34 matches found
CVE-2009-4438
The Query Compiler, Rewrite, and Optimizer component in IBM DB2 9.1 before FP8, 9.5 before FP5, and 9.7 before FP1 does not enforce privilege requirements for access to a 1 sequence or 2 global-variable object, which allows remote authenticated users to make use of data via unspecified vectors...
CVE-2009-4526
The Send by e-mail sub-module in the Print aka Printer, e-mail and PDF versions module 5.x before 5.x-4.9 and 6.x before 6.x-1.9, a module for Drupal, does not properly enforce privilege requirements, which allows remote attackers to read page titles by requesting a "Send to friend" form...
EUVD-2017-18718
Malware in sbrugna...
EUVD-2009-4481
Malware in sbrugna...
EUVD-2009-4492
Malware in sbrugna...
EUVD-2008-6079
Malware in sbrugna...
EUVD-2010-3473
Malware in sbrugna...
EUVD-2011-1845
Malware in sbrugna...
EUVD-2011-1409
Malware in sbrugna...
EUVD-2012-3964
Malware in sbrugna...
EUVD-2017-17397
Malware in sbrugna...
EUVD-2017-15867
Malware in sbrugna...
EUVD-2021-29120
Malicious code in bioql PyPI...
Velociraptor 安全漏洞
Velociraptor is a Velocidex open source tool for collecting host-based state information using Velociraptor Query Language VQL queries. A security vulnerability exists in Velociraptor that stems from the failure of the Admin.Client.UpdateClientConfig artifact to enforce additional privileges, whi...
CVE-2022-20819
A vulnerability in the web-based management interface of Cisco Identity Services Engine ISE could allow an authenticated, remote attacker to obtain sensitive information from an affected device. This vulnerability exists because administrative privilege levels for sensitive data are not properly...
PT-2022-2312 · Cisco · Cisco Prime Service Catalog
Name of the Vulnerable Software and Affected Versions: Cisco Prime Service Catalog affected versions not specified Description: A vulnerability in the web-based management interface could allow an authenticated, remote attacker to access sensitive information on an affected device. This issue is...
CVE-2021-42137
An issue was discovered in Zammad before 5.0.1. In some cases, there is improper enforcement of the privilege requirement for viewing a list of tickets that shows title, state, etc...
CVE-2021-42137
Summary of CVE-2021-42137 (Zammad): Zammad before 5.0.1 contains an authorization flaw that improperly enforces privilege requirements when viewing a list of tickets (shows title, state, etc.). This affects versions prior to 5.0.1 and arises from insufficient access control. Reported across multi...
CVE-2021-34702
A vulnerability in the web-based management interface of Cisco Identity Services Engine ISE could allow an authenticated, remote attacker to obtain sensitive information. This vulnerability is due to improper enforcement of administrator privilege levels for low-value sensitive data. An attacker...
PT-2021-7504 · Cisco · Cisco Identity Services Engine
Name of the Vulnerable Software and Affected Versions: Cisco Identity Services Engine ISE affected versions not specified Description: A vulnerability in the web-based management interface could allow an authenticated, remote attacker to obtain sensitive information due to improper enforcement of...