Cube is a semantic layer for building data applications. From 0.27.19 to before 1.5.13, 1.4.2, and 1.0.14, it is possible to make a specially crafted request with a valid API token that leads to privi
Cube is a semantic layer for building data applications. From 1.1.17 to before 1.5.13 and 1.4.2, it is possible to make the entire Cube API unavailable by submitting a specially crafted request to a C
The node-cube package (prior to version 5.0.0) contains a vulnerability in its handling of prototype chain initialization, which could allow an attacker to inject properties into the prototype of buil
Incorrect Privilege Assignment vulnerability in Imran Tauqeer CubeWP cubewp-framework allows Privilege Escalation.This issue affects CubeWP: from n/a through <= 1.1.24.
A vulnerability in Drupal Core allows Privilege Escalation.This issue affects Drupal Core: from 8.0.0 before 10.2.11, from 10.3.0 before 10.3.9, from 11.0.0 before 11.0.8.
Incorrect Privilege Assignment vulnerability in Sergey AIWU allows Privilege Escalation.
This issue affects AIWU: from n/a through 1.4.17.
Craft is a platform for creating digital experiences. In Craft versions from 4.0.0-RC1 to before 4.17.0-beta.1 and 5.9.0-beta.1, there is a Privilege Escalation vulnerability in Craft CMS’s GraphQL AP
Incorrect Privilege Assignment vulnerability in GoodLayers Goodlayers Core goodlayers-core allows Privilege Escalation.This issue affects Goodlayers Core: from n/a through < 2.1.7.
Dimension versions 4.1.4 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of t
An issue was discovered in CyberDAVA before 1.1.20. A privilege escalation vulnerability allows a low-privileged user to escalate their privilege by abusing the following API due to the lack of access
CubeCart is an ecommerce software solution. Prior to 6.7.0, an Authenticated Server-Side Template Injection (SSTI) vulnerability exists in multiple modules of CubeCart (including Email Templates, Invo
Incorrect Privilege Assignment vulnerability in miniOrange Custom API for WP custom-api-for-wp allows Privilege Escalation.This issue affects Custom API for WP: from n/a through <= 4.2.2.
Incorrect Privilege Assignment vulnerability in SeventhQueen K Elements k-elements allows Privilege Escalation.This issue affects K Elements: from n/a through < 5.4.0.
Improper neutralization of special elements used in SQL command in some Intel(R) Neural Compressor software before version v3.0 may allow an authenticated user to potentially enable escalation of priv
Uncontrolled search path for some Intel(R) Graphics Software before version 25.22.1502.2 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an
CubeCart is an ecommerce software solution. Prior to 6.7.0, an Authenticated Arbitrary File Upload vulnerability exists in the REST API File Manager endpoint (POST /api/v1/files) of CubeCart. The endp
Incorrect Privilege Assignment vulnerability in axiomthemes smart SEO smartSEO allows Privilege Escalation.This issue affects smart SEO: from n/a through <= 4.0.
MacroHub developed by GIGABYTE has a Local Privilege Escalation vulnerability. Due to the MacroHub application launching external applications with improper privileges, allowing authenticated local at
Incorrect Privilege Assignment vulnerability in e-plugins WP Membership wp-membership allows Privilege Escalation.This issue affects WP Membership: from n/a through <= 1.6.4.
Incorrect Privilege Assignment vulnerability in Modular DS modular-connector allows Privilege Escalation.This issue affects Modular DS: from 2.5.2 before 2.6.0.
Page 1+ Next →