39 matches found
CVE-2026-35081 Arbitrary process termination vulnerability in method ugw-logstop
The ugw-logstop method allows a remote attacker with user privileges to terminate arbitrary processes due to insufficient validation of user-supplied input...
EUVD-2026-34075
The ugw-restore method allows a remote attacker with user privileges to delete arbitrary local files due to insufficient validation of user-controlled input...
CVE-2026-35078 Arbitrary file delete vulnerability in method ugw-logstop
The ugw-logstop method allows a remote attacker with user privileges to delete arbitrary local files due to insufficient validation of user-controlled input...
CVE-2026-44058 Authentication bypass via admin auth user
An authentication bypass vulnerability in Netatalk 2.2.2 through 4.4.2 allows a remote privileged user to authenticate as an arbitrary user via the admin auth user mechanism...
CVE-2026-44058
An authentication bypass vulnerability in Netatalk 2.2.2 through 4.4.2 allows a remote privileged user to authenticate as an arbitrary user via the admin auth user mechanism...
CVE-2026-21741
An URL Redirection to Untrusted Site 'Open Redirect' vulnerability CWE-601 vulnerability in Fortinet FortiNAC-F 7.6.0 through 7.6.5, FortiNAC-F 7.4 all versions, FortiNAC-F 7.2 all versions may allow a remote privileged attacker with system administrator role to redirect users to an arbitrary...
PT-2026-25604
Authentication bypass by replay in Smart Switch prior to version 3.7.69.15 allows remote attackers to trigger privileged functions...
CVE-2026-21937
Vulnerability in the MySQL Server product of Oracle MySQL component: Server: DDL. Supported versions that are affected are 8.0.0-8.0.44, 8.4.0-8.4.7 and 9.0.0-9.5.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL...
PT-2026-1494
Name of the Vulnerable Software and Affected Versions InWave Jobs versions through 3.5.8 Description The Sfwebservice InWave Jobs software contains a missing authorization issue, allowing exploitation of incorrectly configured access control security levels. An unauthenticated attacker can execut...
Why Organizations Are Turning to RPAM
As IT environments become increasingly distributed and organizations adopt hybrid and remote work at scale, traditional perimeter-based security models and on-premises Privileged Access Management PAM solutions no longer suffice. IT administrators, contractors and third-party vendors now require...
CVE-2020-29537
Archer before 6.8 P2 6.8.0.2 is affected by an open redirect vulnerability. A remote privileged attacker may potentially redirect legitimate users to arbitrary web sites and conduct phishing attacks. The attacker could then steal the victims' credentials and silently authenticate them to the Arch...
CVE-2024-54181
IBM WebSphere Automation 1.7.5 could allow a remote privileged user, who has authorized access to the swagger UI, to execute arbitrary code. Using specially crafted input, the user could exploit this vulnerability to execute arbitrary code on the system...
Infinera hiT 7300 安全漏洞
The Infinera hiT 7300 is a software-defined networking SDN-ready coherent packet-optical transport system from Infinera USA. A security vulnerability exists in the Infinera hiT 7300 version 5.60.50, which originates in a web application that allows a remote privileged attacker to execute an...
CVE-2024-28811
An issue was discovered in Infinera hiT 7300 5.60.50. A web application allows a remote privileged attacker to execute applications contained in a specific OS directory via HTTP invocations...
PT-2023-7921 · Ibm · Ibm Qradar Siem
Name of the Vulnerable Software and Affected Versions: IBM Qradar SIEM version 7.5 Description: The issue is related to the misidentification of data, which could allow a privileged user to obtain sensitive domain information. This is due to insufficient protection of service data. A remote...
PT-2023-2178 · Cisco · Cisco Evolved Programmable Network Manager +1
Name of the Vulnerable Software and Affected Versions: Cisco Prime Infrastructure affected versions not specified Cisco Evolved Programmable Network Manager EPNM affected versions not specified Description: The issue is related to the web-based management interface of the affected systems, allowi...
mysql: Server: Stored Procedure unspecified vulnerability (CPU Jul 2022)
Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Stored Procedure. Supported versions that are affected are 8.0.29 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server...
Vulnerability of the Cluster component: The general system for managing MySQL Cluster databases, which allows attackers to gain privileged access
Vulnerability of the MySQL Cluster component: General database management system vulnerabilities in MySQL Cluster exist due to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to gain privileged access remotely...
Vulnerability of the Cluster component: The general system for managing MySQL Cluster databases, which allows attackers to gain privileged access
Vulnerability of the MySQL Cluster component: General database management system vulnerabilities in MySQL Cluster exist due to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to gain privileged access remotely...
AMQ 访问控制错误漏洞
Red Hat AMQ Broker is a pure Java multi-protocol message broker from Red Hat. It is built on an efficient asynchronous core with fast native logging for message persistence and unshared state replication options for high availability. An Access Control Error vulnerability exists in AMQ Broker tha...