4 matches found
CVE-2025-20233
In the Splunk App for Lookup File Editing versions below 4.0.5, a script in the app used the chmod and makedirs Python functions in a way that resulted in overly broad read and execute permissions. This could lead to improper access control for a low-privileged user...
CVE-2024-9000
In lunary-ai/lunary prior to version 1.4.26, the checklists.post endpoint lacks proper authorization checks, allowing unauthorized users to create or modify checklists. The issue includes missing validation of the user’s permissions and a failure to enforce unique slugs for new checklists, enabli...
Microsoft Azure 权限许可和访问控制问题漏洞
Microsoft Azure Site Recovery is a site recovery DRaaS from Microsoft Corporation USA. Microsoft Azure Site Recovery has an elevation of privilege vulnerability, and no details of the vulnerability are available...
Microsoft Windows Event Tracing 权限许可和访问控制问题漏洞
Microsoft Windows and Microsoft Windows Server are both products of Microsoft Corporation, an operating system for personal devices, and Microsoft Windows Server is a server operating system. An elevation-of-privilege vulnerability exists in Event Tracing in Microsoft Windows/Windows Server. No...