Lucene search
K

32 matches found

ATTACKERKB
ATTACKERKB
added 2026/06/01 9:49 p.m.9 views

CVE-2026-24755

Kiteworks is a private data network PDN. Prior to version 9.3.0, an Insecure Direct Object Reference IDOR vulnerability in Kiteworks Secure Data Forms allows an authenticated user to modify permissions on resources belonging to other users due to insufficient authorization checks on resource...

5.4CVSS5.8AI score0.00024EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2026/05/29 12:0 a.m.6 views

Suprema BioStar 安全漏洞

Suprema BioStar is a web-based, open-integrated security platform developed by the South Korean company Suprema. It offers comprehensive features for access control, attendance management, visitor management, and video log maintenance. There were security vulnerabilities in the versions of Suprem...

10CVSS5.8AI score0.00079EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/03/10 12:0 a.m.5 views

PT-2026-24197

Name of the Vulnerable Software and Affected Versions ASSA ABLOY Visionline versions prior to 1.33 Description An issue exists in ASSA ABLOY Visionline that allows for configuration or environment manipulation due to incorrect default permissions, leading to execution with unnecessary privileges...

7.8CVSS5.9AI score0.00016EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2026/03/10 12:0 a.m.2 views

PT-2026-24285

Name of the Vulnerable Software and Affected Versions Windows versions prior to March 10, 2026 Patch Tuesday Description An improper permission assignment within the Windows Accessibility Infrastructure ATBroker.exe allows an authorized attacker to elevate privileges locally. The issue stems from...

7.8CVSS6.3AI score0.00044EPSS
Exploits3References31
EUVD
EUVD
added 2026/03/03 7:48 p.m.5 views

EUVD-2025-208252

IBM Storage Scale IBM S through rage Scale 5.2.3.0 - 5.2.3.5, and IBM S through rage Scale 6.0.0.0 - 6.0.0.1 could allow a local user to unintentionally trigger additional permissions for resources in a way that allows that resource to be executed by unintended actors...

6.6CVSS5.9AI score0.00004EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/02/20 12:0 a.m.6 views

Owl Cyber Defense OPDS 安全漏洞

Owl Cyber Defense OPDS is a network isolation device developed by Owl Cyber Defense Corporation in the United States. Version 2.2.0.4 of Owl Cyber Defense OPDS contains a security vulnerability, which stems from improper allocation of permissions for critical resources, potentially leading to fil...

8.5CVSS5.8AI score0.00017EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/11/04 12:0 a.m.2 views

Salesforce Agentforce Vibes Extension 安全漏洞

Salesforce Agentforce Vibes Extension is an AI-coded agent extension from Salesforce USA. A security vulnerability exists in Salesforce Agentforce Vibes Extension versions prior to 3.2.0, which stems from improper assignment of critical resource permissions and could lead to tampering with writab...

5.3CVSS6.6AI score0.00041EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.2 views

EUVD-2010-5242

Malware in sbrugna...

6.8CVSS6.4AI score0.0013EPSS
Exploits1References6
EUVD
EUVD
added 2025/10/03 8:7 p.m.2 views

EUVD-2024-3361

Malicious code in bioql PyPI...

7.7CVSS6.3AI score0.00207EPSS
Exploits0References5
BDU FSTEC
BDU FSTEC
added 2025/07/03 12:0 a.m.2 views

The vulnerability of the video transmission application Canon EOS Webcam Utility Pro on macOS operating systems arises from the incorrect assignment of permissions to the critical resource. This allows attackers to execute arbitrary code and increase their privileges.

The vulnerability of the video transmission application Canon EOS Webcam Utility Pro on macOS systems is related to the incorrect assignment of permissions for the critical resource. Exploiting this vulnerability allows an attacker to execute arbitrary code and increase their privileges...

4.3CVSS6AI score0.00065EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/04/30 12:0 a.m.2 views

ABB Automation Builder 安全漏洞

ABB Automation Builder is an integrated engineering development environment from ABB Switzerland for unified programming and configuration of ABB programmable logic controllers PLCs, motion control and robotics systems. A security vulnerability exists in ABB Automation Builder version 2.8.0 and...

8.5CVSS6.7AI score0.00084EPSS
Exploits0References1
NVD
NVD
added 2025/04/11 12:15 p.m.28 views

CVE-2024-52280

A Exposure of Sensitive Information to an Unauthorized Actor vulnerability in SUSE rancher which allows users to watch resources they are not allowed to access, when they have at least some generic permissions on the type. This issue affects rancher: before 2175e09, before 6e30359, before c744f0b...

