ROS-20260430-73-0007

Vulnerability in crun related to insecure privilege management. Exploitation of the vulnerability could allow an attacker to escalate privileges...

ROS-20260330-73-0001

A vulnerability in the LSILogic module of the Oracle VM VirtualBox virtualization software tool is associated with insecure privilege management due to incorrect memory freeing. Exploitation of the vulnerability could allow an attacker to gain unauthorized access to protected information...

ROS-20260209-73-0015

Vulnerability in sssd related to insecure privilege management. Exploitation of the vulnerability could allow an attacker to escalate privileges...

ROS-20251216-7319

Vulnerability in VirtualBox-kmod related to insecure privilege management. Exploitation of the vulnerability could allow an attacker to escalate privileges...

ROS-20251216-7318

Vulnerability in VirtualBox related to insecure privilege management. Exploitation of the vulnerability could allow an attacker to escalate privileges...

ROS-20251216-7320

Vulnerability in virtualbox-guest-additions related to insecure privilege management. Exploitation of the vulnerability could allow an attacker to escalate privileges...

ROS-20251001-02

VMSVGA virtual graphics adapter vulnerability in Oracle VM virtualization software VirtualBox is related to access control flaws resulting from buffer overruns. VirtualBox is related to access delimitation flaws as a result of an operation exceeding the buffer boundaries in memory. Exploitation o...

IBM Storage Scale 安全漏洞

IBM Storage Scale is a storage solution from International Business Machines IBM designed to help organizations efficiently manage and scale storage resources to meet growing data storage needs. A security vulnerability exists in IBM Storage Scale versions 5.2.3.0 and 5.2.3.1, which stems from an...

student-manage 安全漏洞

student-manage is a student grade management system by the individual developer Yongkang Huang in China. A security vulnerability exists in student-manage version 1, which stems from an insecure privilege validation that could lead to elevated privileges...

ROS-20250303-03

A vulnerability in the Linux operating system's dmidecode utility is related to insecure privilege management. Exploitation of the vulnerability could allow an attacker to escalate privileges...

CMSimple Insecure Privilege Vulnerability

CMSimple is a PHP and HTML based content management system that helps users to quickly create simple and easy to use websites. CMSimple suffers from an insecure privilege vulnerability that can be exploited by an attacker to obtain sensitive information via a carefully crafted script to download...

CVE-2024-9500

A maliciously crafted DLL file when placed in temporary files and folders that are leveraged by the Autodesk Installer could lead to escalation of privileges to NT AUTHORITY/SYSTEM due to insecure privilege management...

Polycom RealPresence Group 500 安全漏洞

Polycom RealPresence Group 500 is a video conferencing endpoint device from Polycom USA that is primarily used for video communication in conference rooms and other scenarios. A security vulnerability exists in Polycom RealPresence Group 500 version 20 and prior versions, which stems from the...

XINJE XDPPro 安全漏洞

XINJE XDPPro is a USB port connection programming software using PLCs from China XINJE XINJE. A security vulnerability exists in XINJE XDPPro versions 3.2.2 through 3.7.17c, which originates from an insecure privilege in the XNetSocketClient component that allows an attacker to execute arbitrary...

PT-2025-1242 · Microsoft · Autoupdate (Mau) For Mac

Name of the Vulnerable Software and Affected Versions: Microsoft AutoUpdate MAU for Mac affected versions not specified Description: The issue is related to insecure privilege management in Microsoft AutoUpdate MAU for Mac, which can allow an attacker to elevate their privileges. Recommendations:...

PT-2025-1059 · Microsoft · Windows Installer +1

Name of the Vulnerable Software and Affected Versions: Windows Installer affected versions not specified Description: The issue is related to insecure privilege management in the Windows Installer component of Windows operating systems. It allows an attacker to elevate their privileges to the lev...

PT-2025-1012 · Sonicwall · Gen7 Sonicos Cloud Platform Nsv

Name of the Vulnerable Software and Affected Versions: Gen7 SonicOS Cloud platform NSv affected versions not specified Description: The issue is related to insecure privilege management in the configuration function of the SSH cloud platform. It allows a remote authenticated attacker with low...

Ivanti Workspace Control 安全漏洞

Ivanti Workspace Control is a desktop management solution from Ivanti. Ivanti Workspace Control suffers from an elevation of privilege vulnerability that originates from an insecure privilege setting. An attacker can exploit the vulnerability to elevate privileges...

Silicon Labs Z-Wave 700和Silicon Labs Z-Wave 800 安全漏洞

Silicon Labs Z-Wave 700 SiLabs Z-Wave 800 and Silicon Labs Z-Wave 800 SiLabs Z-Wave 800 are a series of chips from Silicon Labs, Inc. in the United States. A security vulnerability exists in Silicon Labs Z-Wave 700 and Silicon Labs Z-Wave 800 version v7.21.1, which stems from insecure privilege...

Nav2 安全漏洞

Nav2 is the ROS community's navigation framework and system for ROS2. A security vulnerability exists in Nav2 that stems from the inclusion of an insecure privilege vulnerability. An attacker exploiting this vulnerability could execute arbitrary code via the dynparamhandler component...