CVE-2026-41327

Dgraph is an open source distributed GraphQL database. Prior to 25.3.3, a vulnerability has been found in Dgraph that gives an unauthenticated attacker full read access to every piece of data in the database. This affects Dgraph's default configuration where ACL is not enabled. The attack is a...

PT-2026-34231

Name of the Vulnerable Software and Affected Versions MinIO versions RELEASE.2023-05-18T00-05-36Z through RELEASE.2026-04-11T03-20-12Z Description An authentication bypass exists in the Snowball auto-extract handler PutObjectExtractHandler. This issue allows a user with a valid access key to writ...

CVE-2025-68803

In the Linux kernel, the following vulnerability has been resolved: NFSD: NFSv4 file creation neglects setting ACL An NFSv4 client that sets an ACL with a named principal during file creation retrieves the ACL afterwards, and finds that it is only a default ACL based on the mode bits and not the...

Linux Distros Unpatched Vulnerability : CVE-2025-68803

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: NFSD: NFSv4 file creation neglects setting ACL An NFSv4 client that sets an ACL with a named...

JLSEC-2025-154 The keyfile settings backend in GNOME GLib (aka glib2.0) before 2.60.0 creates directories using g_f...

The keyfile settings backend in GNOME GLib aka glib2.0 before 2.60.0 creates directories using gfilemakedirectorywithparents kfsb-dir, NULL, NULL and files using gfilereplacecontents kfsb-file, contents, length, NULL, FALSE, GFILECREATEREPLACEDESTINATION, NULL, NULL, NULL. Consequently, it does n...

EUVD-2017-1644

Malware in sbrugna...

EUVD-2023-27008

Malicious code in bioql PyPI...

CVE-2025-44178

DASAN GPON ONU H660WM H660WMR210825 is susceptible to improper access control under its default settings. Attackers can exploit this vulnerability to gain unauthorized access to sensitive information and modify its configuration via the UPnP protocol WAN sides without any authentication...

DASAN H660WM 安全漏洞

DASAN H660WM is an optical network terminal from DASAN, Korea. A security vulnerability exists in the DASAN H660WM H660WMR210825, which stems from improper access control under default settings, and could lead to unauthorized access to sensitive information and configuration modifications...

Linux Distros Unpatched Vulnerability : CVE-2025-22070

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - fs/9p: fix NULL pointer dereference on mkdir When a 9p tree was mounted with option 'posixacl', parent directory had a default ACL set for its subdirectories,...

NetScaler-13.1-How to implement authorization policy for Oauth user groups

In Oauth response, the user groups can be carried in the response with customized field. However, we can't relate the string of group to the group attribute of the user. We may have question for how to apply authorization policy for Oauth user groups. In this example, the default authorization...

CVE-2023-0439

The NEX-Forms WordPress plugin before 8.4.4 does not escape its form name, which could lead to Stored Cross-Site Scripting issues. By default only SuperAdmins in multisite / admins in single site can create forms, however there is a settings allowing them to give lower roles access to such featur...

AZL-61700 CVE-2025-22070 affecting package kernel 6.6.126.1-1

In the Linux kernel, the following vulnerability has been resolved: fs/9p: fix NULL pointer dereference on mkdir When a 9p tree was mounted with option 'posixacl', parent directory had a default ACL set for its subdirectories, e.g.: setfacl -m default:group:simpsons:rwx parentdir then creating a...

CVE-2025-22070 fs/9p: fix NULL pointer dereference on mkdir

In the Linux kernel, the following vulnerability has been resolved: fs/9p: fix NULL pointer dereference on mkdir When a 9p tree was mounted with option 'posixacl', parent directory had a default ACL set for its subdirectories, e.g.: setfacl -m default:group:simpsons:rwx parentdir then creating a...

The vulnerability of the Intel Integrated Sensor Hub driver for NUC M15 laptops allows a hacker to gain increased privileges.

The vulnerability of the Intel Integrated Sensor Hub driver for NUC M15 laptops is related to the default access settings. Exploiting this vulnerability can allow attackers to gain increased privileges...

The vulnerability of Intel Microcode processors lies in the default access settings, which allow attackers to gain access to confidential data, compromise its integrity, and cause service failures.

The vulnerability of Intel Microcode processors relates to the default access rights settings. Exploiting this vulnerability allows attackers to gain access to confidential data, compromise its integrity, and cause service failures...

The vulnerability of the AudacityApp.cpp component of the audio editing software Audacity, related to default access settings, allows a hacker to gain access to confidential data.

The vulnerability of the AudacityApp.cpp component of the audio editing software Audacity is related to the default access settings. Exploiting this vulnerability could allow an attacker to gain access to confidential data...

The vulnerability of the web interface of microprogramming software for devices for remote control of lighting and energy consumption in Schneider Electric Sage. This allows a perpetrator to upload arbitrary files and embedded software.

The vulnerability of the web interface of microprogramming software for devices for remote control of lighting and energy consumption in Schneider Electric Sage is related to the default access settings. Exploiting this vulnerability allows a malicious actor to upload arbitrary files and embedded...

The vulnerability of the Intel Integrated Sensor Hub driver in the microprogramming software for NUC P14E Laptop Element allows a hacker to gain increased privileges.

The vulnerability of the Intel Integrated Sensor Hub driver for NUC P14E Laptop Element notebooks is related to the default access settings. Exploiting this vulnerability can allow attackers to gain increased privileges...

The vulnerability of the application server for managing Hitachi Tuning Manager storage resources allows a hacker to read and write arbitrary files.

The vulnerability of the Hitachi Tuning Manager application server for managing data storage resources is related to the default access rights settings. Exploiting this vulnerability could allow attackers to read and write certain files...