8 matches found
PT-2026-48820
Improper verification of access permissions when modifying permissions through the Administration Control Panel ACP allowed an authenticated administrator to grant permissions beyond the level authorized for their account, resulting in privilege escalation within the administrative interface...
AVEVA Pipeline Simulation 安全漏洞
AVEVA Pipeline Simulation is a pipeline simulation software developed by AVEVA, a British company. AVEVA Pipeline Simulation has a security vulnerability. This vulnerability stems from improper permission verification, which may allow unverified attackers to perform privileged operations, resulti...
Lenovo Software Fix 安全漏洞
Lenovo Software Fix is a system repair tool developed by the Chinese company Lenovo. Lenovo Software Fix has a security vulnerability, which stems from improper permission verification during the installation process. This vulnerability may allow locally authenticated users to execute write...
CVE-2023-31226
The SDK for the MediaPlaybackController module has improper permission verification. Successful exploitation of this vulnerability may affect confidentiality...
EUVD-2020-26438
Malware in sbrugna...
PT-2023-23247 · Unknown · Mediaplaybackcontroller
Name of the Vulnerable Software and Affected Versions: MediaPlaybackController affected versions not specified Description: The SDK for the MediaPlaybackController module has improper permission verification, which may affect confidentiality if successfully exploited. Recommendations: At the...
PT-2022-13917 · Octopus Deploy +1 · Octopus Server +1
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue concerns improper verification of permissions in the API for projects using Git version control. This flaw allows users with only ProjectView...
CVE-2020-5194
CVE-2020-5194 affects Cerberus FTP Server 8 where the zip API endpoint (file/ajax_download_zip/zip_name) permits an authenticated user without zip permission to use the zip function via an unrestricted API endpoint due to improper permission verification. The result is that such a user can zip an...