EUVD-2026-29206

Audiobookshelf is a self-hosted audiobook and podcast server. Prior to 2.32.2, the GET /api/libraries/:id/download endpoint validates that the requesting user has access to the library specified in the URL path, but fetches downloadable items solely by attacker-provided IDs without constraining...

EUVD-2026-27093

n8n is an open source workflow automation platform. Prior to versions 1.123.33 and 2.17.5, the dynamic-node-parameters endpoints did not verify whether the authenticated caller was authorized to use a supplied credential reference. An authenticated user with access to a shared workflow could supp...

CVE-2026-40153

PraisonAIAgents is a multi-agent teams system. Prior to 1.5.128, the executecommand function in shelltools.py calls os.path.expandvars on every command argument at line 64, manually re-implementing shell-level environment variable expansion despite using shell=False line 88 for security. This...

CVE-2026-39370

WWBN AVideo is an open source video platform. In versions 26.0 and prior, objects/aVideoEncoder.json.php still allows attacker-controlled downloadURL values with common media or archive extensions such as .mp4, .mp3, .zip, .jpg, .png, .gif, and .webm to bypass SSRF validation. The server then...

CVE-2025-66372

Mustang before 2.16.3 allows exfiltrating files via XXE attacks...

EUVD-2023-2895

Malicious code in bioql PyPI...

CVE-2024-13916

An application "com.pri.applock", which is pre-loaded on Kruger&Matz smartphones, allows a user to encrypt any application using user-provided PIN code or by using biometric data. Exposed ”com.android.providers.settings.fingerprint.PriFpShareProvider“ content provider's public method query allows...

CVE-2023-20518

Incomplete cleanup in the ASP may expose the Master Encryption Key MEK to a privileged attacker with access to the BIOS menu or UEFI shell and a memory exfiltration vulnerability, potentially resulting in loss of confidentiality...

CVE-2023-20518

CVE-2023-20518 describes an incomplete cleanup in the AMD Secure Processor (ASP) that could expose the Master Encryption Key (MEK) to a privileged attacker with BIOS/UEFI access, leading to potential confidentiality loss. The vulnerability spans ASP, SEV, and SEV-SNP related firmware; exploitatio...

GHSA-6758-979H-249X capsule-proxy service discloses Namespaces of colliding tenants to owners of different tenants with the same ServiceAccount name

Summary A bug in the RoleBinding reflector used by capsule-proxy gives ServiceAccount tenant owners the right to list Namespaces of other tenants backed by the same owner kind and name. Details - Tenant solar, owned by a ServiceAccount named tenant-owner in the Namespace solar - Tenant wind, owne...

capsule-proxy service discloses Namespaces of colliding tenants to owners of different tenants with the same ServiceAccount name

Summary A bug in the RoleBinding reflector used by capsule-proxy gives ServiceAccount tenant owners the right to list Namespaces of other tenants backed by the same owner kind and name. Details - Tenant solar, owned by a ServiceAccount named tenant-owner in the Namespace solar - Tenant wind, owne...

CVE-2023-46254

capsule-proxy is a reverse proxy for Capsule kubernetes multi-tenancy framework. A bug in the RoleBinding reflector used by capsule-proxy gives ServiceAccount tenant owners the right to list Namespaces of other tenants backed by the same owner kind and name. For example consider two tenants solar...

PT-2022-17020 · Gitlab · Gitlab Ce/Ee +1

Name of the Vulnerable Software and Affected Versions: GitLab CE/EE versions 12.6 through 15.0.4 GitLab CE/EE versions 15.1 through 15.1.3 GitLab CE/EE versions 15.2 through 15.2.0 Description: An issue has been discovered in GitLab CE/EE where a malicious developer could exfiltrate an...

CVE-2022-22190 Paragon Active Assurance Control Center: Information disclosure vulnerability in crafted URL

An Improper Access Control vulnerability in the Juniper Networks Paragon Active Assurance Control Center allows an unauthenticated attacker to leverage a crafted URL to generate PDF reports, potentially containing sensitive configuration information. A feature was introduced in version 3.1 of the...

UBUNTU-CVE-2020-26146

An issue was discovered on Samsung Galaxy S3 i9305 4.4.4 devices. The WPA, WPA2, and WPA3 implementations reassemble fragments with non-consecutive packet numbers. An adversary can abuse this to exfiltrate selected fragments. This vulnerability is exploitable when another device sends fragmented...

SUSE-SU-2020:1273-1 Security update for grafana

This update for grafana to version 4.6.5 fixes the following issues: Security issues fixed: - CVE-2019-15043: Added authentication to a few rest endpoints jscSOC-10357, bsc1148383. - CVE-2018-19039: Fixed File Exfiltration vulnerability jscSOC-9976 bsc1115960. - CVE-2018-15727: Fixed an LDAP and...

Scientific Linux Security Update : thunderbird on SL7.x x86_64 (20180725)

This update upgrades Thunderbird to version 52.9.1. Security Fixes : - Mozilla: Memory safety bugs fixed in Firefox 61, Firefox ESR 60.1, and Firefox ESR 52.9 CVE-2018-5188 - Mozilla: Buffer overflow using computed size of canvas element CVE-2018-12359 - Mozilla: Use-after-free using focus...

CVE-2018-1000072

iRedMail version prior to commit f04b8ef contains a Insecure Permissions vulnerability in Roundcube Webmail that can result in Exfiltrate a user's password protected secret GPG key file and other important configuration files.. This attack appear to be exploitable via network connectivity. This...