CVE-2026-4824

A vulnerability has been found in Enter Software Iperius Backup up to 8.7.3. Affected by this issue is some unknown functionality of the component Backup Job Configuration File Handler. The manipulation leads to improper privilege management. The attack must be carried out locally. The attack is...

CVE-2020-36890

An access control bypass vulnerability in Kentico Xperience allows administrators to modify global administrator user privileges via unauthorized requests. Attackers could potentially compromise global administrator accounts and invalidate security-sensitive macros by manipulating user privilege...

CVE-2020-36890 Kentico Xperience <= 10 Administrator Access Control Bypass

An access control bypass vulnerability in Kentico Xperience allows administrators to modify global administrator user privileges via unauthorized requests. Attackers could potentially compromise global administrator accounts and invalidate security-sensitive macros by manipulating user privilege...

OpenBMCS 安全漏洞

OpenBMCS is a building management and control system from OpenBMCS Australia. A security vulnerability exists in OpenBMCS version 2.4, which stems from a privilege manipulation issue in the updateuserpermissions.php script that could lead to elevated privileges...

CVE-2025-13787

A flaw has been found in ZenTao up to 21.7.6-8564. The affected element is the function file::delete of the file module/file/control.php of the component File Handler. Executing manipulation of the argument fileID can lead to improper privilege management. It is possible to launch the attack...

RHEL 10 : command-line-assistant (RHSA-2025:16345)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:16345 advisory. The command-line-assistant package provides a simple wrapper to interact with RAG. Security Fix: command-line-assistant: Improper Access Control in...

RHEL 9 : command-line-assistant (RHSA-2025:16346)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:16346 advisory. The command-line-assistant package provides a simple wrapper to interact with RAG. Security Fix: command-line-assistant: Improper Access Control in...

Moderate: Red Hat Security Advisory: command-line-assistant security update

An update for command-line-assistant is now available for Red Hat Enterprise Linux 9.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

GLSA-202312-11 : SABnzbd: Remote Code Execution

The remote host is affected by the vulnerability described in GLSA-202312-11 SABnzbd: Remote Code Execution - SABnzbd is an open source automated Usenet download tool. A design flaw was discovered in SABnzbd that could allow remote code execution. Manipulating the Parameters setting in the...

CVE-2023-26987

An issue discovered in Konga 0.14.9 allows remote attackers to manipulate user accounts regardless of privilege via crafted POST request...

GE Healthcare Imaging and Ultrasound Products

1. EXECUTIVE SUMMARY CVSS v3 9.8 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: GE Healthcare Equipment: GE Imaging and Ultrasound Products Vulnerabilities: Unprotected Transport of Credentials, Exposure of Sensitive System Information to an Unauthorized Control Sphere 2. RISK...

Oracle 9i/10g DBMS_METADATA.GET_DDL SQL Injection Exploit v2

Exploit for multiple platform in category remote exploits ============================================================ Oracle 9i/10g DBMSMETADATA.GETDDL SQL Injection Exploit v2 ============================================================ !/usr/bin/perl Remote Oracle DBMSMETADATA.GETDDL exploit...