CVE-2026-21020

Improper export of android application components in OmaCP prior to SMR May-2026 Release 1 allows local attackers to trigger privileged functions...

EUVD-2025-198968

MILLENSYS Vision Tools Workspace 6.5.0.2585 exposes a sensitive configuration endpoint /MILLENSYS/settings that is accessible without authentication. This page leaks plaintext database credentials, file share paths, internal license server configuration, and software update parameters. An...

CVE-2025-63958

CVE-2025-63958 affects MILLENSYS Vision Tools Workspace 6.5.0.2585. The issue is a privileged endpoint, /MILLENSYS/settings, that accepts requests without authentication, exposing plaintext database credentials, file share paths, internal license server configuration, and software update paramete...

EUVD-2007-5308

Malware in sbrugna...

The vulnerability of the Windows operating system’s kernel allows attackers to disclose sensitive information that is protected by security measures.

The vulnerability of the Windows operating system’s kernel is related to insufficient protection of privileged functions. Exploiting this vulnerability can allow an attacker to disclose protected information...

Infinera hiT 7300 安全漏洞

The Infinera hiT 7300 is a software-defined networking SDN-ready coherent packet-optical transport system from Infinera USA. A security vulnerability exists in the Infinera hiT 7300 version 5.60.50 that stems from an undocumented privileged function in the @CT management application that allows a...

Improper Privilege Management in heroiclabs/nakama

Description A predefined View Only user has access to the User Management function at the :7351//users endpoint. By default this is a predefined system administrator function, and no other users should be able to access this function. Proof of Concept - Create a View-only user with the...

CVE-2014-4198

A Two-Factor Authentication Bypass Vulnerability exists in BS-Client Private Client 2.4 and 2.5 via an XML request that neglects the use of ADPswID and AD parameters, which could let a malicious user access privileged function...

Authentication flaw

A Two-Factor Authentication Bypass Vulnerability exists in BS-Client Private Client 2.4 and 2.5 via an XML request that neglects the use of ADPswID and AD parameters, which could let a malicious user access privileged function...

CVE-2014-4198

A Two-Factor Authentication Bypass Vulnerability exists in BS-Client Private Client 2.4 and 2.5 via an XML request that neglects the use of ADPswID and AD parameters, which could let a malicious user access privileged function...

RedHat Update for systemtap RHSA-2010:0124-01

Check for the Version of systemtap OpenVAS Vulnerability Test RedHat Update for systemtap RHSA-2010:0124-01 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under t...

Design/Logic Flaw

The Message Engine RPC service in CA BrightStor ARCServe BackUp v9.01 through R11.5, and Enterprise Backup r10.5, allows attackers to execute arbitrary code by using certain "insecure method calls" to modify the file system and registry, aka "Privileged function exposure."...

CVE-2007-5328

The Message Engine RPC service in CA BrightStor ARCServe BackUp v9.01 through R11.5, and Enterprise Backup r10.5, allows attackers to execute arbitrary code by using certain "insecure method calls" to modify the file system and registry, aka "Privileged function exposure."...