CVE-2025-66515 Nextcloud Approval app allows users to request approval for other users file

The Nextcloud Approval app allows approval or disapproval of files in the sidebar. Prior to 1.3.1 and 2.5.0, an authenticated user listed as a requester in a workflow can set another user’s file into the “pending approval” without access to the file by using the numeric file id. This vulnerabilit...

CVE-2025-66515 Nextcloud Approval app allows users to request approval for other users file

The Nextcloud Approval app allows approval or disapproval of files in the sidebar. Prior to 1.3.1 and 2.5.0, an authenticated user listed as a requester in a workflow can set another user’s file into the “pending approval” without access to the file by using the numeric file id. This vulnerabilit...

CVE-2025-66515

The CVE describes an authorization flaw in the Nextcloud Approval app where an authenticated user listed as a workflow requester can place another user’s file into the “pending approval” state using the file’s numeric id, without having access to the file. This affects versions prior to 1.3.1 and...

Approval app allows users to request approval for other users file

None...

PT-2025-49295

Name of the Vulnerable Software and Affected Versions Nextcloud Approval app versions prior to 1.3.1 Nextcloud Approval app versions prior to 2.5.0 Description The Nextcloud Approval app has an issue where an authenticated user, listed as a requester in a workflow, can set another user’s file to...

EUVD-2018-7609

Malware in sbrugna...

EUVD-2001-0509

Malware in sbrugna...

EUVD-2002-1017

Malware in sbrugna...

SUSE CVE-2023-53539

In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix incomplete state save in rxerequester If a send packet is dropped by the IP layer in rxerequester the call to rxexmitpacket can fail with err == -EAGAIN. To recover, the state of the wqe is restored to the state...

AZL-77396 CVE-2023-53539 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix incomplete state save in rxerequester If a send packet is dropped by the IP layer in rxerequester the call to rxexmitpacket can fail with err == -EAGAIN. To recover, the state of the wqe is restored to the state...

CVE-2023-53539

In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix incomplete state save in rxerequester If a send packet is dropped by the IP layer in rxerequester the call to rxexmitpacket can fail with err == -EAGAIN. To recover, the state of the wqe is restored to the state...

CVE-2023-53539 RDMA/rxe: Fix incomplete state save in rxe_requester

In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix incomplete state save in rxerequester If a send packet is dropped by the IP layer in rxerequester the call to rxexmitpacket can fail with err == -EAGAIN. To recover, the state of the wqe is restored to the state...

CVE-2023-53539

The CVE-2023-53539 entry refers to a Linux kernel issue in RDMA/rxe (rxe_requester) where the state save/restore missed part of the wqe’s DMA state, causing corruption of DMA state on packet resend after an IP-drop. The fix corrects how the wqe and DMA struct state are saved/restored, enabling sa...

CVE-2023-53539 RDMA/rxe: Fix incomplete state save in rxe_requester

In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix incomplete state save in rxerequester If a send packet is dropped by the IP layer in rxerequester the call to rxexmitpacket can fail with err == -EAGAIN. To recover, the state of the wqe is restored to the state...

Linux Distros Unpatched Vulnerability : CVE-2021-39519

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in libjpeg through 2020021. A NULL pointer dereference exists in the function BlockBitmapRequester::PullQData located in...

CVE-2025-52395

An issue in Roadcute API v.1 allows a remote attacker to execute arbitrary code via the application exposing a password reset API endpoint that fails to validate the identity of the requester properly...

Roadcube API 安全漏洞

Roadcube API is a management interface software from Roadcube Greece. A security vulnerability exists in the Roadcube API v.1 version that stems from a password reset API endpoint that does not validate the identity of the requester, which could lead to the execution of arbitrary code...

MAL-2025-20150 Malicious code in facetjs-mysql-requester (npm)

The package facetjs-mysql-requester was found to contain malicious code...

Malicious code in facetjs-mysql-requester (npm)

The package facetjs-mysql-requester was found to contain malicious code...

MAL-2025-20148 Malicious code in facetjs-druid-requester (npm)

The package facetjs-druid-requester was found to contain malicious code...