9 matches found
CVE-2026-32694
In Juju from version 3.0.0 through 3.6.18, when a secret owner grants permissions to a secret to a grantee, the secret owner relies exclusively on a predictable XID of the secret to verify ownership. This allows a malicious grantee which can request secrets to predict past secrets granted by the...
EUVD-2025-24128
Malicious code in bioql PyPI...
The vulnerability of the Identity Manager software component, used for managing and controlling access to corporate resources and IBM Security Verify Governance applications, allows a perpetrator to gain access to confidential information.
The vulnerability of the Identity Manager software component, which is used for managing and controlling access to corporate resources and applications in IBM Security Verify Governance, is related to the use of weak cryptographic algorithms. Exploiting this vulnerability could allow a malicious...
Foreman 安全漏洞
Foreman is a set of lifecycle management tools for use in physical and virtual servers. The tool provides service provisioning, configuration management, and status reporting. A security vulnerability exists in Foreman that stems from improper handling of authorizations and can be exploited by an...
The vulnerability of Google Chrome browser developer tools lies in improper control of access to critical resources, allowing attackers to gain unauthorized access.
The vulnerability of Google Chrome browser developer tools is related to improper control over access to critical resources. Exploiting this vulnerability allows a malicious actor, operating remotely, to gain unauthorized access to information through a specially created HTML page...
Vulnerability in the Core Kernel of the Android operating system, allowing a hacker to gain access to resources
The vulnerability in the Core Kernel of the Android operating system is related to improper authorization. Exploiting this vulnerability can allow a remote attacker to gain access to resources...
Design/Logic Flaw
The PortletRequestDispatcher in PortletBridge, as used in Red Hat JBoss Portal 6.2.0, does not properly enforce the security constraints of servlets, which allows remote attackers to gain access to resources via a request that asks to render a non-JSF resource...
VMware Products Multiple Vulnerabilities (Linux) Apr09
The host is installed with VMWare products and are prone to Multiple Vulnerabilities. OpenVAS Vulnerability Test $Id: secpodvmwareprdtsmultvulnlinapr09.nasl 5148 2017-01-31 13:16:55Z teissa $ VMware Products Multiple Vulnerabilities Linux Apr09 Authors: Sujit Ghosal Copyright: Copyright c 2009...
CVE-2009-0170
Sun Java System Access Manager 6.3 2005Q1, 7 2005Q4, and 7.1 allows remote authenticated users with console privileges to discover passwords, and obtain unspecified other "access to resources," by visiting the Configuration Items component in the console...