EUVD-2025-199894

Kiteworks is a private data network PDN. Prior to version 9.1.0, improper input validation when managing roles of a shared folder could lead to unexpectedly elevate another user's permissions on the share. This issue has been patched in version 9.1.0...

EUVD-2023-40445

Malicious code in bioql PyPI...

CVE-2022-23922

CVE-2022-23922 affects WIN-911 2021 R1 (up to 5.21.10) and R2 (up to 5.21.17). Description: a permissions misconfiguration allows a local attacker to write files to the Program Announcer directory and escalate privileges when the program runs. Connected docs corroborate affected product/versions ...

CVE-2021-35946

A receiver of a federated share with access to the database with ownCloud version before 10.8 could update the permissions and therefore elevate their own permissions...

Mozilla Firefox浏览器强制URL拖放操作权限提升漏洞

CVECAN ID: CVE-2010-0178 Firefox是一款流行的开源WEB浏览器。 浏览器Applet可能错误的将单个鼠标点击动作解释为拖放操作，这可能导致在用户浏览器中非预期的加载资源。攻击者可以连续两次利用这种行为，第一次在用户浏览器中加载特权的chrome: URL，之后在同一文档之上加载恶意的javascript: URL，导致以chrome权限执行任意脚本。 Mozilla Firefox 3.6 Mozilla Firefox 3.5.x Mozilla Firefox 3.0.x Mozilla SeaMonkey 2.0.4 补丁安装方法： 1. 手工安装补丁...