GHSA-JRC5-W569-H7H5 phpMyFAQ: Ordinary Authenticated User Can Access Admin-Only API Endpoints Due to Insufficient Authorization Check in phpMyFAQ

Summary A review of phpMyFAQ-main uncovered an authorization issue in the admin-api routes. Several backend endpoints only check whether the caller is logged in. They do not verify that the caller actually has backend or administrative privileges. As a result, a normal frontend user can access AP...

CVE-2026-29646

In OpenXiangShan NEMU prior to 55295c4, when running with RVH Hypervisor extension enabled, a VS-mode guest write to the supervisor interrupt-enable CSR sie may be handled incorrectly and can influence machine-level interrupt enable state mie. This breaks privilege/virtualization isolation and ca...

CVE-2026-29646

In OpenXiangShan NEMU prior to 55295c4, when running with RVH Hypervisor extension enabled, a VS-mode guest write to the supervisor interrupt-enable CSR sie may be handled incorrectly and can influence machine-level interrupt enable state mie. This breaks privilege/virtualization isolation and ca...

MiracleLinux 4 : bash-4.1.2-15.AXS4.2 (AXSA:2014-554:02)

The remote MiracleLinux 4 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2014-554:02 advisory. Description : The GNU Bourne Again shell Bash is a shell or command language interpreter that is compatible with the Bourne shell sh. Bash incorporat...

CVE-2025-14095

A "Privilege boundary violation" vulnerability is identified affecting multiple Radiometer Products. Exploitation of this vulnerability gives a user with physical access to the analyzer, the possibility to gain unauthorized access to functionalities outside the restricted environment. The...

CVE-2025-14095

A "Privilege boundary violation" vulnerability is identified affecting multiple Radiometer Products. Exploitation of this vulnerability gives a user with physical access to the analyzer, the possibility to gain unauthorized access to functionalities outside the restricted environment. The...

CVE-2025-14095

CVE-2025-14095, CVE-2025-14096, and CVE-2025-14097 describe vulnerabilities in multiple Radiometer products. The issues arise from design weaknesses in application/OS access control, credential protection, and remote code execution conditions, with exploitation involving physical access (for 1409...

EUVD-2025-203887

A "Privilege boundary violation" vulnerability is identified affecting multiple Radiometer Products. Exploitation of this vulnerability gives a user with physical access to the analyzer, the possibility to gain unauthorized access to functionalities outside the restricted environment. The...

CVE-2025-14095 Privilege boundary violation in Radiometer Products

A "Privilege boundary violation" vulnerability is identified affecting multiple Radiometer Products. Exploitation of this vulnerability gives a user with physical access to the analyzer, the possibility to gain unauthorized access to functionalities outside the restricted environment. The...

PT-2025-51823

A "Privilege boundary violation" vulnerability is identified affecting multiple Radiometer Products. Exploitation of this vulnerability gives a user with physical access to the analyzer, the possibility to gain unauthorized access to functionalities outside the restricted environment. The...

CVE-2024-27766

An issue in MariaDB v.11.1 allows a remote attacker to execute arbitrary code via the libmysqludfsys.so function. NOTE: this is disputed by the MariaDB Foundation because no privilege boundary is crossed...

Design/Logic Flaw

In retrieveAppEntry of NotificationAccessDetails.java, there is a missing permission check. This could lead to local escalation of privilege across user boundaries with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11...

SUSE CVE-2008-3916

Heap-based buffer overflow in the stripescapes function in signal.c in GNU ed before 1.0 allows context-dependent or user-assisted attackers to execute arbitrary code via a long filename. NOTE: since ed itself does not typically run with special privileges, this issue only crosses privilege...

SUSE CVE-2014-6271

GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the modcgi and modcg...

SUSE CVE-2014-6278

GNU Bash through 4.3 bash43-026 does not properly parse function definitions in the values of environment variables, which allows remote attackers to execute arbitrary commands via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the modcgi and...

SUSE CVE-2014-7169

GNU Bash through 4.3 bash43-025 processes trailing strings after certain malformed function definitions in the values of environment variables, which allows remote attackers to write to files or possibly have unknown other impact via a crafted environment, as demonstrated by vectors involving the...

Ubuntu 16.04 ESM / 18.04 LTS : shadow vulnerabilities (USN-5254-1)

The remote Ubuntu 16.04 ESM / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5254-1 advisory. It was discovered that shadow incorrectly handled certain inputs. An attacker could possibly use this issue to cause a crash or expose...

Huawei EulerOS: Security Advisory for shadow-utils (EulerOS-SA-2019-2427)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP2 : shadow-utils (EulerOS-SA-2019-2427)

According to the versions of the shadow-utils package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - In shadow before 4.5, the newusers tool could be made to manipulate internal data structures in ways unintended by the authors. Malformed...

Shimo VPN helper tool deleteConfig denial-of-service vulnerability

Summary An exploitable privilege escalation vulnerability exists in the Shimo VPN 4.1.5.1 helper service in the deleteConfig functionality. The program is able to delete any protected file on the system. An attacker would need local access to the machine to successfully exploit the bug. Tested...