CVE-2026-40995 X.509 authentication bypasses Spring Security account checks

X509AuthenticationProvider could issue a fully authenticated X509AuthenticationToken when a presented certificate mapped to UserDetails, without applying Spring Security's standard account lifecycle checks disabled, locked, expired, or credentials-expired accounts. Affected versions: Spring Web...

EUVD-2022-52759

Malicious code in bioql PyPI...

CVE-2022-31131

Nextcloud mail is a Mail app for the Nextcloud home server product. Versions of Nextcloud mail prior to 1.12.2 were found to be missing user account ownership checks when performing tasks related to mail attachments. Attachments may have been exposed to incorrect system users. It is recommended...

Google Android 安全漏洞

Google Android is a Linux-based open source operating system from Google Inc. in the United States. A security vulnerability exists in Google Android 13, which stems from a lack of permission checking in ContentService, which could potentially check for the existence of an account on the device,...

Microsoft Windows Kernel Privilege Elevation Vulnerabilities (3038680)

This host is missing an important security update according to Microsoft Bulletin MS15-025. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

MS15-025: Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege (3038680)

The remote Windows host is affected by multiple privilege escalation vulnerabilities : - An elevation of privilege vulnerability exists due to Windows Registry Virtualization improperly allowing a user to modify the virtual store of another user. A local attacker, with a specially crafted...