9 matches found
CVE-2026-1880
An Incorrect Permission Assignment for Critical Resource vulnerability in the ASUS DriverHub update process allows privilege escalation due to improper protection of required execution resources during the validation phase, permitting a local user to make unprivileged modifications. This allows t...
CVE-2024-52872
In Flagsmith before 2.134.1, the getdocument endpoint is not correctly protected by permissions...
Improper Privilege Management
Mattermost is vulnerable to an Improper Privilege Management. The vulnerability is due to improper permission protection, allowing authenticated users with a restricted custom admin role to bypass restrictions and view server logs and the server config.json file...
CVE-2022-20432
There is an missing authorization issue in the system service. Since the component does not have permission check and permission protection,, resulting in Local Elevation of privilege.Product: AndroidVersions: Android SoCAndroid ID: A-242221899...
CVE-2022-20435
CVE-2022-20435 is an Android vulnerability described as an unauthorized service in the system service that, due to missing permission checks, can lead to local elevation of privilege and potentially a system reboot. Connected OSV entries (ASB-A-242248367 and ASB-A-242248369) corroborate an unauth...
GHSA-QGGC-PJ29-J27M Improper Privilege Management in Mattermost
One of the API in Mattermost version 6.4.1 and earlier fails to properly protect the permissions, which allows the authenticated members with restricted custom admin role to bypass the restrictions and view the server logs and server config.json file contents. Per the Mattermost security updates...
The vulnerability of the software for updating Intel Driver & Support Assistant, related to insufficient protection of permissions, allows a hacker to trigger a service failure.
The vulnerability of the Intel Driver & Support Assistant software for updating drivers is related to insufficient protection of permissions. Exploiting this vulnerability can allow a hacker to cause service failures...
Information disclosure
The broadcast messages received by SAP Fiori Client are not protected by permissions. SAP Fiori Client version 1.11.5 in Google Play store addresses these issues and users must update to that version...
CVE-2018-2490
The broadcast messages received by SAP Fiori Client are not protected by permissions. SAP Fiori Client version 1.11.5 in Google Play store addresses these issues and users must update to that version...