CVE-2025-67926

Missing Authorization vulnerability in Shahjahan Jewel Fluent Support fluent-support allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Fluent Support: from n/a through = 1.10.4...

CVE-2025-62092

Missing Authorization vulnerability in Wiremo Wiremo woo-reviews-by-wiremo allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Wiremo: from n/a through = 1.4.99...

PT-2025-54379

Missing Authorization vulnerability in Strategy11 Team Tasty Recipes Lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Tasty Recipes Lite: from n/a through 1.1.5...

CVE-2025-54741

Missing Authorization vulnerability in Tyler Moore Super Blank super-blank allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Super Blank: from n/a through = 1.2.0...

EUVD-2025-23550

Malicious code in bioql PyPI...

CVE-2025-51387

The GitKraken Desktop 10.8.0 and 11.1.0 is susceptible to code injection due to misconfigured Electron Fuses. Specifically, the following insecure settings were observed: RunAsNode is enabled and EnableNodeCliInspectArguments is not disabled. These configurations allow the application to be...

CVE-2025-1385 Fail input validation in clickhouse-library-bridge API could lead to RCE under specific configuration

When the library bridge feature is enabled, the clickhouse-library-bridge exposes an HTTP API on localhost. This allows clickhouse-server to dynamically load a library from a specified path and execute it in an isolated process. Combined with the ClickHouse table engine functionality that permits...

SAP Fiori 安全漏洞

SAP Fiori, a user experience UX design system for SAP applications from SAP, Germany, provides designers and developers with a set of tools and guidelines to quickly develop applications for any platform, providing a consistent, innovative experience for creators and users. A security vulnerabili...

CVE-2024-55923

CVE-2024-55923 describes a CSRF flaw in the TYPO3 backend deep-link functionality within the Indexed Search Module . The vulnerability can enable an attacker to delete items in the module when a logged-in backend user is tricked into visiting a malicious URL, under misconfigurations where the bac...

Input Validation Error Vulnerability in Multiple NETGEAR Products (CNVD-2021-46351)

NETGEAR D7800 and others are products of NETGEAR Corporation.NETGEAR D7800 is a wireless modem.NETGEAR D6100 is a wireless modem.NETGEAR WNDR4300 is a wireless router.NETGEAR WNDR4300 is a wireless router. A security vulnerability exists in multiple NETGEAR products that stems from a...

Misconfigured Google Groups Settings Leaking Sensitive Data

By Uzair Amir Kenna Security in collaboration with KrebsOnSecurity has identified the presence This is a post from HackRead.com Read the original post: Misconfigured Google Groups Settings Leaking Sensitive Data...

U.S. Dept Of Defense: Misconfigured user account settings on DoD website

A Department of Defense website was misconfigured in a manner that may have allowed a malicious user to reset, or steal login credentials of legitimate users. @mantis was able to demonstrate this vulnerability by testing the user account application of the website. Thanks @mantis!...