A flaw was found in ghostscript, versions 9.x before 9.50, in the setsystemparams procedure whe…

In WhatsUp Gold versions released before 2024.0.1, a remote unauthenticated attacker could leve…

An API endpoint that should be limited to web application administrators is hidden from, but ac…

An API endpoint that should be limited to web application administrators is hidden from, but ac…

A vulnerability in the API of Cisco Catalyst SD-WAN Manager could allow an authenticated, remot…

An authenticated, read-only user can kill any processes running on the Xormon Original virtual …

Fred MODX Revolution < 1.0.0-beta5 is affected by: Incorrect Access Control - CWE-648. The impa…

A flaw was found in, ghostscript versions prior to 9.50, in the .pdf_hook_DSC_Creator procedure…

An API endpoint that should be limited to web application administrators is hidden from, but ac…

A flaw was found in all versions of ghostscript 9.x before 9.50, where the `.charkeys` procedur…

Incorrect Use of Privileged APIs in GitHub repository polonel/trudesk prior to 1.2.4.

Spring Framework (versions 5.0.x prior to 5.0.7, versions 4.3.x prior to 4.3.18, and older unsu…

It was found that the forceput operator could be extracted from the DefineResource method in gh…

It was found that the superexec operator was available in the internal dictionary in ghostscrip…

A flaw was found in all ghostscript versions 9.x before 9.50, in the .setuserparams2 procedure …

In ghostscript before version 9.50, the .buildfont1 procedure did not properly secure its privi…

libvirt-domain.c in libvirt before 1.3.1 supports virDomainGetTime API calls by guest agents wi…

A flaw was found in, ghostscript versions prior to 9.50, in the .pdfexectoken and other procedu…

It was found that in ghostscript some privileged operators remained accessible from various pla…

By holding a reference to the eval() function from an about:blank window, a malicious webpage c…

A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) c…

The D-Link DSL6740C modem has an Incorrect Use of Privileged APIs vulnerability, allowing unaut…

Specially crafted API calls may allow an authenticated user who holds Organization Owner privil…

Bubblewrap (bwrap) before version 0.4.1, if installed in setuid mode and the kernel supports un…

XWiki Commons are technical libraries common to several other top level XWiki projects. The Doc…

XWiki Platform is a generic wiki platform offering runtime services for applications built on t…

Dell PPDM versions 19.12, 19.11 and 19.10, contain an improper access control vulnerability. A…

Incorrect Use of Privileged APIs in GitHub repository usememos/memos prior to 0.9.1.

A Built-in extension in Whale browser before 3.12.129.46 allows attackers to compromise the ren…

Incorrect Use of Privileged APIs in GitHub repository usememos/memos prior to 0.9.0.

In MongoDB Ops Manager v5.0 prior to 5.0.22 and v6.0 prior to 6.0.17 it is possible for an auth…

A vulnerability in the web-based management interface of Cisco Identity Services Engine could a…

Incorrect Use of Privileged APIs vulnerability in ESKOM Computer e-municipality module allows C…

Incorrect Use of Privileged APIs vulnerability in ESKOM Computer e-municipality module allows C…

Incorrect Use of Privileged APIs vulnerability in Yepas Digital Yepas allows Collect Data as Pr…

An issue was discovered in Amanda 3.3.1. A user with backup privileges can trivially compromise…

The Web Request API in Whale browser before 3.12.129.18 allowed to deny access to the extension…

A vulnerability in the OpenAPI of Cisco Secure Workload could allow an authenticated, remote at…

Incorrect Use of Privileged APIs in GitHub repository usememos/memos prior to 0.9.1.

XWiki Platform is a generic wiki platform offering runtime services for applications built on t…