CVE-2026-34261 Missing Authorization check in SAP Business Analytics and SAP Content Management

Due to a missing authorization check in SAP Business Analytics and SAP Content Management, an authenticated user could make unauthorized calls to certain remote function modules, potentially accessing sensitive information beyond their intended permissions. This vulnerability affects...

EUVD-2020-23291

Malware in sbrugna...

The minter can steal the Frankencoin in notifyLoss()

Lines of code Vulnerability details Impact The minter can steal the Frankencoin in notifyLoss because of In this code: if reserveLeft = amount transferaddressreserve, msg.sender, amount; The minter can call the function notifyLoss Constantly. When reserveLeft = amount, the minter who call the fir...

Design/Logic Flaw

An issue was discovered in the Widgets extension for MediaWiki through 1.35.1. Any user with the ability to edit pages within the Widgets namespace could call any static function within any class defined within PHP or MediaWiki via a crafted HTML comment, related to a Smarty template. For example...

CVE-2020-12404

For native-to-JS bridging the app requires a unique token to be passed that ensures non-app code can't call the bridging functions. That token could leak when used for downloading files. This vulnerability affects Firefox for iOS 26...