Lucene search
K

15 matches found

NVD
NVD
added 2026/06/29 6:16 p.m.7 views

CVE-2026-57950

ruoyi-vue-pro through 2026.05, fixed in commit 5d1fd70 contains a broken access control vulnerability in ErpSaleOrderController that allows attackers with erp:sale-out permissions to gain unauthorized access to sale order operations by exploiting an incorrect permission namespace enforcement...

8.6CVSS0.00294EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/03/02 6:42 p.m.2 views

CVE-2025-48653

In loadDataAndPostValue of multiple files, there is a possible way to obscure permission usage due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

6.1AI score0.00098EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.9 views

EUVD-2022-39561

Malicious code in bioql PyPI...

5.9CVSS5.7AI score0.00086EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 11:18 p.m.4 views

CVE-2022-36861

Custom permission misuse vulnerability in SystemUI prior to SMR Sep-2022 Release 1 allows attacker to use some protected functions with SystemUI privilege...

5.9CVSS6.8AI score0.00086EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2025/02/06 12:0 a.m.6 views

The vulnerability of iCloud Photo Library on macOS operating systems allows a hacker to bypass security restrictions.

The vulnerability of iCloud Photo Library on macOS operating systems is related to errors in the use of standard permissions. Exploiting this vulnerability could allow a remote attacker to bypass security restrictions...

10CVSS5.5AI score0.00261EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/09/28 12:0 a.m.9 views

The vulnerability of Google Chrome’s Intents component allows attackers to circumvent existing security restrictions.

The vulnerability of Google Chrome’s Intents component is related to the improper use of standard permissions. Exploiting this vulnerability allows a malicious actor to bypass security restrictions through a specially created HTML page...

5CVSS5.4AI score0.00663EPSS
Exploits0References9Affected Software4
Veracode
Veracode
added 2023/01/19 9:6 p.m.28 views

Information Disclosure

net-snmp is vulnerable to information disclosure. The package in OpenBSD uses 0644 permissions for snmpd.conf, which allows local users to obtain sensitive community information by reading this file...

2.1CVSS5.5AI score0.0054EPSS
Exploits2References8Affected Software1
OSV
OSV
added 2022/09/09 3:15 p.m.6 views

CVE-2022-36861

Custom permission misuse vulnerability in SystemUI prior to SMR Sep-2022 Release 1 allows attacker to use some protected functions with SystemUI privilege...

5.3CVSS5.8AI score0.00086EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2022/09/09 3:15 p.m.3 views

CVE-2022-36861

Custom permission misuse vulnerability in SystemUI prior to SMR Sep-2022 Release 1 allows attacker to use some protected functions with SystemUI privilege...

5.9CVSS5.8AI score0.00086EPSS
Exploits0References2
Prion
Prion
added 2022/09/09 3:15 p.m.20 views

Privilege escalation

Custom permission misuse vulnerability in SystemUI prior to SMR Sep-2022 Release 1 allows attacker to use some protected functions with SystemUI privilege...

4.3CVSS5.2AI score0.00086EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2022/09/09 2:40 p.m.33 views

CVE-2022-36861

Custom permission misuse vulnerability in SystemUI prior to SMR Sep-2022 Release 1 allows attacker to use some protected functions with SystemUI privilege...

5.9CVSS5.8AI score0.00086EPSS
Exploits0References1
CVE
CVE
added 2022/09/09 2:40 p.m.53 views

CVE-2022-36861

CVE-2022-36861 affects Samsung SystemUI prior to SMR Sep-2022 Release 1. It is described as a custom permission misuse that lets an attacker use some protected functions with SystemUI privilege. Root cause: misuse of a custom permission in SystemUI. Impact: potential elevation of privileges withi...

5.9CVSS5.2AI score0.00086EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2022/09/09 12:0 a.m.9 views

PT-2022-23665 · Systemui · Systemui

Name of the Vulnerable Software and Affected Versions: SystemUI versions prior to SMR Sep-2022 Release 1 Description: The issue concerns a custom permission misuse vulnerability. This vulnerability allows an attacker to use some protected functions with SystemUI privilege. Recommendations: For...

5.9CVSS5.2AI score0.00086EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2021/06/29 12:0 a.m.6 views

The vulnerability of the Trend Micro HouseCall anti-virus protection for home networks allows attackers to enhance their privileges.

The vulnerability of the Trend Micro HouseCall anti-virus protection for home networks is related to errors in the use of standard permissions. Exploiting this vulnerability can allow attackers to increase their privileges...

7.3CVSS7.2AI score0.00346EPSS
Exploits0References3Affected Software1
0day.today
0day.today
added 2015/07/29 12:0 a.m.26 views

phpFileManager 0.9.8 - CSRF Vulnerability

Exploit for php platform in category web applications Exploit Title: CSRF Remote Backdoor Shell Google Dork: intitle: CSRF Remote Backdoor Shell Date: 2015-07-29 Exploit Author: John Page hyp3rlinx Website: hyp3rlinx.altervista.org Vendor Homepage: phpfm.sourceforge.net Software Link:...

7.1AI score
Exploits0
Rows per page
Query Builder