3945 matches found
CVE-2025-31420
Incorrect Privilege Assignment vulnerability in Tomdever wpForo Forum wpforo allows Privilege Escalation.This issue affects wpForo Forum: from n/a through = 2.4.2...
CVE-2025-2075
The Uncanny Automator – Easy Automation, Integration, Webhooks & Workflow Builder Plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 6.3.0.2. This is due to addrole and userrole functions missing proper capability checks performed through the...
CVE-2025-31420 WordPress wpForo Forum plugin <= 2.4.2 - Privilege Escalation vulnerability
Incorrect Privilege Assignment vulnerability in Tomdever wpForo Forum wpforo allows Privilege Escalation.This issue affects wpForo Forum: from n/a through = 2.4.2...
CVE-2025-2075 Uncanny Automator <= 6.3.0.2 - Missing Authorization to Authenticated (Subscriber+) Privilege Escalation
The Uncanny Automator – Easy Automation, Integration, Webhooks & Workflow Builder Plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 6.3.0.2. This is due to addrole and userrole functions missing proper capability checks performed through the...
WordPress plugin wpForo Forum 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...
PHP 安全漏洞
PHP is a scripting language for PHP that is executed server-side. A security vulnerability exists in PHP versions prior to 8.3.19 and prior to 8.4.5, which stems from a code sequence involving the set handler or the ??? = operators and exceptions in a code sequence could lead to a post-release...
CVE-2025-31560
Incorrect Privilege Assignment vulnerability in Dimitri Grassi Salon booking system salon-booking-system allows Privilege Escalation.This issue affects Salon booking system: from n/a through 10.15...
CVE-2025-31560
Incorrect Privilege Assignment vulnerability in Dimitri Grassi Salon booking system allows Privilege Escalation. This issue affects Salon booking system: from n/a through 10.11...
Incorrect Privilege Assignment
Overview Affected versions of this package are vulnerable to Incorrect Privilege Assignment that allows a Restricted Administrator user to change the password of an Administrator account and escalate privileges by taking over the Administrator account. Workaround This vulnerability can be avoided...
PT-2025-14426 · Unknown · Dimitri Grassi Salon Booking System
Name of the Vulnerable Software and Affected Versions: Dimitri Grassi Salon booking system versions from n/a through 10.11 Description: The issue is related to an Incorrect Privilege Assignment vulnerability, which allows Privilege Escalation in the Dimitri Grassi Salon booking system...
PT-2025-14372 · Rancher · Rancher
Name of the Vulnerable Software and Affected Versions: Rancher versions 2.8.0 through 2.8.13 Rancher versions 2.9.0 through 2.9.7 Rancher versions 2.10.0 through 2.10.3 Description: A vulnerability in SUSE Rancher allows a Restricted Administrator to change the password of Administrators and take...
Incorrect Privilege Assignment
Overview Affected versions of this package are vulnerable to Incorrect Privilege Assignment in the runsc process, which has "root-like" permissions. An attacker can expose files on the underlying filesystem by escalating privileges before a project is forked. Remediation Upgrade...
Incorrect Privilege Assignment
Overview Affected versions of this package are vulnerable to Incorrect Privilege Assignment in the runsc process, which has "root-like" permissions. An attacker can expose files on the underlying filesystem by escalating privileges before a project is forked. Remediation Upgrade...
CVE-2024-10209
An Incorrect Permission Assignment for Critical Resource vulnerability in the file system used in B APROL 4.4-01 may allow an authenticated local attacker to read and alter the configuration of another engineering or runtime user...
The vulnerability of Nomad application orchestrators, related to incorrect privilege assignment, allows attackers to gain access to confidential information.
The vulnerability of Nomad application orchestrators is related to the improper assignment of privileges. Exploiting this vulnerability can allow an attacker, operating remotely, to gain access to confidential information...
The vulnerability of the cs35l41_hda_unbind() function in the ALSA kernel component of the Linux operating system allows a hacker to cause a service failure.
The vulnerability of the cs35l41hdaunbind function in the ALSA kernel component of the Linux operating system is related to the assignment of the NULL pointer. Exploiting this vulnerability could allow an attacker to cause a service failure...
Security Bulletin: IBM QRadar SIEM contains multiple vulnerabilities
Summary IBM QRadar SIEM includes vulnerable components e.g., framework libraries that could be identified and exploited with automated tools. These have been addressed in the update. Vulnerability Details CVEID:CVE-2024-10977 DESCRIPTION: PostgreSQL could provide weaker than expected security,...
Security Bulletin: IBM Robotic Process Automation is vulnerable to incorrect permission assignment
Summary IBM Robotic Process Automation is vulnerable to incorrect permission assignment which could allow access to application configurations. Vulnerability Details CVEID:CVE-2022-43574 DESCRIPTION: IBM Robotic Process Automation is vulnerable to incorrect permission assignment which could allow...
The vulnerability of the Lite UI user interface library used in Apache ShardingSphere ElasticJob-UI for task scheduling arises from an internal index assignment error. This error allows attackers to gain unauthorized access to protected information.
The vulnerability of the Lite UI user interface library used in the Apache ShardingSphere ElasticJob-UI task scheduling software is related to an error in the assignment of the internal interface index. Exploiting this vulnerability could allow an attacker to gain unauthorized access to protected...
CVE-2024-10209
An Incorrect Permission Assignment for Critical Resource vulnerability in the file system used in B&R APROL 4.4-01 may allow an authenticated local attacker to read and alter the configuration of another engineering or runtime user...