EUVD-2025-9310

Malicious code in bioql PyPI...

CVE-2025-36530

Mattermost versions 10.9.x = 10.9.1, 10.8.x = 10.8.3, 10.5.x = 10.5.8, 9.11.x = 9.11.17 fail to properly validate file paths during plugin import operations which allows restricted admin users to install unauthorized custom plugins via path traversal in the import functionality, bypassing plugin...

CVE-2025-23391

A Incorrect Privilege Assignment vulnerability in SUSE rancher allows a Restricted Administrator to change the password of Administrators and take over their accounts. This issue affects rancher: from 2.8.0 before 2.8.14, from 2.9.0 before 2.9.8, from 2.10.0 before 2.10.4...

CVE-2025-23391

A Incorrect Privilege Assignment vulnerability in SUSE rancher allows a Restricted Administrator to change the password of Administrators and take over their accounts. This issue affects rancher: from 2.8.0 before 2.8.14, from 2.9.0 before 2.9.8, from 2.10.0 before 2.10.4...

CVE-2025-23391

A Incorrect Privilege Assignment vulnerability in SUSE rancher allows a Restricted Administrator to change the password of Administrators and take over their accounts. This issue affects rancher: from 2.8.0 before 2.8.14, from 2.9.0 before 2.9.8, from 2.10.0 before 2.10.4...

CVE-2025-23391

A Incorrect Privilege Assignment vulnerability in SUSE rancher allows a Restricted Administrator to change the password of Administrators and take over their accounts. This issue affects rancher: from 2.8.0 before 2.8.14, from 2.9.0 before 2.9.8, from 2.10.0 before 2.10.4...

Rancher 安全漏洞

Rancher is an open source container management platform from the US-based Rancher Open Source, built for organizations that deploy containers in production environments. A security vulnerability exists in Rancher versions prior to 2.8.0 to 2.8.14, 2.9.0 to 2.9.8, and 2.10.0 to 2.10.4, which stems...

GHSA-8P83-CPFG-FJ3G Rancher: Restricted Administrator can change Administrator's passwords

Impact A vulnerability has been identified within Rancher where a Restricted Administrator can change the password of Administrators and take over their accounts. A Restricted Administrator should be not allowed to change the password of more privileged users unless it contains the Manage Users...

Incorrect Privilege Assignment

Overview Affected versions of this package are vulnerable to Incorrect Privilege Assignment that allows a Restricted Administrator user to change the password of an Administrator account and escalate privileges by taking over the Administrator account. Workaround This vulnerability can be avoided...

PT-2025-14372 · Rancher · Rancher

Name of the Vulnerable Software and Affected Versions: Rancher versions 2.8.0 through 2.8.13 Rancher versions 2.9.0 through 2.9.7 Rancher versions 2.10.0 through 2.10.3 Description: A vulnerability in SUSE Rancher allows a Restricted Administrator to change the password of Administrators and take...

CVE-2024-9471

A privilege escalation PE vulnerability in the XML API of Palo Alto Networks PAN-OS software enables an authenticated PAN-OS administrator with restricted privileges to use a compromised XML API key to perform actions as a higher privileged PAN-OS administrator. For example, an administrator with...

UBUNTU-CVE-2024-22116

An administrator with restricted permissions can exploit the script execution functionality within the Monitoring Hosts section. The lack of default escaping for script parameters enabled this user ability to execute arbitrary code via the Ping script, thereby compromising infrastructure...

Rancher Labs Rancher Licensing Issue Vulnerability (CNVD-2022-65014)

Rancher Labs Rancher is an open source enterprise-class container management platform from Rancher Labs, Inc. Rancher Labs Rancher is vulnerable to an authorization issue that could be exploited by an attacker to escalate a user with a restricted administrator role to full administrator...

Rancher Labs Rancher 安全漏洞

Rancher Labs Rancher is an open source enterprise-class container management platform from Rancher Labs, Inc. Rancher Labs Rancher is vulnerable to an authorization issue that could be exploited by an attacker to escalate a user with a restricted administrator role to full administrator...