CVE-2026-2667

A vulnerability has been found in Rongzhitong Visual Integrated Command and Dispatch Platform up to 20260206. The impacted element is an unknown function of the file /dispatch/api?cmd=userinfo. The manipulation leads to improper access controls. The attack may be initiated remotely. The exploit h...

CVE-2026-2668

Affected product/component: Rongzhitong Visual Integrated Command and Dispatch Platform, specifically the User Handler component (file: /dm/dispatch/user/add). Root cause (as described): Improper access controls due to manipulation. Impact: Remote attacker could exploit this via a network attack ...

CVE-2026-2668 Rongzhitong Visual Integrated Command and Dispatch Platform User add access control

A vulnerability was found in Rongzhitong Visual Integrated Command and Dispatch Platform up to 20260206. This affects an unknown function of the file /dm/dispatch/user/add of the component User Handler. The manipulation results in improper access controls. The attack may be launched remotely. The...

CVE-2023-38005

IBM Cloud Pak System 2.3.3.6, 2.3.3.7, 2.3.4.0, 2.3.4.1, and 2.3.5.0 could allow an authenticated user to perform unauthorized tasks due to improper access controls...

PT-2026-20209

Name of the Vulnerable Software and Affected Versions IBM Cloud Pak System versions 2.3.3.6 through 2.3.5.0 Description The software contains improper access controls, potentially allowing an authenticated user to perform unauthorized tasks. Recommendations IBM Cloud Pak System version 2.3.3.6...

CVE-2025-14014 Insecure File Upload in NTN Informatics' Smart Panel

Unrestricted Upload of File with Dangerous Type vulnerability in NTN Information Processing Services Computer Software Hardware Industry and Trade Ltd. Co. Smart Panel allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Smart Panel: before 20251215...

EUVD-2026-5823

A security flaw has been discovered in WeKan up to 8.20. This vulnerability affects unknown code of the file server/methods/fixDuplicateLists.js of the component Administrative Repair Handler. Performing a manipulation results in improper access controls. It is possible to initiate the attack...

PT-2026-6945

Name of the Vulnerable Software and Affected Versions WeKan versions prior to 8.21 Description A security flaw exists in WeKan up to version 8.20. The issue affects unknown code within the server/methods/fixDuplicateLists.js file of the Administrative Repair Handler component, leading to improper...

CVE-2026-1963

A vulnerability was found in WeKan up to 8.20. This affects an unknown function of the file models/attachments.js of the component Attachment Storage. The manipulation results in improper access controls. The attack may be launched remotely. Upgrading to version 8.21 mitigates this issue. The pat...

CVE-2026-1962

A vulnerability has been found in WeKan up to 8.20. The impacted element is an unknown function of the file server/attachmentMigration.js of the component Attachment Migration. The manipulation leads to improper access controls. The attack may be initiated remotely. Upgrading to version 8.21 is...

CVE-2026-1964

A vulnerability was determined in WeKan up to 8.20. This impacts an unknown function of the file models/boards.js of the component REST Endpoint. This manipulation causes improper access controls. Remote exploitation of the attack is possible. Upgrading to version 8.21 will fix this issue. Patch...

CVE-2026-2009

A flaw has been found in SourceCodester Gas Agency Management System 1.0. This issue affects some unknown processing of the file /gasmark/phpaction/createUser.php. Executing a manipulation can lead to improper access controls. It is possible to launch the attack remotely. The exploit has been...

EUVD-2026-5691

A flaw has been found in SourceCodester Gas Agency Management System 1.0. This issue affects some unknown processing of the file /gasmark/phpaction/createUser.php. Executing a manipulation can lead to improper access controls. It is possible to launch the attack remotely. The exploit has been...

Tanium Server 7.6.2.x < 7.6.2.1327 / 7.6.4.x < 7.6.4.2160 / 7.7.3.x < 7.7.3.8231 Improper Access Controls (CVE-2025-15322)

The version of Tanium Server installed on the remote host is 7.6.2.x prior to 7.6.2.1327, 7.6.4.x prior to 7.6.4.2160, or 7.7.3.x prior to 7.7.3.8231. It is, therefore, affected by an improper access controls vulnerability as referenced in the TAN-2025-028 advisory. - Tanium addressed an improper...

CVE-2026-1962

A vulnerability has been found in WeKan up to 8.20. The impacted element is an unknown function of the file server/attachmentMigration.js of the component Attachment Migration. The manipulation leads to improper access controls. The attack may be initiated remotely. Upgrading to version 8.21 is...

CVE-2026-1963

A vulnerability was found in WeKan up to 8.20. This affects an unknown function of the file models/attachments.js of the component Attachment Storage. The manipulation results in improper access controls. The attack may be launched remotely. Upgrading to version 8.21 mitigates this issue. The pat...

CVE-2025-15342

Tanium addressed an improper access controls vulnerability in Reputation...

CVE-2025-15342

Tanium addressed an improper access controls vulnerability in Reputation...

CVE-2025-15327

Tanium addressed an improper access controls vulnerability in Deploy...

CVE-2025-15326

Tanium addressed an improper access controls vulnerability in Patch...