6 matches found
EUVD-2026-38465
NanoClaw before 2.1.17 contains a privilege escalation vulnerability in the createagent delivery-action handler that performs privileged central-database writes without host-side authorization checks. Confined agent containers can invoke createagent to create arbitrary agent groups, container...
EUVD-2015-8668
Malware in sbrugna...
Improper Authorization lead a user add an arbitrary agent into Team
Description A Vulnerability in edit team function lead an user add another user via ID to Team, alternatively know the email of every user in Chatwoot Step to reproduce - login to the app -navigate to the Team setting: https://app.chatwoot.com/app/accounts/id/settings/teams/list -Create new or ed...
Wacom driver elevation of privilege vulnerability
Wacom driver is a driver for connecting and managing platform computers. An input validation error vulnerability exists in the 'startLaunchDProcess' and 'stopLaunchDProcess' functions in the Wacom driver. The vulnerability stems from the network system or product not properly validating input dat...
Directory traversal
Directory traversal vulnerability in the Management Server in Symantec Embedded Security: Critical System Protection SES:CSP 1.0.x before 1.0 MP5, Embedded Security: Critical System Protection for Controllers and Devices SES:CSP 6.5.0 before MP1, Critical System Protection SCSP before 5.2.9 MP6,...
rhpki-ra: improper authorization checks in Cerificate System's Registration Authority
agent/request/op.cgi in the Registration Authority RA component in Red Hat Certificate System RHCS 7.3 and Dogtag Certificate System allows remote authenticated users to approve certificate requests queued for arbitrary agent groups via a modified request ID field...