EUVD-2024-38961

Malicious code in bioql PyPI...

EUVD-2023-33014

Malicious code in bioql PyPI...

CVE-2025-8061

A potential insufficient access control vulnerability was reported in the Lenovo Dispatcher 3.0 and Dispatcher 3.1 drivers used by some Lenovo consumer notebooks that could allow an authenticated local user to execute code with elevated privileges. The Lenovo Dispatcher 3.2 driver is not affected...

Openmediavault <= 7.4.17 Privilege Escalation Vulnerability.

Openmediavault is prone to a privilege escalation vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

CVE-2025-50674

An issue was discovered in the changePassword method in file /usr/share/php/openmediavault/system/user.inc in OpenMediaVault 7.4.17 allowing local authenticated attackers to escalate privileges to root...

CVE-2025-5468

Improper handling of symbolic links in Ivanti Connect Secure before version 22.7R2.8 or 22.8R2, Ivanti Policy Secure before 22.7R1.5, Ivanti ZTA Gateway before 22.8R2.3-723 and Ivanti Neurons for Secure Access before 22.8R1.4 Fix deployed on 02-Aug-2025 allows a local authenticated attacker to re...

CVE-2025-22165

This Medium severity ACE Arbitrary Code Execution vulnerability was introduced in version 4.2.8 of Sourcetree for Mac. This ACE Arbitrary Code Execution vulnerability, with a CVSS Score of 5.9, allows a locally authenticated attacker to execute arbitrary code which has high impact to...

CVE-2024-41750

IBM SmartCloud Analytics - Log Analysis 1.3.7.0, 1.3.7.1, 1.3.7.2, 1.3.8.0, 1.3.8.1, and 1.3.8.2 could allow a local, authenticated attacker to bypass client-side enforcement of security to manipulate data...

CVE-2025-36057

IBM Cognos Analytics Mobile iOS 1.1.0 through 1.1.22 is vulnerable to authentication bypass by using the Local Authentication Framework library which is not needed as biometric authentication is not used in the application...

CVE-2025-36057

IBM Cognos Analytics Mobile iOS 1.1.0 through 1.1.22 is vulnerable to authentication bypass by using the Local Authentication Framework library which is not needed as biometric authentication is not used in the application...

CVE-2025-36057 IBM Cognos Analytics Mobile (iOS) authentication bypass

IBM Cognos Analytics Mobile iOS 1.1.0 through 1.1.22 is vulnerable to authentication bypass by using the Local Authentication Framework library which is not needed as biometric authentication is not used in the application...

CVE-2025-36057

IBM Cognos Analytics Mobile (iOS) versions 1.1.0–1.1.22 contain an authentication bypass due to the use of an unnecessary Local Authentication Framework library, despite biometric authentication not being used in the app. The vulnerability affects the iOS client and is described in multiple sourc...

CVE-2025-36057 IBM Cognos Analytics Mobile (iOS) authentication bypass

IBM Cognos Analytics Mobile iOS 1.1.0 through 1.1.22 is vulnerable to authentication bypass by using the Local Authentication Framework library which is not needed as biometric authentication is not used in the application...

CVE-2025-41459

CVE-2025-41459 affects Two App Studio Journey 5.5.6 on iOS. The local authentication component has insufficient brute-force protection and is vulnerable to runtime manipulation, allowing local attackers to bypass biometric and PIN controls via repeated PIN attempts or dynamic code injection. CVSS...

PT-2025-30322 · Ibm · Ibm Cognos Analytics Mobile

Name of the Vulnerable Software and Affected Versions: IBM Cognos Analytics Mobile iOS versions 1.1.0 through 1.1.22 Description: The application uses the Local Authentication Framework library despite not utilizing biometric authentication. This results in an authentication bypass...

Two App Studio Journey 安全漏洞

Two App Studio Journey is a cross-platform digital journaling application from Two App Studio Singapore. A security vulnerability exists in Two App Studio Journey version 5.5.6, which stems from insufficient protection of the local authentication component and could result in biometric and PIN...

PT-2025-30260 · Unknown · Two App Studio Journey

Name of the Vulnerable Software and Affected Versions: Two App Studio Journey version 5.5.6 Description: The local authentication component has insufficient protection against brute-force attacks and runtime manipulation on iOS. This allows local attackers to bypass biometric and PIN-based access...

CVE-2025-5463

Insertion of sensitive information into a log file in Ivanti Connect Secure before version 22.7R2.8 and Ivanti Policy Secure before version 22.7R1.5 allows a local authenticated attacker to obtain that information...

PT-2025-25774

Name of the Vulnerable Software and Affected Versions Linux PAM pam-config affected versions not specified Description A Local Privilege Escalation LPE flaw exists in pam-config within Linux Pluggable Authentication Modules PAM. This issue allows an unprivileged local attacker, such as one...

CVE-2024-31870

IBM Db2 for i 7.2, 7.3, 7.4, and 7.5 supplies user defined table function is vulnerable to user enumeration by a local authenticated attacker, without having authority to the related USRPRF objects. This can be used by a malicious actor to gather information about users that can be targeted in...