GHSA-54MC-GGHV-4CFJ SQLAdmin: Authorization Bypass on `ajax_lookup`

Impact The ajaxlookup endpoint in application.py bypasses the isaccessible access control check that all other endpoints enforce. If a developer restricts model access by overriding isaccessible, an authenticated user can still query that model's data through the ajaxlookup endpoint — silently...

PT-2026-30336

Name of the Vulnerable Software and Affected Versions AVideo versions 26.0 and prior Description The plugin/CloneSite/client.log.php endpoint serves the clone operation log file without authentication. Other endpoints in the CloneSite plugin directory enforce User::isAdmin. The log contains...

CVE-2026-33302

OpenEMR prior to version 8.0.0.2 contains an ACL logic bug in the zhAclCheck function: it only checks for any allowed entry and does not enforce explicit denies (allowed=0). This means a user or group marked as deny can still gain access if they are in a group with an allowed entry. The issue can...

UBUNTU-CVE-2023-54313

In the Linux kernel, the following vulnerability has been resolved: ovl: fix null pointer dereference in ovlgetaclrcu Following process: P1 P2 pathopenat linkpathwalk maylookup inodepermissionrcu ovlpermission aclpermissioncheck checkacl getcachedaclrcu ovlgetinodeacl realinode =...

EUVD-2025-30885

Malicious code in bioql PyPI...

CVE-2024-38292

In Extreme Networks XIQ-SE before 24.2.11, due to a missing access control check, a path traversal is possible, which may lead to privilege escalation...

GO-2024-2979 Cache driver GetBlob() allows read access to any blob without access control check in zotregistry.dev/zot

Cache driver GetBlob allows read access to any blob without access control check in zotregistry.dev/zot. NOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions. If this is causing false-positive reports from...

CVE-2021-39916

Lack of an access control check in the External Status Check feature allowed any authenticated user to retrieve the configuration of any External Status Check in GitLab EE starting from 14.1 before 14.3.6, all versions starting from 14.4 before 14.4.4, all versions starting from 14.5 before 14.5....

NewStart CGSL CORE 5.04 / MAIN 5.04 : kernel Multiple Vulnerabilities (NS-SA-2020-0041)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has kernel packages installed that are affected by multiple vulnerabilities: - In the Linux kernel before 4.1.4, a buffer overflow occurs when checking userspace params in drivers/media/dvb-frontends/cx24116.c. The maximum size...

Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2018-1232)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Virtuozzo 7 : readykernel-patch (VZA-2018-038)

According to the version of the vzkernel package and the readykernel-patch installed, the Virtuozzo installation on the remote host is affected by the following vulnerabilities : - Linux kernel before version 4.16-rc7 is vulnerable to a null pointer dereference in dccpwritexmit function in...

Concrete CMS: 'cnvID' parameter vulnerable to Insecure Direct Object References

Installation Information === IIS 8, PHP 5.5, Concrete5 5.7.5.7 Default install Issue POC An unauthenticated user can enumerate comments from all blog posts by POSTing requests to /index.php/tools/required/conversations/viewajax with incremental 'cnvID' integers. 1. An example blog with permission...

CVE-2017-7589

In OpenIDM through 4.0.0 before 4.5.0, the info endpoint may leak sensitive information upon a request by the "anonymous" user, as demonstrated by responses with a 200 HTTP status code and a JSON object containing IP address strings. This is related to a missing access-control check in...

Design/Logic Flaw

In OpenIDM through 4.0.0 before 4.5.0, the info endpoint may leak sensitive information upon a request by the "anonymous" user, as demonstrated by responses with a 200 HTTP status code and a JSON object containing IP address strings. This is related to a missing access-control check in...

Debian Security Advisory DSA 3433-1 (samba - security update)

Several vulnerabilities have been discovered in Samba, a SMB/CIFS file, print, and login server for Unix. The Common Vulnerabilities and Exposures project identifies the following issues: CVE-2015-3223 Thilo Uttendorfer of Linux Information Systems AG discovered that a malicious request can cause...

MGASA-2016-0094 Updated samba packages fix security vulnerabilities

Updated ldb and samba packages fix security vulnerabilities: A malicious client can send packets that cause the LDAP server in the samba daemon process to become unresponsive, preventing the server from servicing any other requests CVE-2015-3223. Versions of Samba from 3.0.0 to 4.3.2 inclusive ar...

Security fix for the ALT Linux 7 package samba version 4.3.3-alt1

Dec. 16, 2015 Andrey Cherepanov 4.3.3-alt1 - New version https://www.samba.org/samba/history/samba-4.3.3.html - Security fixes: - CVE-2015-3223 Denial of service in Samba Active Directory server - CVE-2015-5252 Insufficient symlink verification in smbd - CVE-2015-5299 Missing access control check...