CVE-2025-15080

Improper Validation of Specified Quantity in Input vulnerability in Mitsubishi Electric MELSEC iQ-R Series R08PCPU, R16PCPU, R32PCPU, and R120PCPU allows an unauthenticated attacker to read device data or part of a control program from the affected product, write device data in the affected...

CVE-2020-36987

Program Access Controller 1.2.0.0 contains an unquoted service path vulnerability in PACService.exe that allows local attackers to execute code with elevated privileges. Attackers can exploit the unquoted path during system startup or reboot to inject and run malicious executables with LocalSyste...

CVE-2020-36987 Program Access Controller v1.2.0.0 - 'PACService.exe' Unquoted Service Path

Program Access Controller 1.2.0.0 contains an unquoted service path vulnerability in PACService.exe that allows local attackers to execute code with elevated privileges. Attackers can exploit the unquoted path during system startup or reboot to inject and run malicious executables with LocalSyste...

CVE-2020-36987

CVE-2020-36987 affects Program Access Controller 1.2.0.0. The unquoted service path vulnerability is in PACService.exe and can be triggered during system startup or reboot to inject and run malicious executables with LocalSystem privileges. Root cause: unquoted service path allowing privilege esc...

Gear Box Computers Program Access Controller code-related vulnerabilities

Gear Box Computers Program Access Controller is a program access controller developed by Gear Box Computers. Version 1.2.0.0 of the Gear Box Computers Program Access Controller contains a code vulnerability. This vulnerability stems from the PACService.exe file having a service path that is not...

EUVD-2014-2661

Malware in sbrugna...

EUVD-2018-7941

Malware in sbrugna...

CVE-1999-0236

ScriptAlias directory in NCSA and Apache httpd allowed attackers to read CGI programs...

CVE-2024-42013

In GRAU DATA Blocky before 3.1, Blocky-Gui has a Client-Side Enforcement of Server-Side Security vulnerability. An attacker with Windows administrative or debugging privileges can patch a binary in memory or on disk to bypass the password login requirement and gain full access to all functions of...

CVE-2024-41927

Cleartext transmission of sensitive information vulnerability exists in multiple IDEC PLCs. If an attacker sends a specific command to PLC's serial communication port, user credentials may be obtained. As a result, the program of the PLC may be obtained, and the PLC may be manipulated...

Toshiba e-STUDIO Security Vulnerability

Toshiba e-STUDIO is a series of high-end office multifunction printers from Toshiba, Japan. A security vulnerability exists in Toshiba e-STUDIO, which arises from the inclusion of generic authentication information in access between programs within the multifunction device, so that the informatio...

jpgarcia.es Improper Access Control vulnerability OBB-3822430

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

DHIS 2 安全漏洞

DHIS 2 is a software application. A flexible information system for data capture, management, validation, analysis and visualization. A security vulnerability exists in DHIS 2 Core versions prior to 2.36.13, prior to 2.37.8, and prior to 2.38.2, which stems from the fact that users may be able to...

wildfare.co.uk Improper Access Control vulnerability OBB-2227678

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

interpretingcolombia.com Improper Access Control vulnerability OBB-2177846

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

app.instato.io Improper Access Control vulnerability OBB-1068602

Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

HackerOne: Hacktivity of a private program visible to banned user if he gets invited to a program by hackbot

Summary: The hacktivity of a private program is visible to banned user if he gets invited to a program by hackbot. Description: Back in 2016 i was banned by █████'s private program ███ due to some conflict between me and their security team, i think they manually put me in banned users list, but...

CVE-2017-14464

An exploitable access control vulnerability exists in the data, program, and function file permissions functionality of Allen Bradley Micrologix 1400 Series B FRN 21.2 and before. A specially crafted packet can cause a read or write operation resulting in disclosure of sensitive information,...

Design/Logic Flaw

HP NonStop Safeguard Security Software G, H06.03 through H06.28.01, and J06.03 through J06.17.01 does not properly evaluate the DISKFILE-PATTERN ACL of a program object file, which allows remote authenticated users to bypass intended restrictions on program access via vectors related to...

CVE-2014-2629

HP NonStop Safeguard Security Software G, H06.03 through H06.28.01, and J06.03 through J06.17.01 does not properly evaluate the DISKFILE-PATTERN ACL of a program object file, which allows remote authenticated users to bypass intended restrictions on program access via vectors related to...