CVE-2025-2324 A MOVEit Transfer user configured as a Shared Account can gain unintended List permissions on a folder

Improper Privilege Management vulnerability for users configured as Shared Accounts in Progress MOVEit Transfer SFTP module allows Privilege Escalation.This issue affects MOVEit Transfer: from 2023.1.0 before 2023.1.12, from 2024.0.0 before 2024.0.8, from 2024.1.0 before 2024.1.2...

CVE-2025-2324 A MOVEit Transfer user configured as a Shared Account can gain unintended List permissions on a folder

Improper Privilege Management vulnerability for users configured as Shared Accounts in Progress MOVEit Transfer SFTP module allows Privilege Escalation.This issue affects MOVEit Transfer: from 2023.1.0 before 2023.1.12, from 2024.0.0 before 2024.0.8, from 2024.1.0 before 2024.1.2...

Samba 授权问题漏洞

Samba is the standard Windows interoperability suite of programs for Linux and Unix. An authorization issue vulnerability exists in Samba versions prior to 4.16.4, which stems from the KDC and kpasswd services sharing an account and a set of keys, which in some cases makes both services vulnerabl...

CFME: VMRC plugin console grants users administrative access

A flaw was found in the CloudForms account configuration when using VMware. By default, a shared account is used that has privileged access to VMRC VMWare Remote Console functions that may not be appropriate for users of CloudForms and thus this account. An attacker could use this vulnerability t...