Total
766 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-65094 | 1 Wbce | 1 Wbce Cms | 2025-12-15 | N/A | 8.8 HIGH |
| WBCE CMS is a content management system. Prior to version 1.6.4, a low-privileged user in WBCE CMS can escalate their privileges to the Administrators group by manipulating the groups[] parameter in the /admin/users/save.php request. The UI restricts users to assigning only their existing group, but server-side validation is missing, allowing attackers to overwrite their group membership and obtain full administrative access. This results in a complete compromise of the CMS. This issue has been patched in version 1.6.4. | |||||
| CVE-2024-12678 | 1 Hashicorp | 1 Nomad | 2025-12-12 | N/A | 6.5 MEDIUM |
| Nomad Community and Nomad Enterprise ("Nomad") allocations are vulnerable to privilege escalation within a namespace through unredacted workload identity tokens. This vulnerability, identified as CVE-2024-12678, is fixed in Nomad Community Edition 1.9.4 and Nomad Enterprise 1.9.4, 1.8.8, and 1.7.16. | |||||
| CVE-2025-59945 | 1 Syslifters | 1 Sysreptor | 2025-12-11 | N/A | 8.1 HIGH |
| SysReptor is a fully customizable pentest reporting platform. In versions from 2024.74 to before 2025.83, authenticated and unprivileged (non-admin) users can assign the is_project_admin permission to their own user. This allows users to read, modify and delete pentesting projects they are not members of and are therefore not supposed to access. This issue has been patched in version 2025.83. | |||||
| CVE-2025-3199 | 1 Pandarobot | 1 Ruoyi Ai | 2025-12-08 | 7.5 HIGH | 7.3 HIGH |
| A vulnerability was found in ageerle ruoyi-ai up to 2.0.1 and classified as critical. Affected by this issue is some unknown functionality of the file ruoyi-modules/ruoyi-system/src/main/java/org/ruoyi/system/controller/system/SysModelController.java of the component API Interface. The manipulation leads to improper authorization. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 2.0.2 is able to address this issue. The name of the patch is c0daf641fb25b244591b7a6c3affa35c69d321fe. It is recommended to upgrade the affected component. | |||||
| CVE-2025-66296 | 1 Getgrav | 1 Grav | 2025-12-04 | N/A | 8.8 HIGH |
| Grav is a file-based Web platform. Prior to 1.8.0-beta.27, a privilege escalation vulnerability exists in Grav’s Admin plugin due to the absence of username uniqueness validation when creating users. A user with the create user permission can create a new account using the same username as an existing administrator account, set a new password/email, and then log in as that administrator. This effectively allows privilege escalation from limited user-manager permissions to full administrator access. This vulnerability is fixed in 1.8.0-beta.27. | |||||
| CVE-2025-13787 | 1 Zentao | 1 Zentao | 2025-12-04 | 5.5 MEDIUM | 5.4 MEDIUM |
| A flaw has been found in ZenTao up to 21.7.6-8564. The affected element is the function file::delete of the file module/file/control.php of the component File Handler. Executing manipulation of the argument fileID can lead to improper privilege management. It is possible to launch the attack remotely. Upgrading to version 21.7.7 is sufficient to fix this issue. You should upgrade the affected component. | |||||
| CVE-2025-64761 | 1 Openbao | 1 Openbao | 2025-12-01 | N/A | 7.2 HIGH |
| OpenBao is an open source identity-based secrets management system. Prior to version 2.4.4, a privileged operator could use the identity group subsystem to add a root policy to a group identity group, escalating their or another user's permissions in the system. Specifically this is an issue when: an operator in the root namespace has access to identity/groups endpoints and an operator does not have policy access. Otherwise, an operator with policy access could create or modify an existing policy to grant root-equivalent permissions through the sudo capability. This issue has been patched in version 2.4.4. | |||||
| CVE-2025-5409 | 1 Mist | 1 Mist | 2025-11-25 | 7.5 HIGH | 7.3 HIGH |
| A vulnerability was found in Mist Community Edition up to 4.7.1. It has been classified as critical. This affects the function create_token of the file src/mist/api/auth/views.py of the component API Token Handler. The manipulation leads to improper access controls. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 4.7.2 is able to address this issue. The identifier of the patch is db10ecb62ac832c1ed4924556d167efb9bc07fad. It is recommended to upgrade the affected component. | |||||
| CVE-2024-12235 | 1 Tongzhouyun | 1 Agilebpm | 2025-11-12 | 6.5 MEDIUM | 6.3 MEDIUM |
| A vulnerability was found in Shenzhen Dashi Tongzhou Information Technology AgileBPM up to 1.0.0. It has been declared as critical. Affected by this vulnerability is the function doFilter of the file \agile-bpm-basic-master\ab-auth\ab-auth-spring-security-oauth2\src\main\java\com\dstz\auth\filter\AuthorizationTokenCheckFilter.java. The manipulation leads to improper access controls. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-27095 | 1 Fit2cloud | 1 Jumpserver | 2025-11-12 | N/A | 4.3 MEDIUM |
