CVE-2024-47217

An issue was discovered in Iglu Server 0.13.0 and below. It is similar to CVE-2024-47214, but involves an authenticated endpoint. It can render Iglu Server completely unresponsive. If the operation of Iglu Server is not restored, event processing in the pipeline would eventually halt...

Ubuntu: Security Advisory (USN-7405-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2025-30428

This issue was addressed through improved state management. This issue is fixed in iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6. Photos in the Hidden Photos Album may be viewed without authentication...

CVE-2025-31194

An authentication issue was addressed with improved state management. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. A Shortcut may run with admin privileges without authentication...

CVE-2025-31694

Incorrect Authorization vulnerability in Drupal Two-factor Authentication TFA allows Forceful Browsing.This issue affects Two-factor Authentication TFA: from 0.0.0 before 1.10.0...

CVE-2025-24517

Use of client-side authentication issue exists in CHOCO TEI WATCHER mini IB-MCT001 all versions. If this issue is exploited, a remote attacker may obtain the product login password without authentication...

CVE-2024-56325 Apache Pinot: Authentication bypass issue. If the path does not contain / and contain . authentication is not required

Authentication Bypass Issue If the path does not contain / and contain., authentication is not required. Expected Normal Request and Response Example curl -X POST -H "Content-Type: application/json" -d...

CVE-2025-31194

An authentication issue was addressed with improved state management. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. A Shortcut may run with admin privileges without authentication...

CVE-2025-31194

An authentication issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.7.5, macOS Sequoia 15.4, macOS Sonoma 14.7.5. A Shortcut may run with admin privileges without authentication...

CVE-2025-31194

The CVE-2025-31194 entry describes an authentication issue in macOS where a Shortcut could run with admin privileges without authentication. The connected sources confirm the root cause relates to state management, and the vulnerability is mitigated by updates in macOS versions: Ventura 13.7.5, S...

CVE-2025-31194

An authentication issue was addressed with improved state management. This issue is fixed in macOS Sequoia 15.4, macOS Sonoma 14.7.5, macOS Ventura 13.7.5. A Shortcut may run with admin privileges without authentication...

CVE-2025-31194

An authentication issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.7.5, macOS Sequoia 15.4, macOS Sonoma 14.7.5. A Shortcut may run with admin privileges without authentication...

CVE-2025-30428

CVE-2025-30428 affects Apple iOS/iPadOS with a vulnerability where photos in the Hidden Photos Album could be viewed without authentication. Description: fixed via improved state management. Affected products/versions and fixes per connected sources include iOS 18.4, iPadOS 18.4, and iPadOS 17.7....

CVE-2025-31546 WordPress Swiss Toolkit For WP plugin <= 1.3.0 - Broken Access Control vulnerability

Missing Authorization vulnerability in WP Messiah Swiss Toolkit For WP allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Swiss Toolkit For WP: from n/a through 1.3.0...

CVE-2025-24517

CVE-2025-24517 affects CHOCO TEI WATCHER mini (IB-MCT001) all versions, with a use of client-side authentication vulnerability (CWE-603). A remote attacker could obtain the product login password without authentication, per multiple sources. The connected documents confirm the issue and its impac...

CVE-2024-51477

IBM InfoSphere Information Server 11.7 could allow an authenticated to obtain sensitive username information due to an observable response discrepancy...

PT-2025-14006 · Apple · Apple Macos

Name of the Vulnerable Software and Affected Versions: macOS versions prior to 13.7.5 macOS versions prior to 14.7.5 macOS versions prior to 15.4 Description: An authentication issue was addressed with improved state management. A Shortcut may run with admin privileges without authentication...

PT-2025-18124 · Apple · Macos Sonoma +7

Name of the Vulnerable Software and Affected Versions: macOS versions prior to 15.4 tvOS versions prior to 18.4 macOS Ventura versions prior to 13.7.5 iPadOS versions prior to 17.7.6 macOS Sonoma versions prior to 14.7.5 iOS versions prior to 18.4 iPadOS versions prior to 18.4 visionOS versions...

CVE-2024-51477 IBM InfoSphere Information Server information disclosure

IBM InfoSphere Information Server 11.7 could allow an authenticated to obtain sensitive username information due to an observable response discrepancy...

CVE-2025-20226

In Splunk Enterprise versions below 9.4.1, 9.3.3, 9.2.5, and 9.1.8 and Splunk Cloud Platform versions below 9.3.2408.107, 9.2.2406.111, and 9.1.2308.214, a low-privileged user that does not hold the "admin" or "power" Splunk roles could run a saved search with a risky command using the permission...