CVE-2023-25409

Aten PE8108 2.4.232 is vulnerable to Incorrect Access Control. Restricted users have access to other users outlets...

CVE-2025-54548 On affected platforms, restricted users could view sensitive portions of the config database via a debug API (e.g., user password hashes)

On affected platforms, restricted users could view sensitive portions of the config database via a debug API e.g., user password hashes...

EUVD-2024-2079

Malicious code in bioql PyPI...

CVE-2021-41032

An improper access control vulnerability CWE-284 in FortiOS versions 6.4.8 and prior and 7.0.3 and prior may allow an authenticated attacker with a restricted user profile to gather sensitive information and modify the SSL-VPN tunnel status of other VDOMs using specific CLI commands...

CVE-2025-23203

Icinga Director is an Icinga config deployment tool. A Security vulnerability has been found starting in version 1.0.0 and prior to 1.10.4 and 1.11.4 on several director endpoints of REST API. To reproduce this vulnerability an authenticated user with permission to access the Director is required...

CVE-2025-23203

CVE-2025-23203 affects Icinga Director (REST API) prior to versions 1.10.4 and 1.11.4. An authenticated Director user with API access can retrieve or modify information for objects they should not fully access, via endpoints such as icingaweb2/director/service (host omitted), icingaweb2/director/...

PT-2023-25395 · Tuleap · Tuleap

Name of the Vulnerable Software and Affected Versions: Tuleap versions prior to 14.9.99.63 Description: The issue occurs when switching from a project visibility that allows restricted users to Private without restricted, where restricted users that are project administrators retain their access...

CVE-2023-25409

Aten PE8108 2.4.232 is vulnerable to Incorrect Access Control. Restricted users have access to other users outlets...

PT-2023-20051 · Aten · Aten Pe8108

Name of the Vulnerable Software and Affected Versions: Aten PE8108 version 2.4.232 Description: The issue concerns Incorrect Access Control, where restricted users have access to other users' outlets. Recommendations: For Aten PE8108 version 2.4.232, consider restricting access to outlet controls...

Foreman API and UI Privilege Vulnerability

Foreman is a set of lifecycle management tools for use in physical and virtual servers. The tool provides features such as service provisioning, configuration management, and status reporting. A privilege-lifting vulnerability exists in the Foreman API and UI. When a restricted user from a specif...

wam1040.txt

Directory Traversal Vulnerability in 121 WAM! Server 1.0.4.0 Url: http://www.121software.com/121wam/server.asp "Imagine if you could centralise the management of your FTP server farm and give customers additional database management capability." "121 WAM! Server is a standard FTP server for...