11 matches found
CVE-2025-34352
JumpCloud Remote Assist for Windows versions prior to 0.317.0 include an uninstaller that is invoked by the JumpCloud Windows Agent as NT AUTHORITY\SYSTEM during agent uninstall or update operations. The Remote Assist uninstaller performs privileged create, write, execute, and delete actions on...
SUSE CVE-2010-3304
The ACL plugin in Dovecot 1.2.x before 1.2.13 propagates INBOX ACLs to newly created mailboxes in certain configurations, which might allow remote attackers to read mailboxes that have unintended weak ACLs...
Adobe ColdFusion is vulnerable to privilege escalation due to weak ACLs
Overview Adobe ColdFusion fails to properly set ACLs, which can allow an unprivileged Windows user to be able to run arbitrary code with SYSTEM privileges. Description The Adobe ColdFusion installer fails to set a secure access-control list ACL on the default installation directory, such as...
CVE-2016-2393
Lenovo Fingerprint Manager before 8.01.57 and Touch Fingerprint before 1.00.08 use weak ACLs for unspecified 1 services and 2 files, which allows local users to gain privileges by invalidating local checks...
CVE-2016-2393
Lenovo Fingerprint Manager before 8.01.57 and Lenovo Touch Fingerprint before 1.00.08 expose a privilege-escalation flaw due to weak ACLs on certain services and files, enabling local attackers to bypass checks. Affected software: Fingerprint Manager (<8.01.57) and Touch Fingerprint (
CVE-2016-2393
Lenovo Fingerprint Manager before 8.01.57 and Touch Fingerprint before 1.00.08 use weak ACLs for unspecified 1 services and 2 files, which allows local users to gain privileges by invalidating local checks...
Symantec Backup Exec Server Multiple Vulnerabilities (SYM13-009)
According to its version number, the Symantec Backup Exec Server installed on the remote Windows host is affected by multiple vulnerabilities : - Multiple cross-site scripting vulnerabilities exist in the management console and the beutility console. CVE-2013-4676 - Backup and restore data files...
CVE-2010-3304
The ACL plugin in Dovecot 1.2.x before 1.2.13 propagates INBOX ACLs to newly created mailboxes in certain configurations, which might allow remote attackers to read mailboxes that have unintended weak ACLs...
Design/Logic Flaw
The ACL plugin in Dovecot 1.2.x before 1.2.13 propagates INBOX ACLs to newly created mailboxes in certain configurations, which might allow remote attackers to read mailboxes that have unintended weak ACLs...
CVE-2010-3304
The ACL plugin in Dovecot 1.2.x before 1.2.13 propagates INBOX ACLs to newly created mailboxes in certain configurations, which might allow remote attackers to read mailboxes that have unintended weak ACLs...
CVE-2010-3304
The ACL plugin in Dovecot 1.2.x before 1.2.13 propagates INBOX ACLs to newly created mailboxes in certain configurations, which might allow remote attackers to read mailboxes that have unintended weak ACLs...