PT-2026-30020

Impact An authenticated user using the auth users plugin authentication method could install a custom package even if this user is not superuser. Patches This is fixed in the version 2.2.15. Users should upgrade to this version as soon as possible...

CVE-2026-23526 CVAT vulnerable to privilege escalation of users with staff status

CVAT is an open source interactive video and image annotation tool for computer vision. In versions 1.0.0 through 2.54.0, users that have the staff status may freely change their permissions, including giving themselves superuser status and joining the admin group, which gives them full access to...

EUVD-2026-3773

CVAT is an open source interactive video and image annotation tool for computer vision. In versions 1.0.0 through 2.54.0, users that have the staff status may freely change their permissions, including giving themselves superuser status and joining the admin group, which gives them full access to...

Phrack55:Klog

Rewrite pointer to memory window ------- Phrack Magazine --- Vol. 9 | Issue 55 --- 09.09.99 --- 08 of 19 ------------------------ Rewrite pointer to memory window -------- klog ---- Introduction If buffers can be overflowed, then by overwriting critical data, stored in the address space of the...

Символьные линки в wmtv (symbolic link)

При записи файла конфигурации не сбрасываются права суперпользователя и не проверяются символьные линки...

unixware.Xsco.txt

-----Original Message----- Date: Fri, 26 Nov 1999 04:27:16 +0300 MSK From: Matt Conover To: [email protected] Subject: w00giving '99 6: UnixWare 7's Xsco Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII w00w00 Security Development WSD...