ROS-20250829-06

Vault Enterprise and Vault Community Edition enterprise data archiving platforms have a vulnerability due to incorrect privilege assignment. Edition is related to incorrect privilege assignment. Exploitation of the vulnerability could allow an attacker acting remotely to escalate privileges to ro...

CVE-2025-48348

Incorrect Privilege Assignment vulnerability in chandrashekharsahu Site Offline site-offline allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Site Offline: from n/a through = 1.5.7...

CVE-2025-49388

CVE-2025-49388 affects WordPress Miraculous Core Plugin up to version 2.0.7, where an Incorrect Privilege Assignment allows Privilege Escalation. The CVE details indicate the vulnerability originates from the plugin’s privilege assignment logic, impacting all affected builds (n/a–2.0.7) with high...

WordPress plugin Miraculous Core Plugin 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

JetBrains IDE Services 安全漏洞

JetBrains IDE Services is a software from the Czech company JetBrains for managing JetBrains' development tools and AI features. A security vulnerability exists in JetBrains IDE Services versions prior to 2025.5.0.1086 and prior to 2025.4.2.2164, which stems from an improper assignment of...

PT-2025-35036

Name of the Vulnerable Software and Affected Versions: Miraculous Core Plugin versions through 2.0.7 Description: An incorrect privilege assignment exists in the Miraculous Core Plugin, allowing for privilege escalation. Recommendations: Update Miraculous Core Plugin to a version later than 2.0.7...

PT-2025-35017

Name of the Vulnerable Software and Affected Versions: chandrashekharsahu Site Offline versions n/a through 1.5.7 Description: An incorrect privilege assignment exists in Site Offline, allowing exploitation of incorrectly configured access control security levels. Recommendations: Update Site...

ROS-20250828-06

A vulnerability in the Verify component of the Go programming language is related to incorrect assignment of permissions for a critical resource. a critical resource. Exploitation of the vulnerability could allow a remote attacker to bypass existing security restrictions. existing security...

CVE-2025-43729

Dell ThinOS 10 is affected by an Elevation of Privileges vulnerability due to Incorrect Permission Assignment for a Critical Resource. Affected versions are prior to 2508_10.0127. Local, low-privilege attackers could exploit this to gain unauthorized access. The issue is mitigated by upgrading De...

CVE-2025-43729

Dell ThinOS 10, versions prior to 250810.0127, contains an Incorrect Permission Assignment for Critical Resource vulnerability. A local low-privileged attacker could potentially exploit this vulnerability leading to Elevation of Privileges and Unauthorized Access...

CVE-2025-43729

Dell ThinOS 10, versions prior to 250810.0127, contains an Incorrect Permission Assignment for Critical Resource vulnerability. A local low-privileged attacker could potentially exploit this vulnerability leading to Elevation of Privileges and Unauthorized Access...

DELL iDRAC Service Module Code Execution Vulnerability

The DELL iDRAC Service Module is a lightweight software service on Dell servers that is primarily used to enhance the functionality of iDRAC Integrated Dell Remote Control Card and improve server management efficiency by consolidating operating system information. A code execution vulnerability...

PT-2025-34867

Name of the Vulnerable Software and Affected Versions: Dell ThinOS versions prior to 2508 10.0127 Description: Dell ThinOS 10 contains an Incorrect Permission Assignment for Critical Resource. A local low-privileged attacker could potentially exploit this issue, leading to Elevation of Privileges...

ROS-20250826-05

A vulnerability in the DBI module of the Perl DBI database interface is related to improper assignment of permissions to a a critical resource. Exploitation of the vulnerability allows an attacker to gain access to sensitive data, as well as cause a denial of service...

Incorrect Permission Assignment for Critical Resource

Overview Affected versions of this package are vulnerable to Incorrect Permission Assignment for Critical Resource via storeAddContentPortletPreferences. An attacker can enumerate all tenants of a virtual instance by adding pages outside the default or main virtual instance and creating a list of...

CVE-2025-54735

Incorrect Privilege Assignment vulnerability in Imran Tauqeer CubeWP cubewp-framework allows Privilege Escalation.This issue affects CubeWP: from n/a through = 1.1.24...

CVE-2025-48165

Incorrect Privilege Assignment vulnerability in DELUCKS DELUCKS SEO delucks-seo allows Privilege Escalation.This issue affects DELUCKS SEO: from n/a through = 2.6.0...

CVE-2025-48142

Incorrect Privilege Assignment vulnerability in Saad Iqbal Bookify bookify allows Privilege Escalation.This issue affects Bookify: from n/a through = 1.0.9...

CVE-2025-53580

Incorrect Privilege Assignment vulnerability in quantumcloud Simple Business Directory Pro simple-business-directory-pro allows Privilege Escalation.This issue affects Simple Business Directory Pro: from n/a through 15.6.9...

CVE-2025-48164

Incorrect Privilege Assignment vulnerability in Brainstorm Force SureDash suredash allows Privilege Escalation.This issue affects SureDash: from n/a through = 1.0.3...