24 matches found
Astra Linux - уязвимость в symfony
Symfony is a PHP framework for web and console applications, along with a set of reusable PHP components. The ability to enumerate users was possible without requiring relevant permissions, as the handling differed depending on whether the user existed or not when trying to use the “switch users”...
Pachno 安全漏洞
Pachno is an open-source collaboration platform developed by Pachno. Version 1.0.6 of Pachno contains a security vulnerability. This vulnerability stems from an authentication bypass in the runSwitchUser operation, which may allow low-privilege users to gain higher privileges...
Ubuntu 20.04 LTS / 22.04 LTS / 24.04 LTS / 25.10 : util-linux vulnerability (USN-8091-1)
The remote Ubuntu 20.04 LTS / 22.04 LTS / 24.04 LTS / 25.10 host has packages installed that are affected by a vulnerability as referenced in the USN-8091-1 advisory. It was discovered that the util-linux su utility did not drop capabilities when being used with the --pty option. While not a...
USN-8091-1: util-linux vulnerability
It was discovered that the util-linux su utility did not drop capabilities when being used with the --pty option. While not a security issue by itself, a local attacker could possibly use the su tool to exploit vulnerabilities in other applications...
CVE-2026-0492 Privilege escalation vulnerability in SAP HANA database
SAP HANA database is vulnerable to privilege escalation allowing an attacker with valid credentials of any user to switch to another user potentially gaining administrative access. This exploit could result in a total compromise of the system�s confidentiality, integrity, and availability...
[SECURITY] Fedora 43 Update: sudo-rs-0.2.10-1.fc43
A memory safe implementation of sudo and su...
EUVD-2021-0960
Malware in sbrugna...
EUVD-2024-43533
Malicious code in bioql PyPI...
CVE-2024-49675
Authentication Bypass Using an Alternate Path or Channel vulnerability in Vitalii iBryl Switch User ibryl-switch-user allows Authentication Bypass.This issue affects iBryl Switch User: from n/a through = 1.0.1...
Exploit for CVE-2024-9890
CVE-2024-9890 User Toolkit = 1.2.3 - Authenticated Subscrib...
CVE-2024-49675
Authentication Bypass Using an Alternate Path or Channel vulnerability in Vitalii Bryl iBryl Switch User allows Authentication Bypass.This issue affects iBryl Switch User: from n/a through 1.0.1...
CVE-2024-49675
Authentication Bypass Using an Alternate Path or Channel vulnerability in Vitalii iBryl Switch User ibryl-switch-user allows Authentication Bypass.This issue affects iBryl Switch User: from n/a through = 1.0.1...
CVE-2024-49675
CVE-2024-49675 concerns the WordPress plugin iBryl Switch User. Affects versions up to 1.0.1 and earlier, with an Authentication Bypass via an Alternate Path or Channel. Public details across provided docs identify the vulnerability and affected version range, but do not confirm an available fix....
CVE-2024-49675 WordPress iBryl Switch User plugin <= 1.0.1 - Account Takeover vulnerability
Authentication Bypass Using an Alternate Path or Channel vulnerability in Vitalii iBryl Switch User ibryl-switch-user allows Authentication Bypass.This issue affects iBryl Switch User: from n/a through = 1.0.1...
CVE-2024-49675 WordPress iBryl Switch User plugin <= 1.0.1 - Account Takeover vulnerability
Authentication Bypass Using an Alternate Path or Channel vulnerability in Vitalii iBryl Switch User ibryl-switch-user allows Authentication Bypass.This issue affects iBryl Switch User: from n/a through = 1.0.1...
WordPress plugin iBryl Switch User 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exist...
PT-2024-33627 · Ibryl · Ibryl Switch User
Name of the Vulnerable Software and Affected Versions: iBryl Switch User versions 1.0.1 and earlier Description: The issue is related to an Authentication Bypass Using an Alternate Path or Channel, which affects the iBryl Switch User. This allows for authentication bypass. Recommendations: For...
WordPress iBryl Switch User plugin <= 1.0.1 - Account Takeover vulnerability
Account Takeover vulnerability discovered by stealthcopter Patchstack Alliance in WordPress Plugin iBryl Switch User versions = 1.0.1...
WordPress iBryl Switch User Plugin <= 1.0.1 is vulnerable to Broken Authentication
Software iBryl Switch User Type Plugin Vulnerable versions = 1.0.1 Fixed in N/A OWASP Top 10 A7: Identification and Authentication Failures Classification Broken Authentication CVE CVE-2024-49675 Patch priority High CVSS severity High 8.8 Developer Claim ownership PSID e670b280f106 Credits...
SUSE CVE-2008-3825
pamkrb5 2.2.14 in Red Hat Enterprise Linux RHEL 5 and earlier, when the existingticket option is enabled, uses incorrect privileges when reading a Kerberos credential cache, which allows local users to gain privileges by setting the KRB5CCNAME environment variable to an arbitrary cache filename a...