202 matches found
BIT-GITLAB-2024-12303 Incorrect Privilege Assignment in GitLab
An issue has been discovered in GitLab CE/EE affecting all versions from 17.7 before 18.0.6, 18.1 before 18.1.4, and 18.2 before 18.2.2 that under certain conditions could have allowed authenticated users with specific roles and permissions to delete issues including confidential ones by inviting...
Huawei EulerOS: Security Advisory for ppp (EulerOS-SA-2025-1997)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
DELL SmartFabric OS10 Software Privilege Issue Vulnerability
DELL SmartFabric OS10 Software is a software-defined network operating system from Dell Networks, based on Linux and open source technologies, and is primarily used to enable flexible management and automated deployment of data center network resources. DELL SmartFabric OS10 Software has a...
Mattermost Permission Issues Vulnerability
Mattermost is an open source collaboration platform from Mattermost, Inc. in the United States. Mattermost suffers from a privilege issue vulnerability that stems from not properly enforcing channel member management privileges, which can be exploited by an attacker to enable unauthorized users t...
Google ChromeOS Permission Issues Vulnerability
Google ChromeOS is a Linux kernel-based operating system developed by Google. Google ChromeOS suffers from a privilege issue vulnerability. The vulnerability stems from a privilege bypass in extension management, which can be exploited by an attacker to disable extensions on ChromeOS and access...
Mattermost 安全漏洞
Mattermost is an open source collaboration platform from Mattermost, Inc. in the United States. Mattermost suffers from a privilege issue vulnerability that stems from not properly enforcing channel member management privileges, which can be exploited by an attacker to enable unauthorized users t...
CVE-2024-7562
A potential elevated privilege issue has been reported with InstallShield built Standalone MSI setups having multiple InstallScript custom actions configured. All supported versions InstallShield 2023 R2, InstallShield 2022 R2 and InstallShield 2021 R2 are affected by this issue...
CVE-2024-7562
A potential elevated privilege issue has been reported with InstallShield built Standalone MSI setups having multiple InstallScript custom actions configured. All supported versions InstallShield 2023 R2, InstallShield 2022 R2 and InstallShield 2021 R2 are affected by this issue...
CVE-2024-7562
A potential elevated privilege issue has been reported with InstallShield built Standalone MSI setups having multiple InstallScript custom actions configured. All supported versions InstallShield 2023 R2, InstallShield 2022 R2 and InstallShield 2021 R2 are affected by this issue...
Freescout Permission Issues Vulnerability
FreeScout is an open source helpdesk system built on the PHP Laravel framework, designed to provide users with functionality similar to Zendesk or Help Scout, but without sacrificing privacy or freedom. Freescout suffers from a privilege issue vulnerability that stems from improper checking of...
Mattermost Permission Issues Vulnerability
Mattermost is an open source collaboration platform from Mattermost, Inc. in the United States. Mattermost suffers from a privilege issue vulnerability that stems from insufficient privilege validation, which can be exploited by an attacker to access team invitation IDs...
CVE-2025-46823
openmrs-module-fhir2 provides the FHIR REST API and related services for OpenMRS, an open medical records system. In versions of the FHIR2 module prior to 2.5.0, privileges were not always correctly checked, which means that unauthorized users may have been able to add or edit data they were not...
Mattermost 安全漏洞
Mattermost is an open source collaboration platform from Mattermost, Inc. in the United States. Mattermost suffers from a privilege issue vulnerability that stems from insufficient privilege validation, which can be exploited by an attacker to access team invitation IDs...
CVE-2024-52814
Argo Helm is a collection of community maintained charts for argoproj.github.io projects. Prior to version 0.45.0, the workflow-role lacks granularity in its privileges, giving permissions to workflowtasksets and workflowartifactgctasks to all workflow Pods, when only certain types of Pods create...
CVE-2023-37065
Chamilo 1.11.x up to 1.11.20 allows users with admin privilege account to insert XSS in the session category management section...
CVE-2020-27149
By exploiting a vulnerability in NPort IA5150A/IA5250A Series before version 1.5, a user with “Read Only” privilege level can send requests via the web console to have the device’s configuration changed...
CVE-2005-0580
cmd5checkpw, when running setuid, does not properly drop privileges before calling the execvp function, which allows local users to read the poppasswd file...
Mattermost Permission Issues Vulnerability
Mattermost is an open source collaboration platform from Mattermost, Inc. in the United States. Mattermost suffers from a privilege issue vulnerability that stems from insufficient privilege validation, which can be exploited by an attacker to view group information via an API request...
Mattermost Permission Issues Vulnerability
Mattermost is an open source collaboration platform from Mattermost, Inc. in the United States. Mattermost suffers from a privilege issue vulnerability that stems from insufficient privilege validation, which can be exploited by an attacker to add guest users via the API...
CLSA-2025-1747432102 postgresql: Fix of CVE-2024-10978
CVE-2024-10978: fix privilege assignment issue to prevent less-privileged user from viewing or changing unauthorized rows...