CVE-2024-41932

In the Linux kernel, the following vulnerability has been resolved: sched: fix warning in schedsetaffinity Commit 8f9ea86fdf99b added some logic to schedsetaffinity that included a WARN when a per-task affinity assignment races with a cpuset update. Specifically, we can have a race where a cpuset...

CVE-2024-13251

Incorrect Privilege Assignment vulnerability in Drupal Registration role allows Privilege Escalation.This issue affects Registration role: from 0.0.0 before 2.0.1...

CVE-2024-13248

Incorrect Privilege Assignment vulnerability in Drupal Private content allows Target Influence via Framing.This issue affects Private content: from 0.0.0 before 2.1.0...

CVE-2024-13248 Private content - Moderately critical - Access bypass - SA-CONTRIB-2024-012

Incorrect Privilege Assignment vulnerability in Drupal Private content allows Target Influence via Framing.This issue affects Private content: from 0.0.0 before 2.1.0...

CVE-2024-13248 Private content - Moderately critical - Access bypass - SA-CONTRIB-2024-012

Incorrect Privilege Assignment vulnerability in Drupal Private content allows Target Influence via Framing.This issue affects Private content: from 0.0.0 before 2.1.0...

CVE-2024-13248

CVE-2024-13248 is a privilege-assignment flaw in Drupal Private content (SA-CONTRIB-2024-012). The vulnerability arises from incorrect permission handling when private content is framed, enabling target influence and an access bypass for content in versions before 2.1.0. Affected product: Drupal ...

Drupal 安全漏洞

Drupal is an open source content management system developed in the PHP language by the Drupal community. A security vulnerability exists in Drupal Registration role prior to version 2.0.1, which stems from the inclusion of a privilege assignment error vulnerability...

CVE-2024-49644

Incorrect Privilege Assignment vulnerability in AllAccessible Accessibility by AllAccessible allaccessible allows Privilege Escalation.This issue affects Accessibility by AllAccessible: from n/a through = 1.3.4...

WordPress plugin Accessibility by AllAccessible 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...

PT-2025-3243 · Wpguppy · Wpguppy

Name of the Vulnerable Software and Affected Versions: WPGuppy versions 1.1.0 and earlier Description: The issue is related to an incorrect privilege assignment in WPGuppy, allowing privilege escalation. Recommendations: For versions 1.1.0 and earlier, update to a version that fixes the incorrect...

CVE-2024-47475

Dell PowerScale OneFS 8.2.2.x through 9.8.0.x contains an incorrect permission assignment for critical resource vulnerability. A locally authenticated attacker could potentially exploit this vulnerability, leading to denial of service...

CVE-2024-47475

Dell PowerScale OneFS 8.2.2.x through 9.8.0.x contains an incorrect permission assignment for critical resource vulnerability. A locally authenticated attacker could potentially exploit this vulnerability, leading to denial of service...

CVE-2024-47475

Dell PowerScale OneFS 8.2.2.x through 9.8.0.x contains an incorrect permission assignment for critical resource vulnerability. A locally authenticated attacker could potentially exploit this vulnerability, leading to denial of service...

CVE-2024-47475

Dell PowerScale OneFS 8.2.2.x through 9.8.0.x contains an incorrect permission assignment for critical resource vulnerability. A locally authenticated attacker could potentially exploit this vulnerability, leading to denial of service...

CVE-2024-47475

CVE-2024-47475 affects Dell PowerScale OneFS 8.2.2.x through 9.8.0.x due to an incorrect permission assignment for a critical resource. A locally authenticated attacker could exploit this to cause a denial of service. Public sources consistently describe the issue as a local-privilege/vulnerabili...

The vulnerability of the Kubernetes cluster management system for running cloud applications across multiple Karmada clusters, related to incorrect privilege assignment, allows a hacker to elevate their privileges.

The vulnerability of the Kubernetes cluster management system for running cloud applications across multiple Karmada clusters is related to the improper assignment of privileges. Exploiting this vulnerability can allow a malicious actor to enhance their privileges remotely...

CVE-2024-11716

While assignment of a user to a team bracket in CTFd should be possible only once, at the registration, a flaw in logic implementation allows an authenticated user to reset it's bracket and then pick a new one, joining another team while a competition is already ongoing. This issue impacts releas...

CVE-2024-11716

While assignment of a user to a team bracket in CTFd should be possible only once, at the registration, a flaw in logic implementation allows an authenticated user to reset it's bracket and then pick a new one, joining another team while a competition is already ongoing. This issue impacts releas...

PT-2025-30791

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the DisplayPort Alt Mode functionality within the Linux kernel. A maliciously crafted port partner can report pin assignment capabilities exceeding the defined maximum...

CVE-2024-55955

An incorrect permissions assignment vulnerability in Trend Micro Deep Security 20.0 agents between versions 20.0.1-9400 and 20.0.1-23340 could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged...