17 matches found
EUVD-2023-36723
Malicious code in bioql PyPI...
EUVD-2022-27289
Malicious code in bioql PyPI...
EUVD-2024-35565
Malicious code in bioql PyPI...
EUVD-2022-27295
Malicious code in bioql PyPI...
CVE-2025-10847 DX UIM Probe Improper ACL Handling RCE
DX Unified Infrastructure Management Nimsoft/UIM and below contains an improper ACL handling vulnerability in the robot controller component. A remote attacker can execute commands, read from, or write to the target system...
CVE-2022-22148
'Root Service' service implemented in the following Yokogawa Electric products creates some named pipe with improper ACL configuration. CENTUM CS 3000 versions from R3.08.10 to R3.09.00, CENTUM VP versions from R4.01.00 to R4.03.00, from R5.01.00 to R5.04.20, and from R6.01.00 to R6.08.00, Exaopc...
CVE-2020-8010
CA Unified Infrastructure Management Nimsoft/UIM 20.1, 20.3.x, and 9.20 and below contains an improper ACL handling vulnerability in the robot controller component. A remote attacker can execute commands, read from, or write to the target system...
CVE-2024-35177
Wazuh is a free and open source platform used for threat prevention, detection, and response. It is capable of protecting workloads across on-premises, virtualized, containerized, and cloud-based environments. The wazuh-agent for Windows is vulnerable to a Local Privilege Escalation vulnerability...
CVE-2024-35177
Wazuh is a free and open source platform used for threat prevention, detection, and response. It is capable of protecting workloads across on-premises, virtualized, containerized, and cloud-based environments. The wazuh-agent for Windows is vulnerable to a Local Privilege Escalation vulnerability...
CVE-2025-22737
Missing Authorization vulnerability in magepeopleteam WpTravelly tour-booking-manager allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects WpTravelly: from n/a through = 1.8.5...
RHEL 6 : bacula (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - bacula: Improper ACL rules enforcement by dumping resources CVE-2012-4430 Note that Nessus has not tested for this...
GHSA-CMG7-XR2J-4R9V MoinMoin Improper ACL handling for calendars and includes
MoinMoin before 20070507 does not properly enforce ACLs for calendars and includes, which allows remote attackers to read certain pages via unspecified vectors...
Design/Logic Flaw
'Root Service' service implemented in the following Yokogawa Electric products creates some named pipe with improper ACL configuration. CENTUM CS 3000 versions from R3.08.10 to R3.09.00, CENTUM VP versions from R4.01.00 to R4.03.00, from R5.01.00 to R5.04.20, and from R6.01.00 to R6.08.00, Exaopc...
CVE-2022-22148
'Root Service' service implemented in the following Yokogawa Electric products creates some named pipe with improper ACL configuration. CENTUM CS 3000 versions from R3.08.10 to R3.09.00, CENTUM VP versions from R4.01.00 to R4.03.00, from R5.01.00 to R5.04.20, and from R6.01.00 to R6.08.00, Exaopc...
Rocket.Chat: Improper ACL in Message Starring
The vulnerability allowed attackers to manipulate the starred attribute of arbitrary messages by providing an unrelated room ID where they had access. The vulnerability existed due to improper access checks when starring messages...
CVE-2020-8010
CA Unified Infrastructure Management Nimsoft/UIM 20.1, 20.3.x, and 9.20 and below contains an improper ACL handling vulnerability in the robot controller component. A remote attacker can execute commands, read from, or write to the target system...
KLA10136 OSI vulnerability in DeviceLock
Improper ACL enforcing was found in DeviceLock. By exploiting this vulnerability malicious users can obtain sensitive information. This vulnerability can be exploited locally. Original advisories - Related products DeviceLock CVE list CVE-2006-4184 warning Solution Update to latest version Impact...