CVE-2025-10681

Storage credentials are hardcoded in the mobile app and device firmware. These credentials do not adequately limit end user permissions and do not expire within a reasonable amount of time. This vulnerability may grant unauthorized access to production storage containers...

EUVD-2025-209213

Storage credentials are hardcoded in the mobile app and device firmware. These credentials do not adequately limit end user permissions and do not expire within a reasonable amount of time. This vulnerability may grant unauthorized access to production storage containers...

CVE-2025-10681 Gardyn Mobile Application and Device Firmware Use Hard-coded Credentials

Storage credentials are hardcoded in the mobile app and device firmware. These credentials do not adequately limit end user permissions and do not expire within a reasonable amount of time. This vulnerability may grant unauthorized access to production storage containers...

CVE-2025-10681

Gardyn CVE-2025-10681 affects the Gardyn mobile app and device firmware, which hardcode Azure Blob Storage account keys granting account‑level access to three storage accounts. Impact includes read access to ~115k camera images, read/write to OTA firmware storage (enabling supply chain risk), acc...

Gardyn Home Kit Cloud API和Gardyn Mobile Application 信任管理问题漏洞

Gardyn Home Kit Cloud API and Gardyn Mobile Application are products of the American company Gardyn. Gardyn Home Kit Cloud API is an indoor hydroponic cultivation system. Gardyn Mobile Application is a mobile control application. There are security vulnerabilities in Gardyn Home Kit Cloud API and...

CVE-2025-64655

Improper authorization in Dynamics OmniChannel SDK Storage Containers allows an unauthorized attacker to elevate privileges over a network...

CVE-2025-64655

Improper authorization in Dynamics OmniChannel SDK Storage Containers allows an unauthorized attacker to elevate privileges over a network...

CVE-2025-64655 Dynamics OmniChannel SDK Storage Containers Elevation of Privilege Vulnerability

...

CVE-2025-64655

Improper authorization in Dynamics OmniChannel SDK Storage Containers allows an unauthorized attacker to elevate privileges over a network...

CVE-2025-64655 Dynamics OmniChannel SDK Storage Containers Elevation of Privilege Vulnerability

...

CVE-2025-64655

CVE-2025-64655 : Multiple sources corroborate an improper authorization vulnerability in the Dynamics OmniChannel SDK Storage Containers that could allow network-based privilege elevation. Affected product is the Dynamics OmniChannel SDK Storage Containers; root cause is improper authorization le...

Dynamics OmniChannel SDK Storage Containers Elevation of Privilege Vulnerability

Improper authorization in Dynamics OmniChannel SDK Storage Containers allows an unauthorized attacker to elevate privileges over a network...

PT-2025-47645

Name of the Vulnerable Software and Affected Versions Dynamics OmniChannel SDK Storage Containers affected versions not specified Description An improper authorization issue exists in Dynamics OmniChannel SDK Storage Containers, potentially allowing an unauthorized attacker to elevate privileges...

Microsoft Dynamics OmniChannel SDK Storage Containers 授权问题漏洞

Microsoft Dynamics OmniChannel SDK Storage Containers is a container for storing, accessing, or managing records from Microsoft Corporation, USA. An authorization issue vulnerability exists in Microsoft Dynamics OmniChannel SDK Storage Containers that stems from improper authorization and could...

GHSA-76RH-XV36-9MRC PEAR::Auth potential authentication bypass vulnerability

Multiple unspecified injection vulnerabilities in unspecified Auth Container back ends for PEAR::Auth before 1.2.4, and 1.3.x before 1.3.0r4, allow remote attackers to "falsify authentication credentials," related to the "underlying storage containers."...

BlobHunter - Find Exposed Data In Azure With This Public Blob Scanner

An opensource tool for scanning Azure blob storage accounts for publicly opened blobs. BlobHunter is a part of "Hunting Azure Blobs Exposes Millions of Sensitive Files" research: https://www.cyberark.com/resources/threat-research-blog/hunting-azure-blobs-exposes-millions-of-sensitive-files Overvi...

PEAR-Auth: Potential authentication bypass

Background PEAR-Auth is a PEAR package that provides methods to create a PHP based authentication system. Description Matt Van Gundy discovered that PEAR-Auth did not correctly validate data passed to the DB and LDAP containers. Impact A remote attacker could possibly exploit this vulnerability t...

CVE-2006-0868

Multiple unspecified injection vulnerabilities in unspecified Auth Container back ends for PEAR::Auth before 1.2.4, and 1.3.x before 1.3.0r4, allow remote attackers to "falsify authentication credentials," related to the "underlying storage containers."...