8 matches found
CVE-2026-27012
OpenSTAManager is an open source management software for technical assistance and invoicing. In 2.9.8 and earlier, a privilege escalation and authentication bypass vulnerability in OpenSTAManager allows any attacker to arbitrarily change a user's group idgruppo by directly calling...
CVE-2026-27012
OpenSTAManager is an open source management software for technical assistance and invoicing. In 2.9.8 and earlier, a privilege escalation and authentication bypass vulnerability in OpenSTAManager allows any attacker to arbitrarily change a user's group idgruppo by directly calling...
CVE-2026-27012 Unauthenticated privilege escalation in OpenSTAManager via modules/utenti/actions.php
OpenSTAManager is an open source management software for technical assistance and invoicing. In 2.9.8 and earlier, a privilege escalation and authentication bypass vulnerability in OpenSTAManager allows any attacker to arbitrarily change a user's group idgruppo by directly calling...
CVE-2026-27012
OpenSTAManager CVE-2026-27012 affects 2.9.8 and earlier, enabling unauthenticated privilege escalation via modules/utenti/actions.php. An attacker can call the PHP endpoint to arbitrarily change a user’s group (idgruppo), promoting a normal account (e.g., agent) to Amministratori or demoting admi...
GHSA-247V-7CW6-Q57V OpenSTAManager affected by unauthenticated privilege escalation via modules/utenti/actions.php
Summary A privilege escalation and authentication bypass vulnerability in OpenSTAManager allows any attacker to arbitrarily change a user's group idgruppo by directly calling modules/utenti/actions.php. This can promote an existing account e.g. agent into the Amministratori group as well as demot...
UBUNTU-CVE-2021-47646
In the Linux kernel, the following vulnerability has been resolved: Revert "Revert "block, bfq: honor already-setup queue merges"" A crash 1 happened to be triggered in conjunction with commit 2d52c58b9c9b "block, bfq: honor already-setup queue merges". The latter was then reverted by commit...
CVE-2019-3693
A symlink following vulnerability in the packaging of mailman in SUSE Linux Enterprise Server 11, SUSE Linux Enterprise Server 12; openSUSE Leap 15.1 allowed local attackers to escalate their privileges from user wwwrun to root. Additionally arbitrary files could be changed to group mailman. This...
Fedora 7 : emacs-22.1-5.fc7 (2007-3056)
Tue Nov 6 2007 Chip Coldwell - 22.1-5 - fix insufficient safe-mode checks Resolves: bz367581 - Update rpm-spec-mode to the current upstream, drop compat patch bz306841 - Wed Sep 12 2007 Chip Coldwell - 22.1-4 - require xorg-x11-fonts-ISO8859-1-100dpi instead of 75dpi Resolves: bz281861 - drop...