Lucene search
K

17 matches found

CVE
CVE
added 2025/11/30 10:32 a.m.22 views

CVE-2025-13787

ZenTao up to 21.7.6-8564 is affected by a privilege-management flaw in the File Handler’s file::delete function (module/file/control.php). Manipulating the fileID parameter can lead to improper privilege handling, with remote exploit potential. All published references indicate upgrading to versi...

9.1CVSS5.6AI score0.00328EPSS
Exploits1References6Affected Software1
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2020-1559

Malware in sbrugna...

4.3CVSS5.9AI score0.00158EPSS
Exploits0References2
CVE
CVE
added 2025/08/22 4:4 p.m.30 views

CVE-2025-55741

UnoPim is a Laravel-based open-source PIM. In versions

8.1CVSS6.4AI score0.00387EPSS
Exploits1References3Affected Software1
CNNVD
CNNVD
added 2024/09/02 12:0 a.m.4 views

OpenHarmony 安全漏洞

OpenHarmony is a kind of Hongmeng operating system open source project of China OpenAtom Foundation OpenAtom Foundation Foundation. A security vulnerability exists in OpenHarmony version v4.1.0 and earlier versions, which stems from a network administrative privilege bypass vulnerability...

7.5CVSS6.8AI score0.00446EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/07/29 12:0 a.m.2 views

Apple iOS和Apple iPadOS 安全漏洞

Apple iOS and Apple iPadOS are products of Apple Inc. Apple iOS is an operating system developed for mobile devices, and Apple iPadOS is an operating system for iPad tablets. A security vulnerability exists in Apple iOS before version 16.7.9 and iPadOS before version 16.7.9, which stems from a...

7.8CVSS6.2AI score0.00332EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2022/10/07 12:0 a.m.6 views

PT-2022-24872 · Unknown +2 · Zoneminder +2

Name of the Vulnerable Software and Affected Versions: ZoneMinder affected versions not specified Description: The issue concerns the ZoneMinder API, which exposes database log contents to users without privileges. It also allows for the insertion, modification, and deletion of logs without syste...

9.8CVSS7.2AI score0.80462EPSS
Exploits28References48
Kaspersky
Kaspersky
added 2022/04/28 12:0 a.m.41 views

KLA12519 Multiple vulnerabilities in Microsoft Browser

Multiple vulnerabilities were found in Microsoft Browser. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service, bypass security restrictions, gain privileges, spoof user interface. Below is a complete list of vulnerabilities: 1. Use after free...

8.8CVSS9.4AI score0.0105EPSS
Exploits21References27
CNNVD
CNNVD
added 2021/10/27 12:0 a.m.5 views

Calibre 授权问题漏洞

Calibre is an open source, free, all-in-one eBook reading management and format conversion tool from Kovid Goyal, an individual developer in India. An authorization issue vulnerability exists in Calibre, which stems from the product's devices/linuxmounthelper.c file not validating user privileges...

9.3CVSS7.7AI score0.0149EPSS
Exploits1References5
CNNVD
CNNVD
added 2021/03/15 12:0 a.m.2 views

Cybozu Office 授权问题漏洞

Cybozu Office is a Web-based, cross-platform collaboration solution from Cybozu. A view restriction bypass vulnerability exists in a custom application in Cybozu Office. An attacker can use this vulnerability to obtain data from a custom application without viewing privileges...

4.3CVSS5.7AI score0.00722EPSS
Exploits0References4
CNVD
CNVD
added 2020/04/14 12:0 a.m.2 views

UQCMS Cloud Business - B2B2C system backend has a logic flaw vulnerability

UQCMS Cloud Business-B2B2C System Multi-merchant e-commerce system is a B2B2C e-commerce software. UQCMS Cloud Merchant-B2B2C System has a logic flaw vulnerability in the background, which can be exploited by an attacker to bypass login privileges for administrator operations...

6.9AI score
Exploits0
Check Point Advisories
Check Point Advisories
added 2015/02/23 12:0 a.m.11 views

ManageEngine ServiceDesk Plus User Privileges Bypass (CVE-2015-1480)

A policy bypass vulnerability exists in ManageEngine ServiceDesk Plus. The vulnerability is due to a design weakness when handling certain URLs which require administrative access. A remote, authenticated attacker can exploit this vulnerability by sending a specially crafted request to the target...

4CVSS3.5AI score0.06261EPSS
Exploits1
Prion
Prion
added 2013/10/03 9:55 p.m.31 views

Race condition

Race condition in PolicyKit aka polkit allows local users to bypass intended PolicyKit restrictions and gain privileges by starting a setuid or pkexec process before the authorization check is performed, related to 1 the polkitunixprocessnew API function, 2 the dbus API, or 3 the --process...

7.2CVSS6.5AI score0.00342EPSS
Exploits0References10Affected Software4
Debian CVE
Debian CVE
added 2013/03/04 9:0 p.m.40 views

CVE-2013-1775

sudo 1.6.0 through 1.7.10p6 and sudo 1.8.0 through 1.8.6p6 allows local users or physically proximate attackers to bypass intended time restrictions and retain privileges without re-authenticating by setting the system clock and sudo user timestamp to the epoch...

6.9CVSS4.9AI score0.03176EPSS
Exploits8
UbuntuCve
UbuntuCve
added 2010/06/08 6:30 p.m.25 views

CVE-2010-2198

lib/fsm.c in RPM 4.8.0 and earlier does not properly reset the metadata of an executable file during replacement of the file in an RPM package upgrade or deletion of the file in an RPM package removal, which might allow local users to gain privileges or bypass intended access restrictions by...

7.2CVSS7AI score0.00357EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2010/05/24 12:0 a.m.76 views

MySQL Community Server < 5.1.47 / 5.0.91 Multiple Vulnerabilities

The version of MySQL Community Server installed on the remote host is earlier than 5.1.47 / 5.0.91 and is, therefore, potentially affected by the following vulnerabilities : - The server may continue reading packets indefinitely if it receives a packet larger than the maximum size of one packet,...

6.5CVSS6.2AI score0.21789EPSS
Exploits3References8
OpenVAS
OpenVAS
added 2009/03/23 12:0 a.m.39 views

Ubuntu Update for firefox regression USN-398-4

Ubuntu Update for Linux kernel vulnerabilities USN-398-4 OpenVAS Vulnerability Test $Id: gbubuntuUSN3984.nasl 7969 2017-12-01 09:23:16Z santu $ Ubuntu Update for firefox regression USN-398-4 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH,...

9.3CVSS0.7AI score0.08604EPSS
Exploits0References2
Cvelist
Cvelist
added 2001/05/07 4:0 a.m.20 views

CVE-2001-0063

procfs in FreeBSD and possibly other operating systems allows local users to bypass access control restrictions for a jail environment and gain additional privileges...

6.6AI score0.00366EPSS
Exploits0References4
Rows per page
Query Builder