EUVD-2026-31522

Origin validation error in Microsoft Entra ID allows an unauthorized attacker to elevate privileges over a network...

Microsoft Entra ID Elevation of Privilege Vulnerability

Origin validation error in Microsoft Entra ID allows an unauthorized attacker to elevate privileges over a network...

CVE-2026-41103

Incorrect implementation of authentication algorithm in Microsoft SSO Plugin for Jira & Confluence allows an unauthorized attacker to elevate privileges over a network...

Microsoft Azure AI Foundry M365 published agents 访问控制错误漏洞

Microsoft Azure AI Foundry M365 Published Agents are a series of enterprise-level intelligent agents provided by the American company Microsoft. There is an access control vulnerability in Microsoft Azure AI Foundry M365 Published Agents. This vulnerability stems from improper access control, whi...

HCL BigFix Service Management 日志信息泄露漏洞

HCL BigFix Service Management is an IT service management and asset management platform developed by the Indian company HCL. HCL BigFix Service Management has a vulnerability related to log information leakage. This vulnerability stems from ineffective access control, which may lead to unauthoriz...

Keycloak 安全漏洞

Keycloak is an open-source identity and access management solution developed by Keycloak. There is a security vulnerability in Keycloak, which stems from improper configuration of manage-clients permissions, potentially leading to unauthorized privilege escalation...

CVE-2026-2914

CyberArk Endpoint Privilege Manager Agent versions 25.10.0 and lower allow potential unauthorized privilege elevation leveraging CyberArk elevation dialogs...

CVE-2026-2914

CyberArk Endpoint Privilege Manager Agent versions 25.10.0 and lower allow potential unauthorized privilege elevation leveraging CyberArk elevation dialogs...

CVE-2026-2914

CVE-2026-2914 affects CyberArk Endpoint Privilege Manager Agent

eNet SMART HOME server 安全漏洞

The eNet SMART HOME server is a wireless smart home console developed by the German company eNet. There are security vulnerabilities in the eNet SMART HOME server 2.2.1 and 2.3.1 versions. These vulnerabilities stem from insufficient authorization checks in the setUserGroup JSON-RPC method, which...

Linux Distros Unpatched Vulnerability : CVE-2025-14559

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the keycloak-services component of Keycloak. This vulnerability allows the issuance of access and refresh tokens for disabled users, leading...

WordPress plugin xSmart has a security vulnerability

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

PT-2026-4312

Name of the Vulnerable Software and Affected Versions Azure Front Door AFD affected versions not specified Description An improper access control issue exists in Azure Front Door AFD. This allows an unauthorized attacker to elevate privileges over a network. Recommendations At the moment, there i...

CVE-2019-18916

A potential security vulnerability has been identified for HP LaserJet Solution Software for certain HP LaserJet Printers which may lead to unauthorized elevation of privilege on the client...

EUVD-2025-25589

Malicious code in bioql PyPI...

CVE-2025-10650 Improper SSH Key Handling in Internal Debug Builds May Grant Cluster-Level Access to Non-Administrative Users

SoftIron HyperCloud 2.5.0 through 2.6.3 may incorrectly add user SSH keys to the administrator-level authorized keys under certain conditions, allowing unauthorized privilege escalation to admin via SSH. Affects non-production debug and internal development builds created between versions 2.5.0 a...

PT-2025-24855 · Microsoft · Windows Netlogon +1

Name of the Vulnerable Software and Affected Versions: Windows Netlogon affected versions not specified Description: The issue is related to the use of an uninitialized resource in Windows Netlogon, allowing an unauthorized attacker to elevate privileges over a network. Recommendations: At the...

Windows Kerberos Elevation of Privilege Vulnerability

Improper input validation in Windows Kerberos allows an authorized attacker to elevate privileges over a network...

Linux Distros Unpatched Vulnerability : CVE-2023-30630

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Dmidecode before 3.5 allows -dump-bin to overwrite a local file. This has security relevance because, for example, execution of Dmidecode via Sudo is plausible...

VulnCheck KEV: CVE-2025-24989

Microsoft Power Pages contains an improper access control vulnerability that allows an unauthorized attacker to elevate privileges over a network potentially bypassing the user registration control...