Medium
CVSS: 5.3
A vulnerability was found in SIFUSM/MZZYG BD S1 up to 20250611. It has been declared as problematic. This vulnerability affects unknown code of the component RTSP Live Video Stream Endpoint. The manipulation leads to improper access control…
Low
CVSS: 2.3
A vulnerability, which was classified as problematic, was found in 70mai M300 up to 20250611. Affected is an unknown function of the component Web Server. The manipulation leads to improper access controls. The attack can only be initiated…
Medium
CVSS: 5.3
A vulnerability classified as problematic was found in 70mai 1S up to 20250611. This vulnerability affects unknown code of the file /cgi-bin/Config.cgi?action=set of the component Configuration Handler. The manipulation leads to improper au…
Medium
CVSS: 5.5
A vulnerability was found in szluyu99 gin-vue-blog up to 61dd11ccd296e8642a318ada3ef7b3f7776d2410. It has been declared as critical. This vulnerability affects unknown code of the file gin-blog-server/internal/manager.go of the component PA…
High
CVSS: 8.5
XWiki is a generic wiki platform. From 8.2 and 7.4.5 until 17.1.0-rc-1, 16.10.4, and 16.4.7, pages can gain script or programming rights when they contain a link and the target of the link is renamed or moved. This might lead to execution o…
Medium
CVSS: 4.6
An incorrect privilege assignment vulnerability in Palo Alto Networks Cortex® XDR Broker VM allows an authenticated administrative user to execute certain files available within the Broker VM and escalate their privileges to root.
High
CVSS: 8.1
Nomad Community and Nomad Enterprise (“Nomad”) prefix-based ACL policy lookup can lead to incorrect rule application and shadowing. This vulnerability, identified as CVE-2025-4922, is fixed in Nomad Community Edition 1.10.2 and Nomad Enterp…
Unknown
CVSS: -
Incorrect Privilege Assignment vulnerability in Holest Engineering Spreadsheet Price Changer for WooCommerce and WP E-commerce – Light excel-like-price-change-for-woocommerce-and-wp-e-commerce-light allows Privilege Escalation.This issue af…
Unknown
CVSS: -
Incorrect Privilege Assignment vulnerability in RomanCode MapSVG mapsvg allows Privilege Escalation.This issue affects MapSVG: from n/a through < 8.6.13.
Unknown
CVSS: -
Incorrect Privilege Assignment vulnerability in ifkooo One-Login one-login allows Privilege Escalation.This issue affects One-Login: from n/a through
High
CVSS: 7.1
A flaw was found in the user's crate for Rust. This vulnerability allows privilege escalation via incorrect group listing when a user or process has fewer than exactly 1024 groups, leading to the erroneous inclusion of the root group in the…
High
CVSS: 8.2
Vulnerability of improper permission assignment in the note sharing module
Impact: Successful exploitation of this vulnerability may affect availability.
Medium
CVSS: 6.9
A vulnerability classified as critical has been found in SourceCodester Student Result Management System 1.0. This affects an unknown part of the file /admin/core/new_user of the component Register Interface. The manipulation leads to impro…
Medium
CVSS: 6.5
An issue in Unifiedtransform v2.0 allows a remote attacker to escalate privileges via the /course/edit/{id} endpoint.
Medium
CVSS: 6.5
An issue in Unifiedtransform v2.0 allows a remote attacker to escalate privileges via the /students/edit/{id} endpoint.
Medium
CVSS: 6.9
A vulnerability was found in jack0240 魏 bskms 蓝天幼儿园管理系统 up to dffe6640b5b54d8e29da6f060e0493fea74b3fad. It has been rated as critical. Affected by this issue is some unknown functionality of the file /sa/addUser of the component User Creati…
Medium
CVSS: 6.9
A vulnerability, which was classified as critical, has been found in quequnlong shiyi-blog up to 1.2.1. This issue affects some unknown processing of the file /dev api/app/album/photos/. The manipulation leads to improper authorization. The…
Medium
CVSS: 5.3
A vulnerability classified as critical was found in juzaweb CMS up to 3.4.2. This vulnerability affects unknown code of the file /admin-cp/plugin/install of the component Plugins Page. The manipulation leads to improper access controls. The…
Medium
CVSS: 5.3
A vulnerability classified as critical has been found in juzaweb CMS up to 3.4.2. This affects an unknown part of the file /admin-cp/log-viewer of the component Error Logs Page. The manipulation leads to improper access controls. It is poss…
Medium
CVSS: 5.3
A vulnerability was found in juzaweb CMS up to 3.4.2. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin-cp/permalinks of the component Permalinks Page. The manipulation leads to improper…