CVE-2026-6355

A vulnerability in the web application allows unauthorized users to access and manipulate sensitive data across different tenants by exploiting insecure direct object references. This could lead to unauthorized access to sensitive information and unauthorized changes to the tenant's configuration...

CVE-2026-6355

CVE-2026-6355 describes a vulnerability in a web application where unauthorized users can access and manipulate sensitive data across tenants by exploiting insecure direct object references. The root cause is insecure handling of object identifiers that allows cross-tenant access and configuratio...

CVE-2026-6355 CVE-2026-6355

A vulnerability in the web application allows unauthorized users to access and manipulate sensitive data across different tenants by exploiting insecure direct object references. This could lead to unauthorized access to sensitive information and unauthorized changes to the tenant's configuration...

CVE-2026-6355 CVE-2026-6355

A vulnerability in the web application allows unauthorized users to access and manipulate sensitive data across different tenants by exploiting insecure direct object references. This could lead to unauthorized access to sensitive information and unauthorized changes to the tenant's configuration...

EUVD-2025-203992

An issue was discovered in DriveLock 24.1 through 24.1., 24.2 through 24.2., and 25.1 through 25.1.. An incomplete configuration agent authentication in DriveLock tenant allows attackers to impersonate any DriveLock agent on the network against the DES DriveLock Enterprise Service...

CVE-2025-67791

An issue was discovered in DriveLock 24.1 through 24.1., 24.2 through 24.2., and 25.1 through 25.1.. An incomplete configuration agent authentication in DriveLock tenant allows attackers to impersonate any DriveLock agent on the network against the DES DriveLock Enterprise Service...

PT-2025-51924

Name of the Vulnerable Software and Affected Versions DriveLock versions 24.1 through 24.1. DriveLock versions 24.2 through 24.2. DriveLock versions 25.1 through 25.1. Description An incomplete configuration related to agent authentication in DriveLock tenants can allow attackers to impersonate a...

EUVD-2018-12304

Malware in sbrugna...

Fedora: Security Advisory for origin (FEDORA-2022-5038c3236c)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

IBM QRadar SIEM Information Disclosure Vulnerability (CNVD-2020-61017)

IBM QRadar is an enterprise security information and event management SIEM product that detects anomalies, finds advanced threats, and eliminates false positives. An information disclosure vulnerability exists in IBM QRadar SIEM 7.3 and 7.4 when using a multi-tenant configuration. Detailed...

CVE-2018-3825

In Elastic Cloud Enterprise ECE versions prior to 1.1.4 a default master encryption key is used in the process of granting ZooKeeper access to Elasticsearch clusters. Unless explicitly overwritten, this master key is predictable across all ECE deployments. If an attacker can connect to ZooKeeper...