CVE-2026-30223 OliveTin: JWT Audience Validation Bypass in Local Key and HMAC Modes

OliveTin gives access to predefined shell commands from a web interface. Prior to version 3000.11.1, when JWT authentication is configured using either "authJwtPubKeyPath" local RSA public key or "authJwtHmacSecret" HMAC secret, the configured audience value authJwtAud is not enforced during toke...

EUVD-2021-12262

Malware in sbrugna...

EUVD-2023-35068

Malicious code in bioql PyPI...

EUVD-2022-42318

Malicious code in bioql PyPI...

EUVD-2022-27431

Malicious code in bioql PyPI...

CVE-2023-30704

Improper Authorization vulnerability in Samsung Internet prior to version 22.0.0.35 allows physical attacker access downloaded files in Secret Mode without user authentication...

CVE-2023-21463

Improper access control vulnerability in MyFiles application prior to versions 12.2.09.0 in Android 11, 13.1.03.501 in Android 12 and 14.1.03.0 in Android 13 allows local attacker to get sensitive information of secret mode in Samsung Internet application with specific conditions...

CVE-2022-22284

Improper authentication vulnerability in Samsung Internet prior to 16.0.2.19 allows attackers to bypass secret mode password authentication...

CVE-2022-39873

Improper authorization vulnerability in Samsung Internet prior to version 18.0.4.14 allows physical attackers to add bookmarks in secret mode without user authentication...

CVE-2021-25366

Improper access control in Samsung Internet prior to version 13.2.1.70 allows physically proximate attackers to bypass the secret mode's authentication...

CVE-2024-20828

CVE-2024-20828 concerns Samsung Internet prior to version 24.0, where improper authorization verification allows physical attackers to access files downloaded in SecretMode without authentication. Affected component: Samsung Internet; root cause: insufficient authorization checks. Impact: potenti...

PT-2023-28172 · Jenkins · Jenkins Pipeline Maven Integration Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Pipeline Maven Integration Plugin versions 1330.v18e473854496 and earlier Description: The issue concerns the Jenkins Pipeline Maven Integration Plugin, which does not properly mask usernames of credentials specified in custom Maven...

CVE-2023-30704

Improper Authorization vulnerability in Samsung Internet prior to version 22.0.0.35 allows physical attacker access downloaded files in Secret Mode without user authentication...

CVE-2023-30704

Improper Authorization vulnerability in Samsung Internet prior to version 22.0.0.35 allows physical attacker access downloaded files in Secret Mode without user authentication...

Authorization

Improper Authorization vulnerability in Samsung Internet prior to version 22.0.0.35 allows physical attacker access downloaded files in Secret Mode without user authentication...

CVE-2023-30704

CVE-2023-30704 affects Samsung Internet prior to 22.0.0.35. The vulnerability is an improper authorization flaw that allows a physical attacker to access downloaded files in Secret Mode without user authentication. The issue impacts confidentiality (high) with a physical attack vector and low exp...

CVE-2023-30704

Improper Authorization vulnerability in Samsung Internet prior to version 22.0.0.35 allows physical attacker access downloaded files in Secret Mode without user authentication...

CVE-2023-30704

Improper Authorization vulnerability in Samsung Internet prior to version 22.0.0.35 allows physical attacker access downloaded files in Secret Mode without user authentication...

CVE-2023-21463

Improper access control vulnerability in MyFiles application prior to versions 12.2.09.0 in Android 11, 13.1.03.501 in Android 12 and 14.1.03.0 in Android 13 allows local attacker to get sensitive information of secret mode in Samsung Internet application with specific conditions...

CVE-2023-21463

Improper access control vulnerability in MyFiles application prior to versions 12.2.09.0 in Android 11, 13.1.03.501 in Android 12 and 14.1.03.0 in Android 13 allows local attacker to get sensitive information of secret mode in Samsung Internet application with specific conditions...