129 matches found
GHSA-4J59-VV55-Q6H3 Salt's salt.auth.pki module does not properly authenticate callers
The salt.auth.pki module does not properly authenticate callers. The "password" field contains a public certificate which is validated against a CA certificate by the module. This is not pki authentication, as the caller does not need access to the corresponding private key for the authentication...
CVE-2025-22237 CVE-2025-22237 salt advisory
An attacker with access to a minion key can exploit the 'on demand' pillar functionality with a specially crafted git url which could cause and arbitrary command to be run on the master with the same privileges as the master process...
CVE-2025-47849
A privilege escalation vulnerability exists in Apache CloudStack versions 4.10.0.0 through 4.20.0.0 where a malicious Domain Admin user in the ROOT domain can get the API key and secret key of user-accounts of Admin role type in the same domain. This operation is not appropriately restricted and...
CVE-2025-47849 Apache CloudStack: Insecure access of user's API/Secret Keys in the same domain
A privilege escalation vulnerability exists in Apache CloudStack versions 4.10.0.0 through 4.20.0.0 where a malicious Domain Admin user in the ROOT domain can get the API key and secret key of user-accounts of Admin role type in the same domain. This operation is not appropriately restricted and...
CVE-2024-51493
OctoPrint provides a web interface for controlling consumer 3D printers. OctoPrint versions up until and including 1.10.2 contain a vulnerability that allows an attacker that has gained temporary control over an authenticated victim's OctoPrint browser session to retrieve/recreate/delete the user...
CVE-2024-10092
The Download Monitor plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the ajaxhandleapikeyactions function in all versions up to, and including, 5.0.12. This makes it possible for authenticated attackers, with Subscriber-level access and...
CVE-2020-13963
SOPlanning before 1.47 has Incorrect Access Control because certain secret key information, and the related authentication algorithm, is public. The key for admin is hardcoded in the installation code, and there is no key for publicsp which is a guest account...
CVE-2025-2894
The Go1 also known as "The World's First Intelligence Bionic Quadruped Robot Companion of Consumer Level," contains an undocumented backdoor that can enable the manufacturer, and anyone in possession of the correct API key, complete remote control over the affected robotic device using the...
CVE-2025-2894
The Go1 also known as "The World's First Intelligence Bionic Quadruped Robot Companion of Consumer Level," contains an undocumented backdoor that can enable the manufacturer, and anyone in possession of the correct API key, complete remote control over the affected robotic device using the...
GHSA-46MP-8W32-6G94 Kyverno ignores subjectRegExp and IssuerRegExp
Summary Kyverno ignores subjectRegExp and IssuerRegExp while verifying artifact's sign with keyless mode. It allows the attacker to deploy kubernetes resources with the artifacts that were signed by unexpected certificate. Details Kyverno checks only subject and issuer fields when verifying an...
OESA-2025-1170 etcd security update
%expand: Security Fixes: Authentication vulnerability found in Etcd-io v.3.4.10 allows remote attackers to escalate privileges via the debug function.CVE-2021-28235 Parsing malicious or large YAML documents can consume excessive amounts of CPU or memory.CVE-2022-3064 Etcd v3.5.4 allows remote...
PT-2025-6202 · Siemens · Simatic Ipc Diagmonitor +1
Name of the Vulnerable Software and Affected Versions: SIMATIC IPC DiagBase All versions SIMATIC IPC DiagMonitor All versions Description: A vulnerability has been identified where the affected devices do not properly restrict user permissions for the registry key. This could allow an authenticat...
CVE-2025-20886
CVE-2025-20886 concerns Samsung Mobile devices where the issue resides in the softsim trustlet due to sensitive information being included in test code prior to the SMR January 2025 Release 1. The documented impact is that local privileged attackers can obtain the test key. Public technical detai...
PT-2024-34657 · Octoprint · Octoprint
Name of the Vulnerable Software and Affected Versions: OctoPrint versions up to and including 1.10.2 Description: OctoPrint provides a web interface for controlling consumer 3D printers. The issue allows an attacker that has gained temporary control over an authenticated victim's OctoPrint browse...
CVE-2024-39865
A vulnerability has been identified in SINEMA Remote Connect Server All versions V3.2 SP1. The affected application allows users to upload encrypted backup files. As part of this backup, files can be restored without correctly checking the path of the restored file. This could allow an attacker...
PT-2024-4827 · Jetbrains · Teamcity
Name of the Vulnerable Software and Affected Versions: JetBrains TeamCity versions prior to 2024.03.3 Description: The issue is related to insufficient protection of registration data in the continuous integration and delivery CI/CD system, allowing a remote attacker to gain unauthorized access t...
UBUNTU-CVE-2024-5469
DoS in KAS in GitLab CE/EE affecting all versions from 16.10.0 prior to 16.10.6 and 16.11.0 prior to 16.11.3 allows an attacker to crash KAS via crafted gRPC requests...
CVE-2024-4844
Hardcoded credentials vulnerability in Trellix ePolicy Orchestrator ePO on Premise prior to 5.10 Service Pack 1 Update 2 allows an attacker with admin privileges on the ePO server to read the contents of the orion.keystore file, allowing them to access the ePO database encryption key. This was...
DELL ECS Connection Manager 安全漏洞
DELL ECS Connection Manager is a software from Dell USA for managing enterprise cloud storage. A security vulnerability exists in DELL ECS Connection Manager that originates from allowing an unauthenticated attacker to access computers on the same network in an HA or cluster group via an IP...
CVE-2024-29957
When Brocade SANnav before v2.3.1 and v2.3.0a servers are configured in Disaster Recovery mode, the encryption key is stored in the DR log files. This could provide attackers with an additional, less-protected path to acquiring the encryption key...