EUVD-2026-31460

Improper access control in the entry activity log feature in Devolutions Server allows an authenticated user with access to an entry but without the required permission to retrieve that entry's activity logs via a crafted API request. This issue affects : Devolutions Server 2026.1.6.0 through...

CVE-2022-34534

Digital Watchdog DW Spectrum Server 4.2.0.32842 allows attackers to access sensitive infromation via a crafted API call...

UBUNTU-CVE-2024-28397

An issue in the component js2py.disablepyimport of js2py up to v0.74 allows attackers to execute arbitrary code via a crafted API call...

PT-2023-24868 · Lenovo · Lenovo Xclarity Administrator

Name of the Vulnerable Software and Affected Versions: Lenovo XClarity Administrator LXCA affected versions not specified Description: The issue allows a valid, authenticated LXCA user with elevated privileges to potentially replace filesystem data through a specifically crafted web API call due ...

CVE-2022-34534

Digital Watchdog DW Spectrum Server 4.2.0.32842 allows attackers to access sensitive infromation via a crafted API call...

MongoDB Ops Manager Authorization Issues Vulnerability

MongoDB Ops Manager is a solution from MongoDB, Inc. that supports the management, monitoring, and backup of MongoDB deployments. An authorization issue vulnerability exists in MongoDB Ops Manager that stems from a specially designed API call that could allow an authenticated user holding...