CVE-2023-45382

In the module "SoNice Retour" soniceretour up to version 2.1.0 from Common-Services for PrestaShop, a guest can download personal information without restriction by performing a path traversal attack. Due to a lack of permissions control and a lack of control in the path name construction, a gues...

CVE-2023-45383

In the module "SoNice etiquetage" soniceetiquetage up to version 2.5.9 from Common-Services for PrestaShop, a guest can download personal information without restriction by performing a path traversal attack. Due to a lack of permissions control and a lack of control in the path name construction...

CVE-2024-34991

In the module "Axepta" axepta before 1.3.4 from Quadra Informatique for PrestaShop, a guest can download partial credit card information expiry date / postal address / email / etc. without restriction due to a lack of permissions control...

PT-2026-2200

Name of the Vulnerable Software and Affected Versions versions prior to 2026-22536 Description The lack of permissions control for the user XXX in the sudoers file allows for privilege escalation without restrictions. Recommendations At the moment, there is no information about a newer version th...

CVE-2025-13326

Mattermost Desktop App versions 6.0.0 fail to enable the Hardened Runtime on the Mattermost Desktop App when packaged for Mac App Store which allows an attacker to inherit TCC permissions via copying the binary to a tmp folder...

Huawei HarmonyOS 安全漏洞

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A privilege control vulnerability exists in the Huawei HarmonyOS file management module, which can be exploited by an attacker to compromise service...

Huawei HarmonyOS 安全漏洞

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A privilege control vulnerability exists in Huawei HarmonyOS, which stems from improper privilege control of the memory management module and can be exploite...

ROS-20251110-03

Vulnerability in Google Chrome browser is related to insufficient input data validation when processing DOM elements. Exploitation of the vulnerability allows a remote attacker to launch a spoofing attack or cause a denial of service. Spoofing attack or cause a denial of service Vulnerability in...

EUVD-2020-29340

Malware in sbrugna...

EUVD-2023-49672

Malicious code in bioql PyPI...

EUVD-2023-49674

Malicious code in bioql PyPI...

EUVD-2023-49675

Malicious code in bioql PyPI...

EUVD-2023-50574

Malicious code in bioql PyPI...

CVE-2023-47712

IBM Security Guardium 11.3, 11.4, 11.5, and 12.0 could allow a local user to gain elevated privileges on the system due to improper permissions control. IBM X-Force ID: 271527...

CVE-2023-46346

In the module "Product Catalog CSV, Excel, XML Export PRO" exportproducts in versions up to 4.1.1 from MyPrestaModules for PrestaShop, a guest can download personal information without restriction by performing a path traversal attack. Due to a lack of permissions control and a lack of control in...

CVE-2023-47458

An issue in SpringBlade v.3.7.0 and before allows a remote attacker to escalate privileges via the lack of permissions control framework...

CVE-2024-34991

In the module "Axepta" axepta before 1.3.4 from Quadra Informatique for PrestaShop, a guest can download partial credit card information expiry date / postal address / email / etc. without restriction due to a lack of permissions control...

CVE-2024-34991

The CVE-2024-34991 entry concerns the Axepta module for PrestaShop by Quadra Informatique, affected up to version 1.3.3. The vulnerability arises from insufficient permissions control, allowing an unauthenticated guest to download sensitive data (partial credit card information such as expiry dat...

CVE-2024-36682

In the module "Theme settings" pkthemesettings = 1.8.8 from Promokit.eu for PrestaShop, a guest can download all email collected while SHOP is in maintenance mode. Due to a lack of permissions control, a guest can access the txt file which collect email when maintenance is enable which can lead t...

CVE-2023-47712 IBM Security Guardium privilege escalation

IBM Security Guardium 11.3, 11.4, 11.5, and 12.0 could allow a local user to gain elevated privileges on the system due to improper permissions control. IBM X-Force ID: 271527...