20 matches found
CVE-2026-24755
Kiteworks is a private data network PDN. Prior to version 9.3.0, an Insecure Direct Object Reference IDOR vulnerability in Kiteworks Secure Data Forms allows an authenticated user to modify permissions on resources belonging to other users due to insufficient authorization checks on resource...
CVE-2026-24753
Kiteworks is a private data network PDN. Prior to version 9.3.0, an Insecure Direct Object Reference IDOR vulnerability in Kiteworks Secure Data Forms allows an authenticated user to modify resources belonging to other users due to insufficient authorization checks on resource ownership. Upgrade...
Incorrect Authorization
Overview Affected versions of this package are vulnerable to Incorrect Authorization in the resource handler. An attacker can gain unauthorized access and modify application resources across the entire controller by leveraging authenticated access as a user, machine, or controller. Remediation A...
Incorrect Authorization
Overview Affected versions of this package are vulnerable to Incorrect Authorization in the resource handler. An attacker can gain unauthorized access and modify application resources across the entire controller by leveraging authenticated access as a user, machine, or controller. Remediation A...
Nginx UI 安全漏洞
Nginx UI is a web interface for Nginx developed by Jacky. Versions of Nginx UI 2.3.3 and earlier have security vulnerabilities. These vulnerabilities stem from insecure direct object references, allowing any authenticated user to access, modify, and delete resources of other users...
PT-2025-44671
Name of the Vulnerable Software and Affected Versions Summer Pearl Group Vacation Rental Management Platform versions prior to 1.0.2 Description The Summer Pearl Group Vacation Rental Management Platform is affected by inadequate server-side authorization. Authenticated attackers can access and...
EUVD-2025-25316
Malicious code in bioql PyPI...
CVE-2025-1139
IBM Edge Application Manager 4.5 could allow a local user to read or modify resources that they should not have authorization to access due to incorrect permission assignment...
CVE-2025-1139
IBM Edge Application Manager 4.5 could allow a local user to read or modify resources that they should not have authorization to access due to incorrect permission assignment...
CVE-2025-1139
CVE-2025-1139 affects IBM Edge Application Manager 4.5. A local user can read or modify resources due to incorrect permission assignment. Root cause: improper/incorrect permission provisioning. Impact: unauthorized access to resources on the device. Mitigation: upgrade to patched IBM Edge Applica...
PT-2025-34061 · Ibm · Edge Application Manager
Name of the Vulnerable Software and Affected Versions: IBM Edge Application Manager version 4.5 Description: IBM Edge Application Manager 4.5 may allow a local user to read or modify resources without proper authorization due to incorrect permission assignment. Recommendations: At the moment, the...
IBM Edge Application Manager 安全漏洞
IBM Edge Application Manager is an application from International Business Machines IBM, Inc. provides powerful solutions to address the need to deliver enterprise computing power at the edge of the cloud, closer to where the data is created and at the edge of the enterprise where action needs to...
CVE-2024-38646
An incorrect permission assignment for critical resource vulnerability has been reported to affect Notes Station 3. If exploited, the vulnerability could allow local authenticated attackers who have gained administrator access to read or modify the resource. We have already fixed the vulnerabilit...
QNAP Multiple Product Security Vulnerabilities
QNAP Systems QuTScloud and others are products of China Weilian Technology QNAP Systems.QNAP Systems QuTScloud is a cloud-optimized version of the QNAP NAS operating system.QNAP Systems QTS is an operating system for entry- to mid-range QNAP NAS use. QNAP Systems QuTS hero is an operating system....
IBM QRadar SIEM Unauthorized Access Vulnerability (CNVD-2019-26399)
IBM QRadar SIEM is an IBM USA solution that utilizes security intelligence to protect assets and information from advanced threats. The solution provides oversight of the entire scope of the IT architecture, generates detailed reports on data access and user activity, and more. An unauthorized...
Unspecified Vulnerability in IBM Security Key Lifecycle Manager
IBM Security Key Lifecycle Manager formerly known as Tivoli Key Lifecycle Manager is a set of key lifecycle management software from IBM in the United States. The software provides key storage, key maintenance and key lifecycle management for storage devices. A security vulnerability exists in IB...
IBM Security Guardium Big Data Intelligence Critical Resource Privilege Assignment Vulnerability
IBM Security Guardium Big Data Intelligence is a solution that delivers the capabilities of a big data platform while meeting data security requirements. IBM Security Guardium Big Data Intelligence SonarG suffers from an incorrect assignment of critical resource permissions vulnerability. An...
IBM Security Guardium Resource Error Vulnerability
IBM Security Guardium is a suite of platforms from IBM in the United States that provide data protection capabilities. The platform includes features such as custom UI, report management and streamlined audit process building. A resource error vulnerability exists in IBM Security Guardium. An...
Downloads Resources over HTTP
Overview Affected versions of geoip-lite-country insecurely downloads resources over HTTP. In scenarios where an attacker has a privileged network position, they can modify or read such resources at will. While the exact severity of impact for a vulnerability like this is highly variable and...
Free kill often with a few important tools-vulnerability warning-the black bar safety net
C32Asm V0. 4. 1 2 C32Asm is set reverse assemble, 1 6 hex tools, Hiew modify the features and integration PE Explorer 1.98 Powerful resource tool, can directly Browse and modify the software resources, including menus, dialog boxes, string tables, etc.; in addition, also equipped with W32DASM...