48 matches found
CVE-2021-22048
The vCenter Server contains a privilege escalation vulnerability in the IWA Integrated Windows Authentication authentication mechanism. A malicious actor with non-administrative access to vCenter Server may exploit this issue to elevate privileges to a higher privileged group...
EUVD-2013-4584
Malware in sbrugna...
EUVD-2020-4336
Malware in sbrugna...
EUVD-2018-6692
Malware in sbrugna...
EUVD-2024-39582
Malicious code in bioql PyPI...
EUVD-2024-42223
Malicious code in bioql PyPI...
EUVD-2021-27592
Malicious code in bioql PyPI...
EUVD-2023-38169
Malicious code in bioql PyPI...
EUVD-2021-9215
Malicious code in bioql PyPI...
EUVD-2023-31047
Malicious code in bioql PyPI...
CVE-2025-41250 Header injection vulnerability
VMware vCenter contains an SMTP header injection vulnerability. A malicious actor with non-administrative privileges on vCenter who has permission to create scheduled tasks may be able to manipulate the notification emails sent for scheduled tasks...
CVE-2025-0140 GlobalProtect App: Non Admin User Can Disable the GlobalProtect App
An incorrect privilege assignment vulnerability in the Palo Alto Networks GlobalProtect™ App on macOS devices enables a locally authenticated non administrative user to disable the app even if the GlobalProtect app configuration would not normally permit them to do so. The GlobalProtect app on...
Tenable Nessus <= 10.8.4 File Overwrite (TNS-2025-13)
According to its self-reported version, the Tenable Nessus application running on the remote host is prior or equal to 10.8.4. It is, therefore, affected by a file overwrite vulnerability as referenced in the TNS-2025-13 advisory. - In Tenable Nessus versions prior to 10.8.5 on a Windows host, it...
CVE-2025-42982
SAP GRC allows a non-administrative user to access and initiate transaction which could allow them to modify or control the transmitted system credentials. This causes high impact on confidentiality, integrity and availability of the application...
PT-2025-24586 · Sap · Sap Grc
Name of the Vulnerable Software and Affected Versions: SAP GRC affected versions not specified Description: The issue allows a non-administrative user to access and initiate transactions, potentially enabling them to modify or control transmitted system credentials. This poses a high impact on th...
CVE-2023-20855
VMware vRealize Orchestrator contains an XML External Entity XXE vulnerability. A malicious actor, with non-administrative access to vRealize Orchestrator, may be able to use specially crafted input to bypass XML parsing restrictions leading to access to sensitive information or possible escalati...
CVE-2023-27500
An attacker with non-administrative authorizations can exploit a directory traversal flaw in program SAPRSBRO to over-write system files. In this attack, no data can be read but potentially critical OS files can be over-written making the system unavailable...
CVE-2021-21991
The vCenter Server contains a local privilege escalation vulnerability due to the way it handles session tokens. A malicious actor with non-administrative user access on vCenter Server host may exploit this issue to escalate privileges to Administrator on the vSphere Client HTML5 or vCenter Serve...
CVE-2013-4734
dasdecmkuser on the Digital Alert Systems DASDEC EAS device before 2.0-2 and the Monroe Electronics R189 One-Net EAS device before 2.0-2 generates predictable passwords, which might make it easier for attackers to obtain non-administrative access via unspecified vectors...
CVE-2025-27437
A Missing Authorization Check vulnerability exists in the Virus Scanner Interface of SAP NetWeaver Application Server ABAP. Because of this, an attacker authenticated as a non-administrative user can initiate a transaction, allowing them to access but not modify non-sensitive data without further...