Huawei HarmonyOS 竞争条件问题漏洞

Huawei HarmonyOS is an operating system developed by Chinese company Huawei. It is a full-scenario distributed operating system based on a microkernel architecture. Huawei HarmonyOS has a vulnerability related to permission control, which may affect its usability due to issues with permissions...

[SECURITY] Fedora 44 Update: flatpak-kcm-6.6.4-1.fc44

Flatpak Permissions Management KCM...

EUVD-2019-6438

Malware in sbrugna...

EUVD-2006-5714

Malware in sbrugna...

EUVD-2020-30054

Malware in sbrugna...

EUVD-2025-18298

Malicious code in bioql PyPI...

EUVD-2024-33146

Malicious code in bioql PyPI...

EUVD-2025-12408

Malicious code in bioql PyPI...

EUVD-2024-1709

Malicious code in bioql PyPI...

EUVD-2022-0503

Malicious code in bioql PyPI...

CVE-2020-9225

FusionSphere OpenStack 6.5.1 have an improper permissions management vulnerability. The software does not correctly perform a privilege assignment when an actor attempts to perform an action. Successful exploit could allow certain user to do certain operations beyond its privilege...

CVE-2025-2842 Tempo-operator: tempo operator token exposition lead to read sensitive data

A flaw was found in the Tempo Operator. When the Jaeger UI Monitor Tab functionality is enabled in a Tempo instance managed by the Tempo Operator, the Operator creates a ClusterRoleBinding for the Service Account of the Tempo instance to grant the cluster-monitoring-view ClusterRole. This can be...

CVE-2024-27101

SpiceDB is an open source, Google Zanzibar-inspired database for creating and managing security-critical application permissions. Integer overflow in chunking helper causes dispatching to miss elements or panic. Any SpiceDB cluster with any schema where a resource being checked has more than 6553...

CVE-2025-24401

Jenkins Folder-based Authorization Strategy Plugin 217.vd5b18537403e and earlier does not verify that permissions configured to be granted are enabled, potentially allowing users formerly granted typically optional permissions, like Overall/Manage to access functionality they're no longer entitle...

Mysiteforme 安全漏洞

Mysiteforme is a permissions management system for wangl1989 individual developers. A security vulnerability exists in Mysiteforme versions prior to 2025.01.01, which stems from a discovery via the component /file/download that contains a server-side request forgery vulnerability...

CVE-2024-54149

Winter is a free, open-source content management system CMS based on the Laravel PHP framework. Winter CMS prior to versions 1.2.7, 1.1.11, and 1.0.476 allow users with access to the CMS templates sections that modify Twig files to bypass the sandbox placed on Twig files and modify resources such...

PT-2024-40027 · Silverstripe · Silverstripe Cms

Name of the Vulnerable Software and Affected Versions: Silverstripe CMS affected versions not specified Description: The issue concerns insufficient CSRF protection in GridField, which can be exploited to trick users with CMS access into posting unspecified data from external websites. This affec...

The Ultimate SaaS Security Posture Management Checklist, 2025 Edition

Since the first edition of The Ultimate SaaS Security Posture Management SSPM Checklist was released three years ago, the corporate SaaS sprawl has been growing at a double-digit pace. In large enterprises, the number of SaaS applications in use today is in the hundreds, spread across departmenta...

PT-2023-29097 · Huawei · Emui +1

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue concerns the improper management of permissions to access device serial numbers SNs, which could impact service confidentiality upon successfu...

Expanding horizons—Microsoft Security’s continued commitment to multicloud

Multicloud strategies have become the new norm for most enterprises, with more than 90 percent of organizations adopting multiple cloud infrastructures, platforms, and services to run their businesses.1 However, a lack of visibility into their digital infrastructure exposes them to significant...