57 matches found
EUVD-2026-41374
In Progress Flowmon ADS versions prior to 12.5.6 and 13.0.5, a vulnerability exists whereby an adversary who is authenticated as a low-privileged user in the Anomaly Detection System ADS may send specially crafted requests that could result in unauthorized access to application data and its...
CVE-2026-52754
Ghidra before 12.1 contains an authentication bypass vulnerability in PKIAuthenticationModule.authenticate that allows any user with a valid CA-signed certificate to impersonate other users by presenting their public certificate with a null signature. Attackers can escalate privileges, modify...
BIT-JAVA-2020-2585
Vulnerability in the Java SE product of Oracle Java SE component: JavaFX. The supported version that is affected is Java SE: 8u231. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks of this...
CVE-2019-7872
An insecure direct object reference IDOR vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2 due to insufficient authorizations checks. This can be abused by a user with admin privileges to add users to company accounts or modify existing us...
CVE-2025-64386 HIJACKING OF THE TOKEN AND GAINING ACCESS
The equipment grants a JWT token for each connection in the timeline, but during an active valid session, a hijacking of the token can be done. This will allow an attacker with the token modify parameters of security, access or even steal the session without the legitimate and active session...
Deno's --deny-write check does not prevent permission bypass
Summary Deno.FsFile.prototype.utime and Deno.FsFile.prototype.utimeSync are not limited by the permission model check --deny-write=./. It's possible to change to change the access atime and modification mtime times on the file stream resource even when the file is opened with read only permission...
EUVD-2019-3331
Malware in sbrugna...
EUVD-2000-0310
Malware in sbrugna...
EUVD-2017-6971
Malware in sbrugna...
EUVD-2017-12307
Malware in sbrugna...
EUVD-2014-8850
Malware in sbrugna...
EUVD-2021-14403
Malware in sbrugna...
EUVD-2023-43990
Malicious code in bioql PyPI...
EUVD-2023-40577
Malicious code in bioql PyPI...
EUVD-2022-32444
Malicious code in bioql PyPI...
EUVD-2024-45753
Malicious code in bioql PyPI...
EUVD-2024-44448
Malicious code in bioql PyPI...
EUVD-2024-54241
Malicious code in bioql PyPI...
EUVD-2022-47506
Malicious code in bioql PyPI...
CVE-2025-0939
The MagicForm plugin for WordPress is vulnerable to access and modification of data due to a missing capability check on the plugin's AJAX actions in all versions up to, and including, 1.6.2. This makes it possible for authenticated attackers, with Subscriber-level access and above, to invoke tho...