CVE-2025-31877 WordPress RestroPress plugin <= 3.2.8 - Broken Access Control vulnerability

Missing Authorization vulnerability in Magnigenie RestroPress restropress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects RestroPress: from n/a through = 3.2.8...

Privilege escalation

The SD-WAN Orchestrator 3.3.2 prior to 3.3.2 P3 and 3.4.x prior to 3.4.4 allows an access to set arbitrary authorization levels leading to a privilege escalation issue. An authenticated SD-WAN Orchestrator user may exploit an application weakness and call a vulnerable API to elevate their...

Vmware VMWare SD-WAN Orchestrator Authorization Issues Vulnerability

Vmware VMWare SD-WAN Orchestrator is a software from Vmware that orchestrates network data flows in a software-defined network architecture. The software provides Web pages to visually manage users, gateways, and authentication. An authorization issue vulnerability exists in VMware SD-WAN...

IDOR can reveal execution data and logs to unauthorized user in Rundeck

Impact Authenticated users can craft a request that reveals Execution data and logs and Job details that they are not authorized to see. Depending on the configuration and the way that Rundeck is used, this could result in anything between a high severity risk, or a very low risk. If access is...

Stulz GmbH Stulz WIB 8000 弱口令

该WEB接口存在3个无需用户名的默认密码且具有不同程度的控制权限。 1. ganymed -- 最高控制权限，管理员权限 2. kallisto -- 中级控制权限， 具有读写权限，仅有信息和操作级别的权限。 3. europa -- 低级别权限，只有读权限，仅有信息和操作级别的权限。 弱口令： ganymed – highest authorization, administrator kallisto – medium authorization, read and write, only levels “Info” and “Operate” europa – lowest...

Oracle Solaris Critical Patch Update : july2013_SRU5_5

This Solaris system is missing necessary patches to address critical security updates : - Vulnerability in the Solaris component of Oracle and Sun Systems Products Suite subcomponent: SMF/File Locking Services. Supported versions that are affected are 8, 9, 10 and 11. Easily exploitable...

Oracle Database 10 g - XML DB xdb.xdb_pitrig_pkg Package PITRIG_TRUNCATE Function Overflow

source: https://www.securityfocus.com/bid/27229/info Oracle has released its critical patch update for January 2008. The advisory addresses 26 vulnerabilities affecting Oracle Database, Oracle Application Server, Oracle Collaboration Suite, Oracle E-Business Suite, Oracle Enterprise Manager, and...

Oracle Database - SQL Compiler Views Unauthorized Manipulation

Oracle Database - SQL Compiler Views Unauthorized Manipulation source: https://www.securityfocus.com/bid/24887/info Oracle has released a Critical Patch Update advisory for July 2007 to address multiple vulnerabilities for supported releases. Earlier unsupported releases are likely to be affected...

Oracle January 2007 Security Update - Multiple Vulnerabilities

source: https://www.securityfocus.com/bid/22083/info Oracle has released a Critical Patch Update advisory for January 2007 to address these vulnerabilities for supported releases. Earlier unsupported releases are likely to be affected by these issues as well. The issues identified by the vendor...