PT-2025-26354 · Unknown · Thanhtungtnt Video List Manager

Name of the Vulnerable Software and Affected Versions: thanhtungtnt Video List Manager versions 1.7 and earlier Description: The issue is related to a Missing Authorization vulnerability, which allows accessing functionality not properly constrained by ACLs. Recommendations: For thanhtungtnt Vide...

CVE-2024-0456

An authorization vulnerability exists in GitLab versions 14.0 prior to 16.6.6, 16.7 prior to 16.7.4, and 16.8 prior to 16.8.1. An unauthorized attacker is able to assign arbitrary users to MRs that they created within the project...

CVE-2024-45488

One Identity Safeguard for Privileged Passwords before 7.5.2 allows unauthorized access because of an issue related to cookies. This only affects virtual appliance installations VMware or HyperV. The fixed versions are 7.0.5.1 LTS, 7.4.2, and 7.5.2...

CVE-2025-39350 WordPress wProject theme < 5.8.0 - Unauthenticated Post/Comment/Attachment Modification/Deletion vulnerability

Missing Authorization vulnerability in Rocket Apps wProject.This issue affects wProject: from n/a before 5.8.0...

Unauthorized Access

Zitadel is vulnerable to Unauthorized Access. The vulnerability is due to the improper decoupling of the application lifecycle from the organization's lifecycle. Specifically, when an organization is deactivated in Zitadel, its associated applications remain active, allowing users from other...

SUSE-SU-2020:0660-1 Security update for openstack-manila

This update for openstack-manila fixes the following issues: - CVE-2020-9543: Fixed an issue where other project users to view, update, delete, or share resources that do not belong to them, due to a context-free lookup of a UUID bsc1165643...

Symantec ICSP Unauthorized Access

SUMMARY Symantec has released an update to address an issue that was discovered in the Industrial Control System Protection ICSP product. AFFECTED PRODUCTS Industrial Control System Protection ICSP --- CVE | Affected Versions | Remediation CVE-2019-18380 | ICSP 6.x.x | Upgrade to ICSP 6.1.1.123...

ArGoSoft FTP Server .lnk Shortcut Upload Arbitrary File Manipulation

The remote host is running ArGoSoft FTP Server. It is reported that ArGoSoft FTP Server is prone to an attack that allows link upload. An attacker, exploiting this flaw, may be able to have read and write access to any files and directories on the FTP server. C Tenable Network Security, Inc...

DATEV Nutzungskontrolle 2.12.2 - Unauthorized Access

DATEV Nutzungskontrolle 2.12.2 - Unauthorized Access source: https://www.securityfocus.com/bid/8950/info It has been reported that DATEV Nutzungskontrolle may be prone to a access validation issue that may allow a local attacker to gain access to sensitive data. The issue presents itself as a loc...

Unauthorized access via starscream/skank in ISS RealSecure

In default installation addtional rights are granted to user account skank from starscream host...