Insecure permissions in fc-stable-diffusion-plus v1.0.18 allows attackers to escalate privileges and compromise the customer cloud account.

An issue in Ocuco Innovation Tracking.exe v.2.10.24.51 allows a local attacker to escalate privileges via the modification of TCP packets.

Insecure permissions in measure-cold-start v1.4.1 allows attackers to escalate privileges and compromise the customer cloud account.

In Infoblox NETMRI before 7.6.1, authenticated users can perform SQL injection attacks.

An issue in Ocuco Innovation - REPORTS.EXE v2.10.24.13 allows attackers to bypass authentication and escalate privileges to Administrator via a crafted TCP packet.

An issue was discovered in Infoblox NETMRI before 7.6.1. Remote Unauthenticated Command Injection can occur.

An issue in Ocuco Innovation APPMANAGER.EXE v.2.10.24.51 allows a local attacker to escalate privileges via the application manager function

A vulnerability classified as critical has been found in Campcodes Online Shopping Portal 1.0. This affects an unknown part of the file /admin/edit-subcategory.php. The manipulation of the argument productimage1/productimage2/productimage3 leads to unrestricted upload. It is possible to initiate th…

The Versa Concerto SD-WAN orchestration platform is vulnerable to an privileges escalation and container escape vulnerability caused by unsafe default mounting of host binary paths that allow the container to modify host paths. The escape can be used to trigger remote code execution or direct host …

Plane is open-source project management software. Versions prior to 0.23 have insecure permissions in UserSerializer that allows users to change fields that are meant to be read-only, such as email. This can lead to account takeover when chained with another vulnerability such as cross-site scripti…