EUVD-2026-30049

The Claude Desktop app gives you Claude Code with a graphical interface built for running multiple sessions side by side. Prior to 1.3834.0, the CoworkVMService component in Claude Desktop for Windows ran as SYSTEM and did not validate whether the VM bundle directory was a real directory or an NT...

IBM Aspera Shares 安全漏洞

IBM Aspera Shares is an enterprise-class file sharing and collaboration platform that provides a Web user interface and content management capabilities. A stored cross-site scripting vulnerability exists in IBM Aspera Shares. The vulnerability occurs due to a failure of the system to effectively...

CVE-2026-1232

A medium-severity vulnerability has been identified in BeyondTrust Privilege Management for Windows versions =25.7. Under certain conditions, a local authenticated user with elevated privileges may be able to bypass the product’s anti-tamper protections, which could allow access to protected...

EUVD-2026-5113

A medium-severity vulnerability has been identified in BeyondTrust Privilege Management for Windows versions =25.7. Under certain conditions, a local authenticated user with elevated privileges may be able to bypass the product’s anti-tamper protections, which could allow access to protected...

CVE-2026-1232 Anti-Tamper Bypass in BeyondTrust Privilege Management for Windows

A medium-severity vulnerability has been identified in BeyondTrust Privilege Management for Windows versions =25.7. Under certain conditions, a local authenticated user with elevated privileges may be able to bypass the product’s anti-tamper protections, which could allow access to protected...

CVE-2026-1232 Anti-Tamper Bypass in BeyondTrust Privilege Management for Windows

A medium-severity vulnerability has been identified in BeyondTrust Privilege Management for Windows versions =25.7. Under certain conditions, a local authenticated user with elevated privileges may be able to bypass the product’s anti-tamper protections, which could allow access to protected...

Private Internet Access 代码问题漏洞

Private Internet Access PIA is a VPN software from Private Internet Access, Inc. A code issue vulnerability exists in Private Internet Access PIA version 3.3, which stems from the presence of unquoted paths in the service configuration that could lead to the execution of arbitrary code by a local...

CVE-2024-2659

A command injection vulnerability was identified in SMM/SMM2 and FPC that could allow an authenticated user with elevated privileges to execute system commands when performing a specific administrative function...

CVE-2025-46364

Dell CloudLink, versions prior to 8.1.1, contain a vulnerability where a privileged user with known password can run CLI Escape Vulnerability to gain control of system...

EUVD-2019-2434

Malware in sbrugna...

EUVD-2018-3491

Malware in sbrugna...

EUVD-2023-31598

Malicious code in bioql PyPI...

EUVD-2025-24681

Malicious code in bioql PyPI...

EUVD-2023-54695

Malicious code in bioql PyPI...

CVE-2025-48860

A vulnerability in the web application of the ctrlX OS setup mechanism facilitated an authenticated low privileged attacker to gain remote access to backup archives created by a user with elevated permissions. Depending on the content of the backup archive, the attacker may have been able to acce...

CVE-2025-2503

Vulnerability scope: Lenovo PC Manager contains an improper permission handling vulnerability that could allow a local attacker to perform arbitrary file deletions as an elevated user. The issue is local in scope with low attack complexity and requires low privileges, and it impacts integrity and...

Incorrect Authorization

Overview org.wso2.is:identity-server-parent is an open source Identity and Access Management solution federating and managing identities across both enterprise and cloud service environments. Affected versions of this package are vulnerable to Incorrect Authorization due to a business logic flaw ...

CVE-2023-27863

IBM Spectrum Protect Plus Server 10.1.13, under specific configurations, could allow an elevated user to obtain SMB credentials that may be used to access vSnap data stores. IBM X-Force ID: 249325...

CVE-2021-23012

On BIG-IP versions 16.0.x before 16.0.1.1, 15.1.x before 15.1.3, 14.1.x before 14.1.4, and 13.1.x before 13.1.4, lack of input validation for items used in the system support functionality may allow users granted either "Resource Administrator" or "Administrator" roles to execute arbitrary bash...

Inedo ProGet 安全漏洞

Inedo ProGet is a package management system from Inedo. A security vulnerability exists in Inedo ProGet versions prior to 2.17.5, which stems from the possibility that device activation data could be downloaded as a CSV file by an elevated privileged user and cause damage to the PC, allowing an...