Giga Messenger WordPress - Cross-Site Scripting

Giga Messenger WordPress plugin = 2.3.1 contains a reflected cross-site scripting caused by lack of sanitization and escaping of a parameter before outputting it in the page, letting attackers execute malicious scripts in the context of high privilege users, exploit requires attacker to craft a...

Windows Registry Active Setup Persistence

This Metasploit module will register a payload to run via the Active Setup mechanism in Windows. Active Setup is a Windows feature that runs once per user at login. It triggers in a user context, losing privileges from admin to user...

CVE-2023-25754

Privilege Context Switching Error vulnerability in Apache Software Foundation Apache Airflow.This issue affects Apache Airflow: before 2.6.0...

Privilege Context Switching Error

Overview Affected versions of this package are vulnerable to Privilege Context Switching Error in the current user session. An attacker can gain unauthorized access to files and subscribe to blocks belonging to other users by sending crafted requests as an authenticated user. Remediation Upgrade...

Privilege Context Switching Error

Overview Affected versions of this package are vulnerable to Privilege Context Switching Error in the current user session. An attacker can gain unauthorized access to files and subscribe to blocks belonging to other users by sending crafted requests as an authenticated user. Remediation Upgrade...

Privilege Context Switching Error

Overview Affected versions of this package are vulnerable to Privilege Context Switching Error in the current user session. An attacker can remove comments created by other users by sending crafted requests with insufficient permission checks. Remediation Upgrade...

Privilege Context Switching Error

Overview Affected versions of this package are vulnerable to Privilege Context Switching Error in the current user session. An attacker can remove comments created by other users by sending crafted requests with insufficient permission checks. Remediation Upgrade...

Windows Administrator Protection Elevation of Privilege Vulnerability

Privilege context switching error in Windows Administrator Protection allows an authorized attacker to elevate privileges locally...

EUVD-2018-1897

Malware in sbrugna...

EUVD-2025-20884

Malicious code in bioql PyPI...

EUVD-2023-0029

Malicious code in bioql PyPI...

CVE-2025-46406

A Privilege Context Switching Error CWE-270 in the Command Center Server could allow a privileged Operator with high level access in one Division to perform limited privileged activities across the Division boundary. This issue affects Command Centre Server: 9.30 prior to 9.30.1874 MR1, 9.20 prio...

CVE-2025-46406

A Privilege Context Switching Error CWE-270 in the Command Center Server could allow a privileged Operator with high level access in one Division to perform limited privileged activities across the Division boundary. This issue affects Command Centre Server: 9.30 prior to 9.30.1874 MR1, 9.20 prio...

PT-2025-28974 · Unknown · Command Centre Server

Name of the Vulnerable Software and Affected Versions: Command Centre Server versions prior to 9.30.1874 MR1 Command Centre Server versions prior to 9.20.2337 MR3 Command Centre Server versions prior to 9.10.3194 MR6 Command Centre Server versions prior to 9.00.3371 MR7 Command Centre Server...

CVE-2025-3517

Incorrect privilege assignment in PAM JIT elevation feature in Devolutions Server 2025.1.5.0 and earlier allows a PAM user to elevate a previously configured user configured in a PAM JIT account via failure to update the internal account’s SID when updating the username...

PT-2025-18693 · Devolutions · Devolutions Server

Name of the Vulnerable Software and Affected Versions: Devolutions Server versions 2025.1.5.0 and earlier Description: The issue concerns a privilege context switching error in the PAM JIT feature of Devolutions Server. This error allows a PAM JIT account password to be improperly reset after usa...

Privilege Context Switching Error

Overview Affected versions of this package are vulnerable to Privilege Context Switching Error due to the injectPrimitives function not taking sandbox protection into account for folder-scoped libraries. A user with Item/Configure permission can bypass the sandbox to execute code in the Jenkins...

CVE-2024-12570 Privilege Context Switching Error in GitLab

An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.7 prior to 17.4.6, from 17.5 prior to 17.5.4, and from 17.6 prior to 17.6.2. It may have been possible for an attacker with a victim's CIJOBTOKEN to obtain a GitLab session token belonging to the victim...

GitLab 13.7 < 17.4.6 / 17.5 < 17.5.4 / 17.6 < 17.6.2 (CVE-2024-12570)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - Privilege Context Switching Error in GitLab CVE-2024-12570 Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. %NASLMINLEVEL...

PT-2024-10153 · Gitlab · Gitlab Ce/Ee

Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 13.7 through 17.4.6 GitLab CE/EE versions 17.5 through 17.5.4 GitLab CE/EE versions 17.6 through 17.6.2 Description: An issue has been discovered in GitLab CE/EE that may have allowed an attacker with a victim's CI JOB...