CVE-2026-10854

A visibility control issue in the event template creation workflow allowed non-site-admin users to access private galaxies belonging to other organisations. The event template builder loaded all enabled galaxies without applying organisation or distribution-based access restrictions, potentially...

CVE-2026-10854

A visibility control issue in the event template creation workflow allowed non-site-admin users to access private galaxies belonging to other organisations. The event template builder loaded all enabled galaxies without applying organisation or distribution-based access restrictions, potentially...

EUVD-2026-13908

Discourse is an open-source discussion platform. Prior to versions 2026.3.0-latest.1, 2026.2.1, and 2026.1.2, users with tag-editing permissions could edit and create synonyms for tags hidden in restricted tag groups, even if they lacked visibility into those tags. Versions 2026.3.0-latest.1,...

CVE-2022-35489

In Zammad 5.2.0, customers who have secondary organizations assigned were able to see all organizations of the system rather than only those to which they are assigned...

CVE-2025-55067

The TLS4B ATG system is vulnerable to improper handling of Unix time values that exceed the 2038 epoch rollover. When the system clock reaches January 19, 2038, it resets to December 13, 1901, causing authentication failures and disrupting core system functionalities such as login access, history...

EUVD-2020-12584

Malware in sbrugna...

EUVD-2020-17974

Malware in sbrugna...

EUVD-2024-36476

Malicious code in bioql PyPI...

EUVD-2023-23679

Malicious code in bioql PyPI...

EUVD-2022-4587

Malicious code in bioql PyPI...

CVE-2025-11239

Potentially sensitive information in jobs on KNIME Business Hub prior to 1.16.0 were visible to all members of the user's team. Starting with KNIME Business Hub 1.16.0 only metadata of jobs is shown to team members. Only the creator of a job can see all information including in- and output data i...

PT-2025-40343

Name of the Vulnerable Software and Affected Versions KNIME Business Hub versions prior to 1.16.0 Description Potentially sensitive information within jobs on KNIME Business Hub was accessible to all team members. From version 1.16.0 onwards, only job metadata is visible to team members, with ful...

Linux Distros Unpatched Vulnerability : CVE-2020-11997

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Apache Guacamole 1.2.0 and earlier do not consistently restrict access to connection history based on user visibility. If multiple users share access to the sam...

Newly published App-V applications are not visible to end users

After most recent upgrade of Web Studio users are not able to see newly published App-V packages/applications. This issue affects only newly published App-V applications...

CVE-2025-47288 Discourse Policy plugin private group members visible

Discourse Policy plugin gives the ability to confirm users have seen or done something. Prior to version 0.1.1, if there was a policy posted to a public topic that was tied to a private group then the group members could be shown to non-group members. This issue has been patched in version 0.1.1....

CVE-2024-49373

No Fuss Computing Centurion ERP is open source enterprise resource planning ERP software. Prior to version 1.2.1, an authenticated user can view projects within organizations they are not apart of. Version 1.2.1 fixes the problem...

CVE-2024-45297

Discourse is an open source platform for community discussion. Users can see topics with a hidden tag if they know the label/name of that tag. This issue has been patched in the latest stable, beta and tests-passed version of Discourse. All users area are advised to upgrade. There are no known...

CVE-2024-37167

Tuleap is an Open Source Suite to improve management of software developments and collaboration. Users are able to see backlog items that they should not see. This issue has been patched in Tuleap Community Edition version 15.9.99.97...

Citrix PVS Console and Server Not Visible to Other Admins After Installed via CLI

After installing the Citrix Provisioning Services PVS Console and server version 2402 CU2 on a Windows Server 2019 machine using command line, the application is only visible to the user who performed the installation. Other administrators logging into the same server do not see the Citrix PVS...

CLSA-2025-1747431041 Fix CVE(s): CVE-2024-10976, CVE-2024-10977

SECURITY UPDATE: incomplete tracking of row security allows unauthorized access to data - debian/patches/CVE-2024-10976.patch: Ensure cached plans to be correctly marked as dependent on role to fix the issue of neglected marking which could lead to incorrect row visibility. - CVE-2024-10976...