Browse and filter security vulnerabilities across ecosystems
Browse and filter security vulnerabilities across ecosystems
Apache HTTP Server: escalation of privilege through expressions in .htaccess in multiple modules
Path Traversal in Altium Enterprise Server Collaboration Service Allows Privilege Escalation
Arista CloudVision Exchange (CVX) Cluster Privilege Escalation via MCS Redis Session
MISP user edit endpoint mass assignment vulnerability allows unauthorized user account modification
Broadcast Receiver Privilege Escalation
Kirki 6.0.0 - 6.0.6 - Unauthenticated Privilege Escalation via 'handle_forgot_password'
nextlevelbuilder GoClaw RoleAdmin Gateway tts_config.go handleSave privileges management
Possible information disclosure via External Interface
Spectra Gutenberg Blocks <= 2.19.25 - Authenticated (Contributor+) Remote Code Execution via Arbitrary PHP Function Call via Block Attributes
Shopper: Authorization bypass and RBAC privilege escalation in team settings
Dokploy: Schedule Authorization Bypass Enables Host/Server Command Execution
RustFS: ImportIam Allows Creation of Backdoor Service Accounts Under Any Parent Including Root
Advanced Custom Fields: Extended <= 0.9.2.5 - Unauthenticated Privilege Escalation via Validation Bypass to '_acf_post_id' Parameter
Local Path Provisioner: HelperPod Template Injection
Privilege Escalation
Frontend Admin by DynamiApps <= 3.29.2 - Unauthenticated Privilege Escalation via Form Configuration Injection
NitroSense V3: Security Vulnerability Information
Budibase: Builder-to-Admin Privilege Escalation via onboardUsers Endpoint Without SMTP Configuration
Budibase: Missing Cache Invalidation on Public API Role Unassignment Allows Revoked Users to Retain Privileges for Up to 1 Hour
Firebase Support & Chat Management <= 3.1.1 - Missing Authorization to Authenticated (Subscriber+) Privilege Escalation
Showing 1 - 20 of 1,000+ results