Insecure permissions in hwameistor v0.14.3 allows attackers to access sensitive data and escalate privileges by obtaining the service account's token.
This issue was addressed by removing the vulnerable code. This issue is fixed in tvOS 17.4, iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4, watchOS 10.4. An app may be able to elevate privileges.
An issue was discovered in Couchbase Server before 7.2.x before 7.2.4. otpCookie is shown with full admin on pools/default/serverGroups and engageCluster2.
eLabFTW is an open source electronic lab notebook for research labs. In the context of eLabFTW, an administrator is a user account with certain privileges to manage users and content in their assigned...
In Extreme XOS through 22.6.1.4, a read-only user can escalate privileges to root via a crafted HTTP POST request to the python method of the Machine-to-Machine Interface (MMI).
Improper privilege assignment vulnerability in the installer McAfee Application and Change Control (MACC) prior to 8.3.2 allows local administrators to change or update the configuration settings via ...
A vulnerability, which was classified as critical, has been found in TOTOLINK A3700R 9.1.2u.5822_B20200513. This issue affects the function setWiFiEasyCfg/setWiFiEasyGuestCfg of the file /cgi-bin/cste...