113 matches found
CVE-2011-1321
The AuthCache purge implementation in the Security component in IBM WebSphere Application Server WAS 6.1.0.x before 6.1.0.37 and 7.x before 7.0.0.15 does not purge a user from the PlatformCredential cache, which might allow remote authenticated users to gain privileges by leveraging a group...
CVE-2025-30000
A vulnerability has been identified in Siemens License Server SLS All versions V4.3. The affected application does not properly restrict permissions of the users. This could allow a lowly-privileged attacker to escalate their privileges...
CVE-2022-25311
A vulnerability has been identified in SINEC NMS All versions = V1.0.3 V2.0, SINEC NMS All versions V1.0.3, SINEMA Server V14 All versions. The affected software do not properly check privileges between users during the same web browser session, creating an unintended sphere of control. This coul...
ROS-20250121-05
A vulnerability in the modsql component of the ProFTPD FTP server is related to privilege management errors. Exploitation of the vulnerability could allow an attacker acting remotely to elevate his privileges to the root user...
SQL Injection Vulnerability in Ruiyou Skywing Application Virtualization System of Xi'an Ruiyou Information Technology Information Co.
Ruiyou Tianyi Application Virtualization System is a domestic application virtualization platform with independent intellectual property rights, which is based on Server-based Computing SBC. Xi'an Ruiyou Information Technology Co., Ltd. Ruiyou Tianyi Application Virtualization System suffers from...
File upload vulnerability in the education cloud platform of Beijing Zhongqing Modern Technology Co. Ltd (CNVD-C-2024-945982)
Beijing Zhongqing Modern Technology Co., Ltd. is a high-tech enterprise founded in 1993, specializing in providing educational users with products and solutions such as recording and broadcasting system, three classrooms and smart classrooms. A file upload vulnerability exists in the education...
FeehiCMS code issue vulnerability (CNVD-2024-37609)
FeehiCMS is a content management system CMS based on the Yii2 framework, aiming to provide Yii2 enthusiasts with a full-featured CMS system so that developers can focus more on the development of business functions. A security vulnerability exists in FeehiCMS. The vulnerability is related to the...
File Upload Vulnerability in EG2000K of Beijing StarNet Ruijie Network Technology Co.
Ruijie Networks, founded in 2003, is an industry-leading ICT infrastructure and solutions provider. A file upload vulnerability exists in the EG2000K of Beijing StarNet Ruijie Network Technology Co. Ltd, which can be exploited by attackers to gain server privileges...
[SECURITY] [DSA 5657-1] xorg-server security update
------------------------------------------------------------------------- Debian Security Advisory DSA-5657-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso April 12, 2024 https://www.debian.org/security/faq -...
CVE-2024-28033
OS command injection vulnerability exists in WebProxy 1.7.8 and 1.7.9, which may allow a remote unauthenticated attacker to execute an arbitrary OS command with the privilege of the running web server. Note that the developer was unreachable, therefore, users should consider stop using WebProxy...
JVN#17176449: ffBull vulnerable to OS command injection
ffBull according to the original report submitted by the reporter provided by Fortunefield is a bulletin board system BBS. ffBull contains an OS command injection vulnerability CWE-78. Impact A remote unauthenticated attacker may execute an arbitrary OS command with the privilege of the running w...
Exploit for CVE-2023-38646
CVE-2023-38646 - Metabase RCE Metabase open source before 0.46...
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : xtrans (SUSE-SU-2023:3190-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2023:3190-1 advisory. - CVE-2020-25697: Fixed local privilege escalation via TRANSABSTRACT on the client side bsc1178613. Tenab...
Exploit for CVE-2023-38646
CVE-2023-38646 - Metabase Pre-auth RCE !Untitled presentatio...
CVE-2023-38646
Metabase open source before 0.46.6.1 and Metabase Enterprise before 1.46.6.1 allow attackers to execute arbitrary commands on the server, at the server's privilege level. Authentication is not required for exploitation. The other fixed versions are 0.45.4.1, 1.45.4.1, 0.44.7.1, 1.44.7.1, 0.43.7.2...
Design/Logic Flaw
Metabase open source before 0.46.6.1 and Metabase Enterprise before 1.46.6.1 allow attackers to execute arbitrary commands on the server, at the server's privilege level. Authentication is not required for exploitation. The other fixed versions are 0.45.4.1, 1.45.4.1, 0.44.7.1, 1.44.7.1, 0.43.7.2...
CVE-2023-38646
Metabase open source before 0.46.6.1 and Metabase Enterprise before 1.46.6.1 allow attackers to execute arbitrary commands on the server, at the server's privilege level. Authentication is not required for exploitation. The other fixed versions are 0.45.4.1, 1.45.4.1, 0.44.7.1, 1.44.7.1, 0.43.7.2...
Arbitrary File Upload
yuan1994/tpadmin is vulnerable to Arbitrary File Upload. The vulnerability exists because the library does not properly validate files uploaded in Upload.php, allowing an attacker to bypass the file upload restrictions and take over server privilege...
tigervnc security update
1.12.0-9 - xorg-x11-server: DeepCopyPointerClasses use-after-free leads to privilege elevation Resolves: bz2167057...
Microsoft Exchange Server Elevation of Privilege Vulnerability
...