| JumpServer is an open source bastion host and an operation and maintenance security audit system. Prior to 4.8.0 and 3.10.18, an attacker with a low-privileged account can access the Kubernetes session feature and manipulate the kubeconfig file to redirect API requests to an external server controlled by the attacker. This allows the attacker to intercept and capture the Kubernetes cluster token. This can potentially allow unauthorized access to the cluster and compromise its security. This vulnerability is fixed in 4.8.0 and 3.10.18. | |||||
| CVE-2024-58273 | 1 Nagios | 1 Log Server | 2025-11-06 | N/A | 7.8 HIGH |
| Nagios Log Server versions prior to 2024R1.0.2 contain a local privilege escalation vulnerability that allows an attacker who could execute commands as the Apache web user (or the backend shell user) to escalate to root on the host. | |||||
| CVE-2025-62645 | 1 Rbi | 1 Restaurant Brands International Assistant | 2025-11-04 | N/A | 9.9 CRITICAL |
| The Restaurant Brands International (RBI) assistant platform through 2025-09-06 allows a remote authenticated attacker to obtain a token with administrative privileges for the entire platform via the createToken GraphQL mutation. | |||||
| CVE-2024-10978 | 2 Debian, Postgresql | 2 Debian Linux, Postgresql | 2025-11-03 | N/A | 4.2 MEDIUM |
| Incorrect privilege assignment in PostgreSQL allows a less-privileged application user to view or change different rows from those intended. An attack requires the application to use SET ROLE, SET SESSION AUTHORIZATION, or an equivalent feature. The problem arises when an application query uses parameters from the attacker or conveys query results to the attacker. If that query reacts to current_setting('role') or the current user ID, it may modify or return data as though the session had not used SET ROLE or SET SESSION AUTHORIZATION. The attacker does not control which incorrect user ID applies. Query text from less-privileged sources is not a concern here, because SET ROLE and SET SESSION AUTHORIZATION are not sandboxes for unvetted queries. Versions before PostgreSQL 17.1, 16.5, 15.9, 14.14, 13.17, and 12.21 are affected. | |||||
| CVE-2025-43260 | 1 Apple | 1 Macos | 2025-11-03 | N/A | 5.1 MEDIUM |
| This issue was addressed with improved data protection. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7. An app may be able to hijack entitlements granted to other privileged apps. | |||||
| CVE-2025-11641 | 1 Furbo | 4 Furbo 360 Dog Camera, Furbo 360 Dog Camera Firmware, Furbo Mini and 1 more | 2025-10-30 | 3.7 LOW | 3.9 LOW |
| A vulnerability was determined in Tomofun Furbo 360 and Furbo Mini. This impacts an unknown function of the component Trial Restriction Handler. This manipulation causes improper access controls. It is feasible to perform the attack on the physical device. The attack is considered to have high complexity. The exploitability is said to be difficult. The firmware versions determined to be affected are Furbo 360 up to FB0035_FW_036 and Furbo Mini up to MC0020_FW_074. The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2025-42936 | 1 Sap | 1 Sap Basis | 2025-10-23 | N/A | 5.4 MEDIUM |
| The SAP NetWeaver Application Server for ABAP does not enable an administrator to assign distinguished authorizations for different user roles, this issue allows authenticated users to access restricted objects in the barcode interface, leading to privilege escalation. This results in a low impact on the confidentiality and integrity of the application, there is no impact on availability. | |||||
| CVE-2025-2320 | 1 274056675 | 1 Springboot-openai-chatgpt | 2025-10-22 | 7.5 HIGH | 7.3 HIGH |
| A vulnerability has been found in 274056675 springboot-openai-chatgpt e84f6f5 and classified as critical. Affected by this vulnerability is the function submit of the file /api/blade-user/submit of the component User Handler. The manipulation leads to improper authorization. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. This product takes the approach of rolling releases to provide continious delivery. Therefore, version details for affected and updated releases are not available. The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2025-2334 | 1 274056675 | 1 Springboot-openai-chatgpt | 2025-10-21 | 5.5 MEDIUM | 5.4 MEDIUM |
| A vulnerability classified as problematic has been found in 274056675 springboot-openai-chatgpt e84f6f5. This affects the function deleteChat of the file /api/mjkj-chat/chat/ai/delete/chat of the component Chat History Handler. The manipulation of the argument chatListId leads to improper access controls. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-4016 | 1 Xxyopen | 1 Novel-plus | 2025-10-17 | 5.5 MEDIUM | 5.4 MEDIUM |
| A vulnerability classified as critical has been found in 20120630 Novel-Plus up to 0e156c04b4b7ce0563bef6c97af4476fcda8f160. This affects the function deleteIndex of the file novel-admin/src/main/java/com/java2nb/common/controller/LogController.java. The manipulation leads to improper authorization. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2025-58322 | 1 Navercorp | 1 Mybox | 2025-10-16 | N/A | 7.8 HIGH |
| NAVER MYBOX Explorer for Windows before 3.0.8.133 allows a local attacker to escalate privileges to NT AUTHORITY\SYSTEM by invoking arbitrary DLLs due to improper privilege checks. | |||||