3 matches found
CVE-2026-45776 Open XDMoD has Broken Access Control via Client-Controlled Session Variable
OpenXDMoD is an open framework for collecting and analyzing HPC metrics. Prior to version 11.0.3, a flaw in Open XDMoD's access control logic allows an attacker to submit a crafted HTTPS POST request that sets a session variable used for authorization decisions. If an installation of Open XDMoD...
CVE-2025-52448
Authorization Bypass Through User-Controlled Key vulnerability in Salesforce Tableau Server on Windows, Linux validate-initial-sql api modules allows Interface Manipulation data access to the production database cluster. This issue affects Tableau Server: before 2025.1.3, before 2024.2.12, before...
IBM API Connect Access Control Error Vulnerability (CNVD-2021-01274)
IBM API Connect APIConnect is a suite of integrated solutions for managing the API lifecycle from IBM USA. The product supports creating, running, managing, and securing APIs, microservices, and more. An Access Control Error vulnerability exists in IBM API Connect, which can be exploited by an...