework in VOSS in Cisco Unified Communications Domain Manager CDM 9.0.1 and earlier does not properly implement access control, which allows remote authenticated users to obtain sensitive number-translation information by leveraging Location Administrator...

Improper access control

The Administration GUI in the web framework in VOSS in Cisco Unified Communications Domain Manager CDM 9.0.1 and earlier does not properly implement access control, which allows remote attackers to enumerate account names via a crafted URL, aka Bug IDs CSCun39631 and CSCun39643...

Improper access control

The Administration GUI in the web framework in VOSS in Cisco Unified Communications Domain Manager CDM 9.0.1 and earlier does not properly implement access control, which allows remote authenticated users to obtain sensitive user and group information by leveraging Location Administrator privileg...

CVE-2014-3282

The Administration GUI in the web framework in VOSS in Cisco Unified Communications Domain Manager CDM 9.0.1 and earlier does not properly implement access control, which allows remote authenticated users to obtain sensitive number-translation information by leveraging Location Administrator...

CVE-2014-3279

The Administration GUI in the web framework in VOSS in Cisco Unified Communications Domain Manager CDM 9.0.1 and earlier does not properly implement access control, which allows remote attackers to enumerate account names via a crafted URL, aka Bug IDs CSCun39631 and CSCun39643...

CVE-2014-3277

The Administration GUI in the web framework in VOSS in Cisco Unified Communications Domain Manager CDM 9.0.1 and earlier does not properly implement access control, which allows remote authenticated users to obtain sensitive user and group information by leveraging Location Administrator privileg...

CVE-2008-5423

Sun Sun Ray Server Software 3.x and 4.0 and Sun Ray Windows Connector 1.1 and 2.0 expose the LDAP password during a configuration step, which allows local users to discover the Sun Ray administration password, and obtain admin access to the Data Store and Administration GUI, via unspecified vecto...