EUVD-2026-20954

Lychee is a free, open-source photo-management tool. Prior to 7.5.4, a SQL operator-precedence bug in SharingController::listAll causes the orWhereNotNull'usergroupid' clause to escape the ownership filter applied by the when block. Any authenticated non-admin user with upload permission who owns...

EUVD-2021-12400

Malware in sbrugna...

EUVD-2020-29643

Malware in sbrugna...

EUVD-2024-45930

Malicious code in bioql PyPI...

EUVD-2022-39565

Malicious code in bioql PyPI...

EUVD-2022-42322

Malicious code in bioql PyPI...

CVE-2022-36865

Improper access control in Group Sharing prior to versions 13.0.6.15 in Android S12, 13.0.6.14 in Android R11 and below allows attackers to access device information...

CVE-2022-36866

Improper access control vulnerability in Broadcaster in Group Sharing prior to versions 13.0.6.15 in Android S12, 13.0.6.14 in Android R11 and below allows attackers to identify the device...

CVE-2021-25504

Intent redirection vulnerability in Group Sharing prior to 10.8.03.2 allows attacker to access contact information...

CVE-2020-8795

In GitLab Enterprise Edition EE 12.5.0 through 12.7.5, sharing a group with a group could grant project access to unauthorized users...

SUSE CVE-2024-42325

Zabbix API user.get returns all users that share common group with the calling user. This includes media and other information, such as login attempts, etc...

CVE-2024-42325

Zabbix API user.get returns all users that share common group with the calling user. This includes media and other information, such as login attempts, etc...

Nextcloud 安全漏洞

Nextcloud is an open source suite of self-hosted file synchronization and sharing communication application platform from Nextcloud, Germany. A security vulnerability exists in Nextcloud that stems from the fact that when the server is configured to allow sharing only with users in their own grou...

BIT-GITLAB-2020-8795

In GitLab Enterprise Edition EE 12.5.0 through 12.7.5, sharing a group with a group could grant project access to unauthorized users...

CVE-2022-39877

Improper access control vulnerability in ProfileSharingAccount in Group Sharing prior to versions 13.0.6.15 in Android S12, 13.0.6.14 in Android R11 and below allows attackers to identify the device...

Improper access control

Improper access control vulnerability in ProfileSharingAccount in Group Sharing prior to versions 13.0.6.15 in Android S12, 13.0.6.14 in Android R11 and below allows attackers to identify the device...

CVE-2022-39877

CVE-2022-39877: Affected is Samsung Group Sharing’s ProfileSharingAccount. The root cause is improper access control in ProfileSharingAccount in Group Sharing, affecting Android S (12) prior to 13.0.6.15 and Android R (11) prior to 13.0.6.14 (and below). The vulnerability allows an attacker to id...

SAMSUNG Mobile devices 安全漏洞

SAMSUNG Mobile devices is a series of Samsung mobile devices, including cell phones, tablets, etc. SAMSUNG Mobile devices Android S12 before 13.0.6.15, Android R11 13.0.6.14 has an access control error vulnerability, which originates from the existence of access control in ProfileSharingAccount i...

CVE-2022-39877

Improper access control vulnerability in ProfileSharingAccount in Group Sharing prior to versions 13.0.6.15 in Android S12, 13.0.6.14 in Android R11 and below allows attackers to identify the device...

PT-2022-25069 · Unknown · Group Sharing

Name of the Vulnerable Software and Affected Versions: Group Sharing versions prior to 13.0.6.15 Description: The issue is related to improper access control in ProfileSharingAccount within Group Sharing, allowing attackers to identify the device. This can occur in Android versions S12 and below,...