23 matches found
CVE-2026-21011
Incorrect privilege assignment in Bluetooth in Maintenance mode prior to SMR Apr-2026 Release 1 allows physical attackers to bypass Extend Unlock...
CVE-2026-20110
A vulnerability in the CLI of Cisco IOS XE Software could allow an authenticated, local attacker to cause a denial of service DoS condition on an affected device. This vulnerability exists because incorrect privileges are associated with the start maintenance command. An attacker could exploit th...
Windows Hello Tampering Vulnerability
Incorrect privilege assignment in Windows Hello allows an unauthorized attacker to perform tampering locally...
ROS-20251020-02
Jupyter Core vulnerability in Jupyter Notebook interactive development and code execution environment is related to privilege management errors. Exploitation of the vulnerability could allow an attacker acting remotely to disclose protected information, download and execute code. remotely, disclo...
CVE-2025-46406
CVE-2025-46406 describes a Privilege Context Switching Error (CWE-270) in Gallagher Command Centre Server. A privileged Operator with high-level access in one Division could perform limited privileged activities across the Division boundary, potentially enabling cross-division elevation of privil...
Siemens SINEC NMS 安全漏洞
SINEC NMS is a new generation network management system for digital enterprises. The system enables centralized monitoring, management and configuration of the network. A privilege assignment error vulnerability exists in Siemens SINEC NMS, which can be exploited by an attacker to write arbitrary...
Apache Tomcat 安全漏洞
Apache Tomcat is a lightweight Web application server from the American Apache Apache Foundation. The program implements support for Servlets and JavaServer Page JSP. A security vulnerability exists in Apache Tomcat that stems from a default privilege error. An attacker exploiting this...
IBM Security Access Manager Information Disclosure Vulnerability (CNVD-2024-35120)
IBM Security Access Manager is a product for information security management applications from International Business Machines IBM. The product enables access management control through integrated appliances for web, mobile and cloud computing. An information disclosure vulnerability exists in IB...
PT-2024-4364 · Nvidia +1 · Nvidia Vgpu +1
Name of the Vulnerable Software and Affected Versions: NVIDIA vGPU software for Windows and Linux affected versions not specified Description: The issue is related to incorrect privilege assignment in the NVIDIA Virtual GPU Manager driver, allowing an attacker to elevate privileges or cause a...
Tuleap 安全漏洞
Tuleap is an open source application lifecycle management system that facilitates agile software development, design projects, V-modeling, requirements management and IT service management. A security vulnerability exists in Tuleap that stems from the presence of a privilege control error issue...
PT-2022-15129 · Scp · Scp
Name of the Vulnerable Software and Affected Versions: scp affected versions not specified Description: The issue is related to incorrect error handling in scp, which could lead to local escalation of privilege with System execution privileges needed. User interaction is not required for...
Cisco Virtualized Infrastructure Manager访问控制错误漏洞
Cisco Virtualized Infrastructure Manager is a fully automated cloud lifecycle management system from Cisco, U.S. An access control error vulnerability exists in Cisco Virtualized Infrastructure Manager, which stems from certain configuration files' The vulnerability is caused by an access privile...
Projectworlds Hospital Management System Privilege Error Vulnerability
Projectworlds Hospital Management System is a hospital management system from Projectworlds Austria. Projectworlds Hospital Management System version 1.0 is vulnerable to a privilege error that could be exploited by an unauthorized attacker to add unlimited patients via addppatient.php...
Projectworlds Hospital Management System 安全漏洞
Projectworlds Hospital Management System is a hospital management system from Projectworlds Austria. Projectworlds Hospital Management System version 1.0 is vulnerable to a privilege error that could be exploited by an unauthorized attacker to add unlimited patients via addppatient.php...
Ericsson Network Manage安全漏洞
Ericsson Network Manage is a network manager from Ericsson, Sweden. It covers monitoring, troubleshooting, configuration, automation and optimization of networks. A security vulnerability exists in Ericsson Network Manager 20.2 that stems from a privilege error...
Jenkins Plugin 权限许可和访问控制问题漏洞
Jenkins is a Jenkins open source application. An open source automation server Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Mailer Plugin 391.ve4a 38c1b cf4b and prior versions are vulnerable to a privilege error. The vulnerability stems...
Intel NUC 访问控制错误漏洞
The Intel NUC is a small mini computer from Intel USA. An Access Control Error vulnerability exists in the Intel NUC M15 Laptop Kit audio driver pack, which stems from a default privilege management error in the product's installer. An attacker could use this vulnerability to cause a denial of...
Privilege Context Switching Error in wildlfy
A flaw was found in wildfly. The EJBContext principle is not popped back after invoking another EJB using a different Security Domain. The highest threat from this vulnerability is to data confidentiality and integrity. Versions before wildfly 20.0.0.Final are affected...
OpenClinic GA 安全漏洞
OpenClinic GA is an open source hospital information management system. The system supports financial management, clinical management and laboratory management and other functions. An elevation of privilege vulnerability exists in OpenClinic GA version 5.173.3, which stems from a default privileg...
Oracle MySQL Server Component Access Control Error Vulnerability (CNVD-2019-26678)
Oracle MySQL is an open source relational database management system from Oracle Corporation, of which MySQL Server is a database server component. A security vulnerability exists in the MySQL Server component of Oracle MySQL, version 5.7.24 and earlier, and the Server: Security: Privileges...