17 matches found
CVE-2025-13787
ZenTao up to 21.7.6-8564 is affected by a privilege-management flaw in the File Handler’s file::delete function (module/file/control.php). Manipulating the fileID parameter can lead to improper privilege handling, with remote exploit potential. All published references indicate upgrading to versi...
EUVD-2020-1559
Malware in sbrugna...
CVE-2025-55741
UnoPim is a Laravel-based open-source PIM. In versions
OpenHarmony 安全漏洞
OpenHarmony is a kind of Hongmeng operating system open source project of China OpenAtom Foundation OpenAtom Foundation Foundation. A security vulnerability exists in OpenHarmony version v4.1.0 and earlier versions, which stems from a network administrative privilege bypass vulnerability...
Apple iOS和Apple iPadOS 安全漏洞
Apple iOS and Apple iPadOS are products of Apple Inc. Apple iOS is an operating system developed for mobile devices, and Apple iPadOS is an operating system for iPad tablets. A security vulnerability exists in Apple iOS before version 16.7.9 and iPadOS before version 16.7.9, which stems from a...
PT-2022-24872 · Unknown +2 · Zoneminder +2
Name of the Vulnerable Software and Affected Versions: ZoneMinder affected versions not specified Description: The issue concerns the ZoneMinder API, which exposes database log contents to users without privileges. It also allows for the insertion, modification, and deletion of logs without syste...
KLA12519 Multiple vulnerabilities in Microsoft Browser
Multiple vulnerabilities were found in Microsoft Browser. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service, bypass security restrictions, gain privileges, spoof user interface. Below is a complete list of vulnerabilities: 1. Use after free...
Calibre 授权问题漏洞
Calibre is an open source, free, all-in-one eBook reading management and format conversion tool from Kovid Goyal, an individual developer in India. An authorization issue vulnerability exists in Calibre, which stems from the product's devices/linuxmounthelper.c file not validating user privileges...
Cybozu Office 授权问题漏洞
Cybozu Office is a Web-based, cross-platform collaboration solution from Cybozu. A view restriction bypass vulnerability exists in a custom application in Cybozu Office. An attacker can use this vulnerability to obtain data from a custom application without viewing privileges...
UQCMS Cloud Business - B2B2C system backend has a logic flaw vulnerability
UQCMS Cloud Business-B2B2C System Multi-merchant e-commerce system is a B2B2C e-commerce software. UQCMS Cloud Merchant-B2B2C System has a logic flaw vulnerability in the background, which can be exploited by an attacker to bypass login privileges for administrator operations...
ManageEngine ServiceDesk Plus User Privileges Bypass (CVE-2015-1480)
A policy bypass vulnerability exists in ManageEngine ServiceDesk Plus. The vulnerability is due to a design weakness when handling certain URLs which require administrative access. A remote, authenticated attacker can exploit this vulnerability by sending a specially crafted request to the target...
Race condition
Race condition in PolicyKit aka polkit allows local users to bypass intended PolicyKit restrictions and gain privileges by starting a setuid or pkexec process before the authorization check is performed, related to 1 the polkitunixprocessnew API function, 2 the dbus API, or 3 the --process...
CVE-2013-1775
sudo 1.6.0 through 1.7.10p6 and sudo 1.8.0 through 1.8.6p6 allows local users or physically proximate attackers to bypass intended time restrictions and retain privileges without re-authenticating by setting the system clock and sudo user timestamp to the epoch...
CVE-2010-2198
lib/fsm.c in RPM 4.8.0 and earlier does not properly reset the metadata of an executable file during replacement of the file in an RPM package upgrade or deletion of the file in an RPM package removal, which might allow local users to gain privileges or bypass intended access restrictions by...
MySQL Community Server < 5.1.47 / 5.0.91 Multiple Vulnerabilities
The version of MySQL Community Server installed on the remote host is earlier than 5.1.47 / 5.0.91 and is, therefore, potentially affected by the following vulnerabilities : - The server may continue reading packets indefinitely if it receives a packet larger than the maximum size of one packet,...
Ubuntu Update for firefox regression USN-398-4
Ubuntu Update for Linux kernel vulnerabilities USN-398-4 OpenVAS Vulnerability Test $Id: gbubuntuUSN3984.nasl 7969 2017-12-01 09:23:16Z santu $ Ubuntu Update for firefox regression USN-398-4 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH,...
CVE-2001-0063
procfs in FreeBSD and possibly other operating systems allows local users to bypass access control restrictions for a jail environment and gain additional privileges...