EUVD-2026-31460

Improper access control in the entry activity log feature in Devolutions Server allows an authenticated user with access to an entry but without the required permission to retrieve that entry's activity logs via a crafted API request. This issue affects : Devolutions Server 2026.1.6.0 through...

CVE-2026-5171

Improper access control in the entry activity log feature in Devolutions Server allows an authenticated user with access to an entry but without the required permission to retrieve that entry's activity logs via a crafted API request. This issue affects : Devolutions Server 2026.1.6.0 through...

CVE-2026-21694

Titra is open source project time tracking software. Versions 0.99.49 and below have Improper Access Control, allowing users to view and edit other users' time entries in private projects they have not been granted access to. This issue is fixed in version 0.99.50...

EUVD-2024-30801

Malicious code in bioql PyPI...

EUVD-2022-7389

Malicious code in bioql PyPI...

CVE-2025-47962

Improper access control in Windows SDK allows an authorized attacker to elevate privileges locally...

CVE-2021-32559

An integer overflow exists in pywin32 prior to version b301 when adding an access control entry ACE to an access control list ACL that would cause the size to be greater than 65535 bytes. An attacker who successfully exploited this vulnerability could crash the vulnerable process...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from not properly updating the A/D bits of the guest PTE, which could result in accessing the wrong PFN...

ZOHO ManageEngine ADAudit Plus 安全漏洞

ZOHO ManageEngine ADAudit Plus is ZOHO's solution for simplifying audits, proving compliance and detecting threats. ZOHO ManageEngine ADAudit Plus prior to version 8000 suffers from a SQL injection vulnerability that can be exploited by an attacker to execute custom queries and access database...

SUSE CVE-2024-35874

In the Linux kernel, the following vulnerability has been resolved: aio: Fix null ptr deref in aiocomplete wakeup listdelinitcareful needs to be the last access to the wait queue entry - it effectively unlocks access. Previously, finishwait would see the empty list head and skip taking the lock,...

CVE-2023-5575

Improper access control in the permission inheritance in Devolutions Server 2022.3.13.0 and earlier allows an attacker that compromised a low privileged user to access entries via a specific combination of permissions in the entry and in its parent...

Devolutions Remote Desktop Manager 安全漏洞

Devolutions Remote Desktop Manager is an application from Devolutions Canada. It provides remote desktop management functionality. A security vulnerability exists in Devolutions Remote Desktop Manager version 2023.1.22 and prior versions, which stems from improper access control of the Web login...

CVE-2019-13233

In arch/x86/lib/insn-eval.c in the Linux kernel before 5.1.9, there is a use-after-free for access to an LDT entry because of a race condition between modifyldt and a BR exception for an MPX bounds violation...

Critical Path InJoin Directory Server 4.0 - File Disclosure

Critical Path InJoin Directory Server 4.0 - File Disclosure source: https://www.securityfocus.com/bid/4718/info Critical Path provides an LDAP Lightweight Directory Access Protocol Directory Server called InJoin. InJoin Directory Server is provided for Microsoft Windows operating systems and Unix...