SpiceDB: Caveat structures with nested lists can result in improper cache reuse

Impact Users are impacted if: - They have a caveat structure with a nested list, e.g.: zed caveat shapex list x == "a", "b" - Their system exercises that caveat with either CheckBulkPermission or else LookupResources running with the --experimental-lookup-resources-version flag set to lr3, implyi...

WeGIA 安全漏洞

WeGIA is a web manager for welfare organizations by the individual developer Nilson Lazarin. A security vulnerability exists in WeGIA versions prior to 3.2.0 that stems from vulnerability to a false access control attack in control/control.php...

SourceCodester Computer Laboratory Management System 安全漏洞

SourceCodester Computer Laboratory Management System is a SourceCodester open source computer laboratory management system. A security vulnerability exists in SourceCodester Computer Laboratory Management System version 1.0, which originates from an attack that makes it vulnerable to false access...

SeaCMS 安全漏洞

SeaCMS is a free, open source web content management system written in PHP by SeaCMS, Inc. The system is primarily designed to manage video-on-demand resources. A security vulnerability exists in SeaCMS version 13.1, which stems from vulnerability to false access control attacks, leading to a log...

SeaCMS 安全漏洞

SeaCMS is a free, open source web content management system written in PHP by SeaCMS, Inc. The system is primarily designed to manage video-on-demand resources. A security vulnerability exists in SeaCMS version 13.1, which stems from vulnerability to a false access control attack, leading to a...

OpenVidReview 安全漏洞

OpenVidReview is a collaborative video review and annotation tool by the individual developer davidguva. A security vulnerability exists in version 1.0 of OpenVidReview, which stems from the /upload route being accessible without authentication, making it vulnerable to false access control attack...

wtcms 安全漏洞

wtcms is a ThinkPHP-based content management system CMS by Taosir Personal Developer. A security vulnerability exists in version 1.0 of wtcms, which stems from vulnerability to a false access control attack in the file CommonControllerHomebaseController.class.php...

Bandisoft BandiView 安全漏洞

Bandisoft bandiview is an image viewer and editor software from the Korean company Bandisoft. A security vulnerability exists in Bandisoft BandiView version 7.05, which stems from the vulnerability of carefully crafted POC files in sub0x3d80fc to false access control attacks...

Online Medicine Ordering System 安全漏洞

Online Medicine Ordering System is an online medicine ordering system by Carlo Montero, an individual developer. A security vulnerability exists in Online Medicine Ordering System version 1.0, which stems from a lack of authorization checking for administrator actions, and makes it susceptible to...

Fujitsu Arconte Áurea License Issue Vulnerability

Fujitsu Arconte Áurea is a view recording system from Fujitsu Japan. A security vulnerability exists in Fujitsu Arconte Áurea versions prior to 1.5.0.0. An attacker could exploit the vulnerability to issue a false access request to block every legitimate account and cause a denial of service...

D-Link DIR850 ET850-1.08TRb03 安全漏洞

The D-Link DIR850 ET850-1.08TRb03 is a router from AUO D-Link of Taiwan, China. A security vulnerability exists in the D-Link DIR850 ET850-1.08TRb03 that stems from DLink DIR850 ET850-1.08TRb03 is affected by a False Access Control Vulnerability via unauthenticated remote configuration download...

AntD Admin 访问控制错误漏洞

AntD Admin is an excellent front-end solution for enterprise applications built on Ant Design and UmiJs by Zuiidea individual developers. A security vulnerability exists in AntD Admin, which originates from Antd-admin 5.5.0 is affected by a False Access Control vulnerability. An attacker can...