7.7CVSS0.00207EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/01/06 12:0 a.m.3 views

Dell PowerScale OneFS 安全漏洞

Dell PowerScale OneFS is a horizontally scalable NAS Network Attached Storage operating system from Dell Technologies that is primarily used to manage massive amounts of unstructured data. A denial of service vulnerability exists in Dell PowerScale OneFS, which stems from incorrect assignment of...

5.5CVSS6.6AI score0.00088EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/08/14 12:0 a.m.2 views

PT-2024-5980 · Palo Alto Networks · Palo Alto Networks Globalprotect

Name of the Vulnerable Software and Affected Versions: Palo Alto Networks GlobalProtect App affected versions not specified Description: A privilege escalation vulnerability in the Palo Alto Networks GlobalProtect app on Windows devices enables a local user to execute programs with elevated...

7.8CVSS7.3AI score0.00093EPSS
Exploits0References9
BDU FSTEC
BDU FSTEC
added 2024/06/28 12:0 a.m.1 views

The vulnerability of BIOS microprogramming software in HP laptops and workstations, related to the improper assignment of permissions for critical resources, allows attackers to increase their privileges and execute arbitrary code.

The vulnerability of BIOS microprogramming software in HP laptops and workstations is related to the improper assignment of permissions for a critical resource. Exploiting this vulnerability can allow attackers to enhance their privileges and execute arbitrary code...

6.8CVSS5.8AI score0.00167EPSS
Exploits0References2Affected Software24
Positive Technologies
Positive Technologies
added 2024/06/10 12:0 a.m.4 views

PT-2024-4341 · Hewlett Packard · Hp Pc

Name of the Vulnerable Software and Affected Versions: HP PC products affected versions not specified Description: The issue is related to a potential vulnerability in the system BIOS of certain HP PC products, which may allow escalation of privileges and code execution. This is due to incorrect...

6.8CVSS8.2AI score0.00126EPSS
Exploits0References6
BDU FSTEC
BDU FSTEC
added 2024/02/19 12:0 a.m.2 views

The vulnerability of the correctMkdir component in the npm package manager allows a attacker to circumvent existing security restrictions.

The vulnerability of the correctMkdir component in the npm package manager is related to the improper assignment of permissions for the critical resource. Exploiting this vulnerability could allow an attacker to circumvent existing security restrictions...

7.8CVSS7.2AI score0.00042EPSS
Exploits0References3Affected Software2
BDU FSTEC
BDU FSTEC
added 2023/12/21 12:0 a.m.1 views

The vulnerability of the programming and debugging tool for PLC applications, MULTIPROG, integrated with the operating system ProConOS/ProConOS eCLR, arises from the improper assignment of permissions to a critical resource. This allows a perpetrator to execute arbitrary code and gain full control over the application.

The vulnerability of the MULTIPROG programming and debugging tool for PLC applications, integrated with the ProConOS/ProConOS eCLR operating system, is related to the improper assignment of permissions for a critical resource. Exploiting this vulnerability allows an attacker to execute arbitrary...

10CVSS8.2AI score0.00811EPSS
Exploits0References5
BDU FSTEC
BDU FSTEC
added 2023/07/26 12:0 a.m.2 views

The vulnerability of Siemens SICAM Q200 multifunctional measuring devices lies in the improper assignment of permissions for critical resources, allowing intruders to increase their privileges.

The vulnerability of Siemens SICAM Q200 multifunctional measuring devices is related to the improper assignment of permissions for critical resources. Exploiting this vulnerability can allow a remote attacker to enhance their privileges...

4.8CVSS6.3AI score0.00113EPSS
Exploits0References4Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/07/25 8:41 p.m.50 views

Security Bulletin: IBM Security Directory Suite has multiple vulnerabilities [CVE-2022-33163 and CVE-2022-33168]

Summary The following vulnerabilties in IBM Security Directory Suite have been addressed. Please apply the fixes shown below. CVE-2022-33163 and CVE-2022-33168 Vulnerability Details CVEID:CVE-2022-33163 DESCRIPTION: IBM Security Directory Suite VA 8.0.1 specifies permissions for a security-critic...

8.1CVSS6.4AI score0.00072EPSS
Exploits0Affected Software1
Rows per page
Query Builder