CVE-2026-41903

FreeScout is a free help desk and shared inbox built with PHP's Laravel framework. Prior to version 1.8.217, a user holding the PERMEDITUSERS permission intended for general user-profile editing can read and modify the notification subscriptions of any other user, including admins, by sending a...

SAP Transportation Management Code Issue Vulnerability

SAP Transportation Management is an integrated transportation fleet and logistics management application from SAP, Germany, that helps organizations reduce complexity, increase efficiency and agility to build a more sustainable and risk-resilient supply chain. A code issue vulnerability exists in...

Directory traversal

An attacker with non-administrative authorizations can exploit a directory traversal flaw in program SAPRSBRO to over-write system files. In this attack, no data can be read but potentially critical OS files can be over-written making the system unavailable...

CVE-2023-23692

Dell EMC prior to version DDOS 7.9 contains an OS command injection Vulnerability. An authenticated non admin attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the application's underlying OS, with the privileges of the vulnerable...

CVE-2019-19894

In IXP EasyInstall 6.2.13723, it is possible to temporarily disable UAC by using the Agent Service on a client system. An authenticated attacker non-admin can disable UAC for other users by renaming and replacing %SYSTEMDRIVE%\IXP\DATA\IXPAS.IXP...