61 matches found
CVE-2026-2994
Concrete CMS below version 9.4.8 is subject to CSRF by a Rogue Administrator using the Anti-Spam Allowlist Group Configuration via groupid parameter which can leads to a security bypass since changes are saved prior to checking the CSRF token. The Concrete CMS security team gave this vulnerabilit...
CVE-2026-2994 Concrete CMS below 9.4.8 is vulnerable to CSRF by a Rogue Admin using the Anti-Spam Allowlist Group
Concrete CMS below version 9.4.8 is subject to CSRF by a Rogue Administrator using the Anti-Spam Allowlist Group Configuration via groupid parameter which can leads to a security bypass since changes are saved prior to checking the CSRF token. The Concrete CMS security team gave this vulnerabilit...
CVE-2026-1702
A vulnerability was detected in SourceCodester Pet Grooming Management Software 1.0. Impacted is an unknown function of the file /admin/operation/user.php of the component User Management. Performing a manipulation of the argument groupid results in improper authorization. The attack can be...
EUVD-2026-5010
A vulnerability was detected in SourceCodester Pet Grooming Management Software 1.0. Impacted is an unknown function of the file /admin/operation/user.php of the component User Management. Performing a manipulation of the argument groupid results in improper authorization. The attack can be...
PT-2026-5431
Name of the Vulnerable Software and Affected Versions SourceCodester Pet Grooming Management Software version 1.0 Description A flaw exists in the User Management component of the software, specifically within the file /admin/operation/user.php. Manipulation of the group id argument can lead to...
RDMA/cm: Fix leaking the multicast GID table reference
...
EulerOS 2.0 SP10 : proftpd (EulerOS-SA-2026-1056)
According to the versions of the proftpd package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : In ProFTPD through 1.3.8b before cec01cc, supplemental group inheritance grants unintended access to GID 0 because of the lack of supplemental...
CVE-2025-71096 RDMA/core: Check for the presence of LS_NLA_TYPE_DGID correctly
In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Check for the presence of LSNLATYPEDGID correctly The netlink response for RDMANLLSOPIPRESOLVE should always have a LSNLATYPEDGID attribute, it is invalid if it does not. Use the nl parsing logic properly and call...
CVE-2025-71084 RDMA/cm: Fix leaking the multicast GID table reference
In the Linux kernel, the following vulnerability has been resolved: RDMA/cm: Fix leaking the multicast GID table reference If the CM ID is destroyed while the CM event for multicast creating is still queued the cancelworksync will prevent the work from running which also prevents destroying the...
PT-2026-2605
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel’s RDMA/cm component where a reference to the multicast GID table is leaked when a CM ID is destroyed while a multicast creation CM event is still queued...
UBUNTU-CVE-2023-54003
In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Fix GID entry ref leak when createah fails If AH create request fails, release sgidattr to avoid GID entry referrence leak reported while releasing GID table...
CVE-2025-11748 Groups <= 3.7.0 - Authenticated (Subscriber+) Insecure Direct Object Reference to Arbitrary Group Join
The Groups plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 3.7.0 via the 'groupid' parameter of the groupjoin function due to missing validation on a user controlled key. This makes it possible for authenticated attackers, with...
PT-2025-45542
Name of the Vulnerable Software and Affected Versions Groups plugin for WordPress versions prior to 6.7.1 Description The Groups plugin for WordPress is susceptible to an Insecure Direct Object Reference issue. This flaw stems from inadequate validation of a user-controlled key, specifically the...
SourceCodester Pet Grooming Management Software SQL注入漏洞
SourceCodester Pet Grooming Management Software is an open source pet grooming management system from SourceCodester. SourceCodester Pet Grooming Management Software version 1.0 suffers from a SQL injection vulnerability that stems from incorrect manipulation of the parameter groupid in the file...
CVE-2025-59044
CVE-2025-59044 affects Himmelblau 0.9.x, where group-to-GID mapping derives numeric GIDs from Entra ID group displayName when id_attr_map = name. This can cause distinct groups sharing a displayName to collapse to the same GID on Linux, enabling privilege escalation if access is controlled by num...
CVE-2025-59044 Himmelblau vulnerable to GID collision via group name-derived mapping (privilege escalation)
Himmelblau is an interoperability suite for Microsoft Azure Entra ID and Intune. Himmelblau 0.9.x derives numeric GIDs for Entra ID groups from the group display name when himmelblau.conf idattrmap = name the default configuration. Because Microsoft Entra ID allows multiple groups with the same...
Himmelblau 安全漏洞
Himmelblau is an Azure Entra ID authentication module open-sourced by Himmelblau. A security vulnerability exists in Himmelblau versions 0.9.0 to 0.9.22, which stems from the derivation of a numeric GID from a group display name, which could lead to authorization bypass...
PT-2025-36998
Name of the Vulnerable Software and Affected Versions: Himmelblau versions 0.9.0 through 0.9.22 Description: Himmelblau is an interoperability suite for Microsoft Azure Entra ID and Intune. The software derives numeric GIDs for Entra ID groups from the group display name when himmelblau.conf id...
CVE-2025-9461 diyhi bbs File Compression FilePackageManageAction.java information disclosure
A weakness has been identified in diyhi bbs up to 6.8. The impacted element is an unknown function of the file src/main/java/cms/web/action/filePackage/FilePackageManageAction.java of the component File Compression Handler. This manipulation of the argument idGroup causes information disclosure...
Liferay Portal Vulnerable to Insecure Direct Object Reference
Liferay Portal 7.4.0 through 7.4.3.132, and Liferay DXP 2025.Q1.0 through 2025.Q1.10, 2024.Q4.0 through 2024.Q4.7, 2024.Q3.1 through 2024.Q3.13, 2024.Q2.1 through 2024.Q2.13, 2024.Q1.1 through 2024.Q1.17 and 7.4 GA through update 92 is vulnerable to Insecure Direct Object Reference IDOR in the...