CVE-2024-54383

Incorrect Privilege Assignment vulnerability in wpweb WooCommerce PDF Vouchers woocommerce-pdf-vouchers allows Privilege Escalation.This issue affects WooCommerce PDF Vouchers: from n/a through 4.9.9...

CVE-2024-54229

Incorrect Privilege Assignment vulnerability in straightvisions GmbH SV100 Companion sv100-companion allows Privilege Escalation.This issue affects SV100 Companion: from n/a through = 2.0.02...

CVE-2024-54365

CVE-2024-54365: KH Easy User Settings suffers an Authenticated Privilege Escalation (Authenticated Subscriber+) caused by Incorrect Privilege Assignment, affecting KH Easy User Settings up to version 1.0.0. CVSS v3.1 base score 8.8 (HIGH); impacts: confidentiality, integrity, and availability. Af...

PT-2024-36107 · Unknown · Sv100 Companion

Name of the Vulnerable Software and Affected Versions: SV100 Companion versions n/a through 2.0.02 Description: The issue is related to an Incorrect Privilege Assignment, which allows Privilege Escalation. This can lead to unauthorized access and control. Recommendations: For versions n/a through...

WordPress plugin SV100 Companion 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

PT-2024-36251 · Unknown · Halim Kh Easy User Settings

Name of the Vulnerable Software and Affected Versions: Halim KH Easy User Settings versions n/a through 1.0.0 Description: The issue is related to an Incorrect Privilege Assignment, which allows Privilege Escalation. Recommendations: For Halim KH Easy User Settings versions n/a through 1.0.0, at...

The vulnerability of the I-O Data Device UD-LT1 and UD-LT1/EX router microprogramming software lies in the improper assignment of permissions for critical resources, allowing a perpetrator to gain unauthorized access to protected information.

The vulnerability of the I-O Data Device UD-LT1 and UD-LT1/EX router microprogramming software is related to the improper assignment of permissions for critical resources. Exploiting this vulnerability can allow an attacker operating remotely to gain unauthorized access to protected information...

CVE-2024-54293

Incorrect Privilege Assignment vulnerability in CE21 CE21 Suite ce21-suite allows Privilege Escalation.This issue affects CE21 Suite: from n/a through = 2.2.0...

CVE-2024-54293

CVE-2024-54293 is an authenticated-privilege-escalation issue reported in the CE21 Suite (CE21 CE21 Suite) affecting versions from n/a up to 2.2.0. The vulnerability allows privilege escalation without authentication. The CVSS score in the initial report is 9.8 (Network, High confidentiality/inte...

PT-2024-36174 · Unknown · Ce21 Suite

Name of the Vulnerable Software and Affected Versions: CE21 Suite versions n/a through 2.2.0 Description: The issue is related to an Incorrect Privilege Assignment vulnerability, which allows Privilege Escalation in CE21 Suite. Recommendations: For versions n/a through 2.2.0, at the moment, there...

WordPress plugin CE21 Suite 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

Important: postgresql15

Issue Overview: Incomplete tracking in PostgreSQL of tables with row security allows a reused query to view or change different rows from those intended. CVE-2023-2455 and CVE-2016-2193 fixed most interaction between row security and user ID changes. They missed cases where a subquery, WITH query...

Important: postgresql16

Issue Overview: Incomplete tracking in PostgreSQL of tables with row security allows a reused query to view or change different rows from those intended. CVE-2023-2455 and CVE-2016-2193 fixed most interaction between row security and user ID changes. They missed cases where a subquery, WITH query...

G DATA Total Security Incorrect Permission Assignment Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of G DATA Total Security. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling o...

The vulnerability of the i40e component in the Linux operating system allows a hacker to trigger a service failure.

The vulnerability of the i40e component in the Linux operating system is related to the assignment of the NULL pointer. Exploiting this vulnerability can allow an attacker to cause a service failure...

CVE-2024-8256 Incorrect Permission Assignment in RutOS based routers and TSWOS based managed switches

In Teltonika Networks RUTOS devices, running on versions 7.0 to 7.8 excluding and TSWOS devices running on versions 1.0 to 1.3 excluding, due to incorrect permission handling a vulnerability exists which allows a lower privileged user with default permissions to access critical device resources v...

CVE-2024-45841

Incorrect permission assignment for critical resource issue exists in UD-LT1 firmware Ver.2.1.9 and earlier and UD-LT1/EX firmware Ver.2.1.9 and earlier. If an attacker with the guest account of the affected products accesses a specific file, the information containing credentials may be obtained...

CVE-2024-45841

Incorrect permission assignment for critical resource issue exists in UD-LT1 firmware Ver.2.1.9 and earlier and UD-LT1/EX firmware Ver.2.1.9 and earlier. If an attacker with the guest account of the affected products accesses a specific file, the information containing credentials may be obtained...

CVE-2024-45841

CVE-2024-45841 affects I-O DATA UD-LT1 and UD-LT1/EX routers. The issue is an incorrect permission assignment for a critical resource (CWE-732) that lets a user with a guest account read sensitive files, including credentials. JVN/CVE records and vendor notices confirm this vulnerability and indi...

CVE-2024-45841

Incorrect permission assignment for critical resource issue exists in UD-LT1 firmware Ver.2.1.9 and earlier and UD-LT1/EX firmware Ver.2.1.9 and earlier. If an attacker with the guest account of the affected products accesses a specific file, the information containing credentials may be obtained...