544 matches found
Access Control Bypass
Overview rdiffweb is an A web interface to rdiff-backup repositories. Affected versions of this package are vulnerable to Access Control Bypass via the API authentication process. An attacker can gain unauthorized access to other users' data and perform actions on their behalf by using any valid ...
CVE-2025-67796
IKUS Rdiffweb before 2.10.5 has an improper authorization flaw that allows an attacker with any valid or stolen access token to act as other users. The API does not enforce binding between the authenticated subject and the targeted user/tenant, so crafted requests can read or modify other users...
Rdiffweb 访问控制错误漏洞
Rdiffweb is a web application personally developed by Patrik Dufresne from the United States. It allows for quick access to your files through an efficient web interface. Versions of Rdiffweb prior to 2.10.5 contained a security vulnerability related to access control. This vulnerability stemmed...
EUVD-2025-209635
IKUS Rdiffweb before 2.10.5 has an improper authorization flaw that allows an attacker with any valid or stolen access token to act as other users. The API does not enforce binding between the authenticated subject and the targeted user/tenant, so crafted requests can read or modify other users...
CVE-2025-67796
IKUS Rdiffweb before 2.10.5 has an improper authorization flaw that allows an attacker with any valid or stolen access token to act as other users. The API does not enforce binding between the authenticated subject and the targeted user/tenant, so crafted requests can read or modify other users...
CVE-2025-67796
IKUS Rdiffweb is affected by an improper authorization vulnerability (CVE-2025-67796) in versions prior to 2.10.6. The API fails to bind the authenticated subject to the targeted user/tenant, allowing a valid or stolen token to read or modify other users’ data and potentially perform privileged a...
EUVD-2007-2739
Malware in sbrugna...
EUVD-2022-0230
Malicious code in bioql PyPI...
EUVD-2022-0248
Malicious code in bioql PyPI...
EUVD-2022-0234
Malicious code in bioql PyPI...
EUVD-2022-0238
Malicious code in bioql PyPI...
EUVD-2022-0244
Malicious code in bioql PyPI...
EUVD-2022-0242
Malicious code in bioql PyPI...
EUVD-2022-0247
Malicious code in bioql PyPI...
EUVD-2022-0267
Malicious code in bioql PyPI...
EUVD-2022-0231
Malicious code in bioql PyPI...
EUVD-2022-0240
Malicious code in bioql PyPI...
EUVD-2022-0256
Malicious code in bioql PyPI...
EUVD-2022-0245
Malicious code in bioql PyPI...
EUVD-2022-0264
Malicious code in bioql PyPI...