11 matches found
EUVD-2025-175337
A vulnerability in Cisco Catalyst Center could allow an authenticated, remote attacker to execute operations that should require Administrator privileges. The attacker would need valid read-only user credentials. This vulnerability is due to improper role-based access control RBAC. An attacker...
EUVD-2015-6359
Malware in sbrugna...
EUVD-2021-9152
Malicious code in bioql PyPI...
CVE-2025-23367 Org.wildfly.core:wildfly-server: wildfly improper rbac permission
A flaw was found in the Wildfly Server Role Based Access Control RBAC provider. When authorization to control management operations is secured using the Role Based Access Control provider, a user without the required privileges can suspend or resume the server. A user with a Monitor or Auditor ro...
HackerOne: Team member with Program permission only can escalate to Admin permission
Summary https://hackerone.com/TEAM/groups URL is accessible to team members with Program permission, even when "Group Management" and "User Management" menus aren't visible. I didn't research this further, however, I was able to grant all permissions to the user assigned to a group with Program...
RHEL 7 : Red Hat JBoss Enterprise Application Platform (RHSA-2017:0245)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2017:0245 advisory. Red Hat JBoss Enterprise Application Platform 6 is a platform for Java applications based on JBoss Application Server 7. This release of Red...
CVE-2018-0092
A vulnerability in the network-operator user role implementation for Cisco NX-OS System Software could allow an authenticated, local attacker to improperly delete valid user accounts. The network-operator role should not be able to delete other configured users on the device. The vulnerability is...
Important: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform security update
An update is now available for Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for eac...
Important: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform security update
An update is now available for Red Hat JBoss Enterprise Application Platform 6.4 for RHEL 5. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for eac...
Citrix XenServer Multiple Vulnerabilities (CTX220112)
The version of Citrix XenServer running on the remote host is missing a security hotfix. It is, therefore, affected by the following vulnerabilities : - A man-in-the-middle MitM vulnerability exists in the NTP component due to an improperly implemented threshold limitation for the '-g' option. A...
Design/Logic Flaw
Unspecified vulnerability in Oracle Solaris 11.1 allows local users to affect integrity and availability via vectors related to Role Based Access Control RBAC...