2 matches found
CVE-2020-15261
On Windows the Veyon Service before version 4.4.2 contains an unquoted service path vulnerability, allowing locally authenticated users with administrative privileges to run malicious executables with LocalSystem privileges. Since Veyon users both students and teachers usually don't have...
CVE-2001-1278
Zope vulnerable before 2.2.4: partially trusted users could bypass security checks by invoking methods via the fmt attribute of dtml-var tags. The Mandrake MDKSA-2001:080 hotfix addresses this DTML scripting issue, remedying the fmt access problem and preventing unauthorized method calls. The vul...