CVE-2026-24755

Kiteworks is a private data network PDN. Prior to version 9.3.0, an Insecure Direct Object Reference IDOR vulnerability in Kiteworks Secure Data Forms allows an authenticated user to modify permissions on resources belonging to other users due to insufficient authorization checks on resource...

Suprema BioStar 安全漏洞

Suprema BioStar is a web-based, open-integrated security platform developed by the South Korean company Suprema. It offers comprehensive features for access control, attendance management, visitor management, and video log maintenance. There were security vulnerabilities in the versions of Suprem...

PT-2026-24197

Name of the Vulnerable Software and Affected Versions ASSA ABLOY Visionline versions prior to 1.33 Description An issue exists in ASSA ABLOY Visionline that allows for configuration or environment manipulation due to incorrect default permissions, leading to execution with unnecessary privileges...

PT-2026-24285

Name of the Vulnerable Software and Affected Versions Windows versions prior to March 10, 2026 Patch Tuesday Description An improper permission assignment within the Windows Accessibility Infrastructure ATBroker.exe allows an authorized attacker to elevate privileges locally. The issue stems from...

EUVD-2025-208252

IBM Storage Scale IBM S through rage Scale 5.2.3.0 - 5.2.3.5, and IBM S through rage Scale 6.0.0.0 - 6.0.0.1 could allow a local user to unintentionally trigger additional permissions for resources in a way that allows that resource to be executed by unintended actors...

Owl Cyber Defense OPDS 安全漏洞

Owl Cyber Defense OPDS is a network isolation device developed by Owl Cyber Defense Corporation in the United States. Version 2.2.0.4 of Owl Cyber Defense OPDS contains a security vulnerability, which stems from improper allocation of permissions for critical resources, potentially leading to fil...

Salesforce Agentforce Vibes Extension 安全漏洞

Salesforce Agentforce Vibes Extension is an AI-coded agent extension from Salesforce USA. A security vulnerability exists in Salesforce Agentforce Vibes Extension versions prior to 3.2.0, which stems from improper assignment of critical resource permissions and could lead to tampering with writab...

EUVD-2010-5242

Malware in sbrugna...

EUVD-2024-3361

Malicious code in bioql PyPI...

The vulnerability of the video transmission application Canon EOS Webcam Utility Pro on macOS operating systems arises from the incorrect assignment of permissions to the critical resource. This allows attackers to execute arbitrary code and increase their privileges.

The vulnerability of the video transmission application Canon EOS Webcam Utility Pro on macOS systems is related to the incorrect assignment of permissions for the critical resource. Exploiting this vulnerability allows an attacker to execute arbitrary code and increase their privileges...

ABB Automation Builder 安全漏洞

ABB Automation Builder is an integrated engineering development environment from ABB Switzerland for unified programming and configuration of ABB programmable logic controllers PLCs, motion control and robotics systems. A security vulnerability exists in ABB Automation Builder version 2.8.0 and...

CVE-2024-52280

A Exposure of Sensitive Information to an Unauthorized Actor vulnerability in SUSE rancher which allows users to watch resources they are not allowed to access, when they have at least some generic permissions on the type. This issue affects rancher: before 2175e09, before 6e30359, before c744f0b...

Dell PowerScale OneFS 安全漏洞

Dell PowerScale OneFS is a horizontally scalable NAS Network Attached Storage operating system from Dell Technologies that is primarily used to manage massive amounts of unstructured data. A denial of service vulnerability exists in Dell PowerScale OneFS, which stems from incorrect assignment of...

PT-2024-5980 · Palo Alto Networks · Palo Alto Networks Globalprotect

Name of the Vulnerable Software and Affected Versions: Palo Alto Networks GlobalProtect App affected versions not specified Description: A privilege escalation vulnerability in the Palo Alto Networks GlobalProtect app on Windows devices enables a local user to execute programs with elevated...

The vulnerability of BIOS microprogramming software in HP laptops and workstations, related to the improper assignment of permissions for critical resources, allows attackers to increase their privileges and execute arbitrary code.

The vulnerability of BIOS microprogramming software in HP laptops and workstations is related to the improper assignment of permissions for a critical resource. Exploiting this vulnerability can allow attackers to enhance their privileges and execute arbitrary code...

PT-2024-4341 · Hewlett Packard · Hp Pc

Name of the Vulnerable Software and Affected Versions: HP PC products affected versions not specified Description: The issue is related to a potential vulnerability in the system BIOS of certain HP PC products, which may allow escalation of privileges and code execution. This is due to incorrect...

The vulnerability of the correctMkdir component in the npm package manager allows a attacker to circumvent existing security restrictions.

The vulnerability of the correctMkdir component in the npm package manager is related to the improper assignment of permissions for the critical resource. Exploiting this vulnerability could allow an attacker to circumvent existing security restrictions...

The vulnerability of the programming and debugging tool for PLC applications, MULTIPROG, integrated with the operating system ProConOS/ProConOS eCLR, arises from the improper assignment of permissions to a critical resource. This allows a perpetrator to execute arbitrary code and gain full control over the application.

The vulnerability of the MULTIPROG programming and debugging tool for PLC applications, integrated with the ProConOS/ProConOS eCLR operating system, is related to the improper assignment of permissions for a critical resource. Exploiting this vulnerability allows an attacker to execute arbitrary...

The vulnerability of Siemens SICAM Q200 multifunctional measuring devices lies in the improper assignment of permissions for critical resources, allowing intruders to increase their privileges.

The vulnerability of Siemens SICAM Q200 multifunctional measuring devices is related to the improper assignment of permissions for critical resources. Exploiting this vulnerability can allow a remote attacker to enhance their privileges...

Security Bulletin: IBM Security Directory Suite has multiple vulnerabilities [CVE-2022-33163 and CVE-2022-33168]

Summary The following vulnerabilties in IBM Security Directory Suite have been addressed. Please apply the fixes shown below. CVE-2022-33163 and CVE-2022-33168 Vulnerability Details CVEID:CVE-2022-33163 DESCRIPTION: IBM Security Directory Suite VA 8.0.1 specifies permissions for a security-critic...