CVE-2025-30369

Zulip is an open-source team collaboration tool. The API for deleting an organization custom profile field is supposed to be restricted to organization administrators, but its handler failed to check that the field belongs to the same organization as the user. Therefore, an administrator of any...

CVE-2025-30369 Zulip allows the deletion of Custom profile fields by administrators of a different organization

Zulip is an open-source team collaboration tool. The API for deleting an organization custom profile field is supposed to be restricted to organization administrators, but its handler failed to check that the field belongs to the same organization as the user. Therefore, an administrator of any...

Linux Distros Unpatched Vulnerability : CVE-2016-8669

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The serialupdateparameters function in hw/char/serial.c in QEMU aka Quick Emulator allows local guest OS administrators to cause a denial of service...

CVE-2024-57434

macrozheng mall-tiny 1.0.1 is vulnerable to Incorrect Access Control. The project imports users by default, and the test user is made a super administrator...

CVE-2022-4142

The WordPress Filter Gallery Plugin WordPress plugin before 0.1.6 does not properly escape the filters passed in the ufggalleryfilters ajax action before outputting them on the page, allowing a high privileged user such as an administrator to inject HTML or javascript to the plugin settings page,...

WEM agent not launching for administrators

No settings are going into place upon login...

CVE-2001-0290

Vulnerability in Mailman 2.0.1 and earlier allows list administrators to obtain user passwords...