131 matches found
CVE-2026-2311
creationtimestamp| type| source ---|---|--- 2026-04-30 22:41:00+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mkqoocef4e2c...
Security Bulletin: IBM i is affected by a privilege escalation vulnerability in Web Administration GUI [CVE-2026-2311]
Summary Web Administration GUI for IBM i is vulnerable to privilege escalation caused by an invalid authorization check as described in the vulnerability details section. Vulnerability Details CVEID:CVE-2026-2311 DESCRIPTION: IBM i is vulnerable to privilege escalation caused by an invalid IBM i...
EUVD-2026-2311
In the Linux kernel, the following vulnerability has been resolved: svcrdma: use rcpageoff for memcpy byte offset svcrdmacopyinlinerange added rccurpage page index to the page base instead of the byte offset rcpageoff. Use rcpageoff so copies land within the current page. Found by ZeroPath...
Huawei EulerOS: Security Advisory for sudo (EulerOS-SA-2025-2311)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2021-2311
Vulnerability in the Oracle Hospitality Inventory Management product of Oracle Food and Beverage Applications component: Export to Reporting and Analytics. The supported version that is affected is 9.1.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP...
CVE-2013-2311
Cross-site scripting XSS vulnerability in static/js/share.js aka the social bookmarking widget in Web2py before 2.3.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2025-2311
Incorrect Use of Privileged APIs, Cleartext Transmission of Sensitive Information, Insufficiently Protected Credentials vulnerability in Sechard Information Technologies SecHard allows Authentication Bypass, Interface Manipulation, Authentication Abuse, Harvesting Information via API Event...
CVE-2025-2311
creationtimestamp| type| source ---|---|--- 2025-03-20 12:40:22+00:00| seen| https://bsky.app/profile/cyberalerts.bsky.social/post/3lkspsiq2ef2v 2025-03-20 13:03:07+00:00| seen| https://infosec.exchange/users/cR0w/statuses/114194893182150078 2025-03-20 13:58:39+00:00| seen|...
CVE-2025-2311
Incorrect Use of Privileged APIs, Cleartext Transmission of Sensitive Information, Insufficiently Protected Credentials vulnerability in Sechard Information Technologies SecHard allows Authentication Bypass, Interface Manipulation, Authentication Abuse, Harvesting Information via API Event...
CVE-2025-2311 Authentication Bypass in Sechard Information Technologies' SecHard
Incorrect Use of Privileged APIs, Cleartext Transmission of Sensitive Information, Insufficiently Protected Credentials vulnerability in Sechard Information Technologies SecHard allows Authentication Bypass, Interface Manipulation, Authentication Abuse, Harvesting Information via API Event...
CVE-2025-2311
CVE-2025-2311 affects Sechard Information Technologies’ SecHard prior to 3.3.0.20220411. The root causes cited are Incorrect Use of Privileged APIs, Cleartext Transmission of Sensitive Information, and Insufficiently Protected Credentials. Exposed impacts include Authentication Bypass, Interface ...
CVE-2024-42423
The CVE-2024-42423 entry concerns Citrix Workspace App 23.9.0.24.4 on Dell ThinOS 2311 with an Incorrect Authorization vulnerability when Citrix CEB is enabled for WebLogin. A local, unauthenticated user with low privileges could bypass controls, potentially leading to information disclosure and ...
Malicious code in wlwz-2311-4202 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware edb2ef58709bbb10b0e4b8a8f60ef3590e147d4825a37b8c4ac1605fa215cec7 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in wlwz-2311-4901 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e9ae3d92ff4893c8e9d8ed1e315dddfd361e89bf8a09683823ce712bb09fe229 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2024-174 Malicious code in wlwz-2311-5600 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b11d2225504316c6ba5d94d64e0cd25351c0db51aa106188ecf04a58004ffe0b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2024-175 Malicious code in wlwz-2311-6208 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 697d158d5ab8fcf534374358bc3929b95bf31d131f987c186c073e2f081c9b59 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in wlwz-2311-6208 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 697d158d5ab8fcf534374358bc3929b95bf31d131f987c186c073e2f081c9b59 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
Malicious code in wlwz-2311-6907 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c863438ea0ebc563c96600add848dd0022187209efc75f264d2416169a3e1c0c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2024-176 Malicious code in wlwz-2311-6907 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware c863438ea0ebc563c96600add848dd0022187209efc75f264d2416169a3e1c0c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...
MAL-2024-172 Malicious code in wlwz-2311-4202 (npm)
--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware edb2ef58709bbb10b0e4b8a8f60ef3590e147d4825a37b8c4ac1605fa215cec7 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...