Lucene search
K

111 matches found

OSV
OSV
added 2026/06/01 2:45 a.m.3 views

CVE-2026-10217 nextlevelbuilder GoClaw RoleAdmin Gateway tts_config.go handleSave privileges management

A flaw has been found in nextlevelbuilder GoClaw up to 3.11.3. The impacted element is the function handleSave of the file internal/http/ttsconfig.go of the component RoleAdmin Gateway. This manipulation causes improper privilege management. Remote exploitation of the attack is possible. The...

5.3CVSS6.1AI score0.00209EPSS
Exploits0References8
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in sudo

A flaw was discovered in sudo’s handling of ipahostname. In this process, the ipahostname value from /etc/sssd/sssd.conf was not propagated to sudo. As a result, this leads to a privilege management vulnerability in applications, where client hosts retain privileges even after those privileges ha...

8.8CVSS7.2AI score0.00687EPSS
Exploits0References2
Snyk
Snyk
added 2026/05/18 5:42 p.m.29 views

Improper Privilege Management

Overview @budibase/worker is a Budibase background service Affected versions of this package are vulnerable to Improper Privilege Management through the onboardUsers function. An attacker can gain unauthorized administrative privileges by sending crafted requests to the affected endpoint, allowin...

8.8CVSS5.8AI score0.00261EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2026/05/18 12:0 a.m.2 views

The vulnerability of the get_dumpable() function in the Linux operating system’s kernel allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the getdumpable function in the Linux operating system’s kernel is related to insecure management of privileges. Exploiting this vulnerability allows an attacker to compromise the confidentiality, integrity, and accessibility of the protected information...

7.8CVSS7.3AI score0.0138EPSS
Exploits6References17Affected Software5
Cvelist
Cvelist
added 2026/05/14 2:31 p.m.40 views

CVE-2025-62625

Improper privilege management in the KVM key download component could allow an attacker to swap tokens and download sensitive keys, potentially resulting in unauthorized access to privileged resources and loss of confidentiality...

6CVSS0.0017EPSS
Exploits0References1
CVE
CVE
added 2026/05/13 10:6 p.m.25 views

CVE-2026-29205

The CVE-2026-29205 issue affects cPanel & WHM. The vulnerability arises from incorrect privileges management and insufficient path filtering, enabling an attacker to read arbitrary files on the server via the cpdavd attachment download endpoints. PT Security reports indicate multiple vulnerabilit...

8.6CVSS5.9AI score0.07244EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/13 10:6 p.m.8 views

CVE-2026-29205

Incorrect privileges management and insufficient path filtering allow to read arbitrary file on the server via the cpdavd attachment download endpoints...

8.6CVSS5.9AI score0.07244EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/13 6:30 p.m.13 views

EUVD-2026-29909

Improper privilege management in Samsung System Support Service prior to version 8.0.8.0 allows local attackers to trigger privileged functions...

6.3CVSS5.8AI score0.00091EPSS
Exploits0References2
CNVD
CNVD
added 2026/03/06 12:0 a.m.7 views

Google Android Permission Mismanagement Vulnerability

Google Android is a Linux-based open source operating system from Google. Google Android suffers from a mismanagement of privileges vulnerability that can be exploited by attackers to cause memory corruption and local elevation of privileges...

8.4CVSS5.8AI score0.00107EPSS
Exploits0
CNNVD
CNNVD
added 2026/03/02 12:0 a.m.10 views

Google Android 安全漏洞

Google Android is a Linux-based open source operating system from Google. Google Android suffers from a mismanagement of privileges vulnerability that can be exploited by attackers to cause memory corruption and local elevation of privileges...

8.4CVSS5.8AI score0.00107EPSS
Exploits0References4
CNVD
CNVD
added 2025/11/28 12:0 a.m.4 views

ZTE ElasticNet UME R32 on Linux Mismanagement of Privileges Vulnerability

ZTE ElasticNet UME R32 is a service management and traffic processing platform from China's ZTE Corporation ZTE. A mismanagement of privileges vulnerability exists in ZTE ElasticNet UME R32 on Linux, which can be exploited by an attacker to gain access to functionality that is not properly...

7.5CVSS5.9AI score0.00241EPSS
Exploits0
CNVD
CNVD
added 2025/11/14 12:0 a.m.5 views

Intel CIP Information Disclosure Vulnerability (CNVD-2025-28673)

Intel CIP is an optional program from Intel designed to improve products by collecting performance data from users' computers. Intel CIP suffers from an information disclosure vulnerability that stems from mismanagement of privileges, which can be exploited by an attacker to cause information...

6.5CVSS6.4AI score0.00293EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2025-26510

Malicious code in bioql PyPI...

5.5CVSS6.5AI score0.001EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-59274

Malicious code in bioql PyPI...

8.8CVSS7.4AI score0.00687EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-19835

Malicious code in bioql PyPI...

4.9CVSS6.4AI score0.00369EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/09/25 12:0 a.m.5 views

ZOHO ManageEngine Endpoint Central 安全漏洞

ZOHO ManageEngine Endpoint Central is a desktop management system from ZOHO USA. A security vulnerability exists in ZOHO ManageEngine Endpoint Central versions 11.4.2500.25 and earlier and 11.4.2508.13 and earlier, which stems from improper privilege management...

7.8CVSS6.8AI score0.0025EPSS
Exploits0References1
CNVD
CNVD
added 2025/09/18 12:0 a.m.4 views

Online Library Management System Elevation of Privilege Vulnerability

Online Library Management System is an online library management system. An elevation of privilege vulnerability exists in Online Library Management System, which stems from a mismanagement of privileges in index.php and can be exploited by an attacker to cause an elevation of privilege...

9.8CVSS7.2AI score0.00527EPSS
Exploits1References1
CNVD
CNVD
added 2025/09/18 12:0 a.m.4 views

Apple macOS Tahoe Privilege Mismanagement Vulnerability

Apple macOS Tahoe is the 26th major release of Apple's macOS operating system, which was released on June 10, 2025, and features a new "Liquid Glass" visual design that significantly optimizes interface aesthetics, feature integration, and cross-device collaboration. The 26th major version of the...

5.5CVSS6.6AI score0.00183EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/09/15 12:0 a.m.6 views

Apple macOS 安全漏洞

Apple macOS Tahoe is the 26th major release of Apple's macOS operating system, which was released on June 10, 2025, and features a new "Liquid Glass" visual design that significantly optimizes interface aesthetics, feature integration, and cross-device collaboration. The 26th major version of the...

5.5CVSS6.5AI score0.00183EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/09/15 12:0 a.m.5 views

PHPGurukul Online Library Management System 安全漏洞

Online Library Management System is an online library management system. An elevation of privilege vulnerability exists in Online Library Management System, which stems from a mismanagement of privileges in index.php and can be exploited by an attacker to cause an elevation of privilege...

9.8CVSS7.1AI score0.00527EPSS
Exploits1References3
Rows per page
Query Builder