CVE-2025-24401

Jenkins Folder-based Authorization Strategy Plugin 217.vd5b18537403e and earlier does not verify that permissions configured to be granted are enabled, potentially allowing users formerly granted typically optional permissions, like Overall/Manage to access functionality they're no longer entitle...

PT-2025-5359 · Jenkins · Jenkins Folder-Based Authorization Strategy Plugin

Name of the Vulnerable Software and Affected Versions: Jenkins Folder-based Authorization Strategy Plugin versions 217.vd5b 18537403e and earlier Description: The issue potentially allows users who were formerly granted certain permissions to access functionality they are no longer entitled to,...

CVE-2024-43765

In multiple locations, there is a possible way to obtain access to a folder due to a tapjacking/overlay attack. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation...

CVE-2024-43765

In multiple locations, there is a possible way to obtain access to a folder due to a tapjacking/overlay attack. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation...

CVE-2024-43765

In multiple locations, there is a possible way to obtain access to a folder due to a tapjacking/overlay attack. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation...

Google Android 安全漏洞

Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability that originates from multiple locations containing an eavesdropping hijacking/overwriting attack that can be exploited by an attacker to gain access to a...

CVE-2025-21101

Dell Display Manager, versions prior to 2.3.2.20, contain a race condition vulnerability. A local malicious user could potentially exploit this vulnerability during installation, leading to arbitrary folder or file deletion...

CVE-2024-48884

A improper limitation of a pathname to a restricted directory 'path traversal' vulnerability in Fortinet FortiManager 7.6.0 through 7.6.1, FortiManager 7.4.1 through 7.4.3, FortiManager Cloud 7.4.1 through 7.4.3, FortiOS 7.6.0, FortiOS 7.4.0 through 7.4.4, FortiOS 7.2.0 through 7.2.9, FortiOS 7.0...

CVE-2024-12274

The Appointment Booking Calendar Plugin and Scheduling Plugin WordPress plugin before 1.1.23 export settings functionality exports data to a public folder, with an easily guessable file name, allowing unauthenticated attackers to access the exported files if they exist...

WordPress plugin Appointment Booking Calendar 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

PT-2025-1798 · WordPress · Appointment Booking Calendar Plugin

Name of the Vulnerable Software and Affected Versions: Appointment Booking Calendar Plugin and Scheduling Plugin versions prior to 1.1.23 Description: The export settings functionality in the Appointment Booking Calendar Plugin and Scheduling Plugin exports data to a public folder with an easily...

Improper Access Control

nilsteampassnet/teampass is vulnerable to Improper access control. The vulnerability is due to the application failing to properly validate whether a folder belongs to the user's allowed folders list defined by an admin, allowing an attacker to bypass access restrictions and access unauthorized...

The vulnerability of the FactoryTalk System Services system service in the FactoryTalk Policy Manager software for manufacturing process control, related to access control deficiencies, allows a intruder to gain unauthorized access to protected information.

The vulnerability of the FactoryTalk System Services system service in the FactoryTalk Policy Manager software for manufacturing process management is related to deficiencies in access control for the backup copy folder. Exploiting this vulnerability could allow an intruder operating remotely to...

CVE-2025-0222

A vulnerability was found in IObit Protected Folder up to 13.6.0.5 and classified as problematic. This issue affects the function 0x8001E000/0x8001E004 in the library IUProcessFilter.sys of the component IOCTL Handler. The manipulation leads to null pointer dereference. An attack has to be...

CVE-2025-0223

A vulnerability was found in IObit Protected Folder up to 13.6.0.5. It has been classified as problematic. Affected is the function 0x8001E000/0x8001E00C/0x8001E004/0x8001E010 in the library IURegistryFilter.sys of the component IOCTL Handler. The manipulation leads to null pointer dereference...

CVE-2025-0222

A vulnerability was found in IObit Protected Folder up to 13.6.0.5 and classified as problematic. This issue affects the function 0x8001E000/0x8001E004 in the library IUProcessFilter.sys of the component IOCTL Handler. The manipulation leads to null pointer dereference. An attack has to be...

CVE-2025-0223

A vulnerability was found in IObit Protected Folder up to 13.6.0.5. It has been classified as problematic. Affected is the function 0x8001E000/0x8001E00C/0x8001E004/0x8001E010 in the library IURegistryFilter.sys of the component IOCTL Handler. The manipulation leads to null pointer dereference...

CVE-2025-0223 IObit Protected Folder IOCTL IURegistryFilter.sys 0x8001E010 null pointer dereference

A vulnerability was found in IObit Protected Folder up to 13.6.0.5. It has been classified as problematic. Affected is the function 0x8001E000/0x8001E00C/0x8001E004/0x8001E010 in the library IURegistryFilter.sys of the component IOCTL Handler. The manipulation leads to null pointer dereference...

CVE-2025-0223

CVE-2025-0223 affects IObit Protected Folder (up to 13.6.0.5). The flaw is in IOCTL Handler’s IURegistryFilter.sys, specifically functions 0x8001E000/0x8001E00C/0x8001E004/0x8001E010, whose manipulation yields a null pointer dereference. Local access is required. Public exploit disclosure is note...

CVE-2025-0223 IObit Protected Folder IOCTL IURegistryFilter.sys 0x8001E010 null pointer dereference

A vulnerability was found in IObit Protected Folder up to 13.6.0.5. It has been classified as problematic. Affected is the function 0x8001E000/0x8001E00C/0x8001E004/0x8001E010 in the library IURegistryFilter.sys of the component IOCTL Handler. The manipulation leads to null pointer dereference...