33 matches found
PT-2026-46396
Name of the Vulnerable Software and Affected Versions Arista EOS affected versions not specified Description On affected platforms running Arista EOS with MACsec and egress ACLs configured on the same interfaces, the ACL policies may not be enforced for packets egressing on those ports. This...
SUSE CVE-2026-7573
An authorization bypass CWE-639 in the GetUserRoles gRPC API endpoint in Velocidex Velociraptor below version 0.76.5 allows any authenticated low-privilege user to retrieve the complete ACL policy roles and permissions for any user across all organizations by supplying targeted Name and Org...
GHSA-3C93-G9G6-P5J4 Velocidex Velociraptor has an authorization bypass vulnerability
An authorization bypass CWE-639 in the GetUserRoles gRPC API endpoint in Velocidex Velociraptor below version 0.76.5 allows any authenticated low-privilege user to retrieve the complete ACL policy roles and permissions for any user across all organizations by supplying targeted Name and Org...
CVE-2026-7573
An authorization bypass CWE-639 in the GetUserRoles gRPC API endpoint in Velocidex Velociraptor below version 0.76.5 allows any authenticated low-privilege user to retrieve the complete ACL policy roles and permissions for any user across all organizations by supplying targeted Name and Org...
PT-2026-37339
Name of the Vulnerable Software and Affected Versions Velocidex Velociraptor versions prior to 0.76.5 Description An authorization bypass in the 'GetUserRoles' gRPC API endpoint allows any authenticated low-privilege user to retrieve the complete Access Control List ACL policy, including roles an...
EUVD-2011-3965
Malware in sbrugna...
EUVD-2021-2099
Malware in sbrugna...
EUVD-2025-1934
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2025-4922
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Nomad Community and Nomad Enterprise Nomad prefix-based ACL policy lookup can lead to incorrect rule application and shadowing. This vulnerability, identified a...
Incorrect Privilege Assignment Vulnerability
github.com/hashicorp/nomad is vulnerable to Incorrect Privilege Assignment. The vulnerability is due to a flawed implementation of prefix-based ACL policy lookup, which can cause rules to be incorrectly matched or shadowed, allowing an attacker to bypass intended access restrictions and potential...
CVE-2025-4922
Nomad Community and Nomad Enterprise “Nomad” prefix-based ACL policy lookup can lead to incorrect rule application and shadowing. This vulnerability, identified as CVE-2025-4922, is fixed in Nomad Community Edition 1.10.2 and Nomad Enterprise 1.10.2, 1.9.10, and 1.8.14...
GHSA-RX97-6C62-55MF Hashicorp Nomad Incorrect Privilege Assignment vulnerability
Nomad Community and Nomad Enterprise “Nomad” prefix-based ACL policy lookup can lead to incorrect rule application and shadowing. This vulnerability, identified as CVE-2025-4922, is fixed in Nomad Community Edition 1.10.2 and Nomad Enterprise 1.10.2, 1.9.10, and 1.8.14...
Hashicorp Nomad Incorrect Privilege Assignment vulnerability
Nomad Community and Nomad Enterprise “Nomad” prefix-based ACL policy lookup can lead to incorrect rule application and shadowing. This vulnerability, identified as CVE-2025-4922, is fixed in Nomad Community Edition 1.10.2 and Nomad Enterprise 1.10.2, 1.9.10, and 1.8.14...
CVE-2025-4922
Nomad Community and Nomad Enterprise “Nomad” prefix-based ACL policy lookup can lead to incorrect rule application and shadowing. This vulnerability, identified as CVE-2025-4922, is fixed in Nomad Community Edition 1.10.2 and Nomad Enterprise 1.10.2, 1.9.10, and 1.8.14...
CVE-2025-4922
Nomad Community and Nomad Enterprise “Nomad” prefix-based ACL policy lookup can lead to incorrect rule application and shadowing. This vulnerability, identified as CVE-2025-4922, is fixed in Nomad Community Edition 1.10.2 and Nomad Enterprise 1.10.2, 1.9.10, and 1.8.14...
CVE-2025-4922
CVE-2025-4922 affects Nomad Community Edition and Nomad Enterprise where a prefix-based ACL policy lookup can cause incorrect rule application and shadowing. Root cause details are not fully elaborated beyond this behavior in the provided documents, but fixes are specified: Nomad Community Editio...
CVE-2025-4922 Nomad Vulnerable To Incorrect ACL Policy Lookup Attached To A Job
Nomad Community and Nomad Enterprise “Nomad” prefix-based ACL policy lookup can lead to incorrect rule application and shadowing. This vulnerability, identified as CVE-2025-4922, is fixed in Nomad Community Edition 1.10.2 and Nomad Enterprise 1.10.2, 1.9.10, and 1.8.14...
CVE-2025-4922 Nomad Vulnerable To Incorrect ACL Policy Lookup Attached To A Job
Nomad Community and Nomad Enterprise “Nomad” prefix-based ACL policy lookup can lead to incorrect rule application and shadowing. This vulnerability, identified as CVE-2025-4922, is fixed in Nomad Community Edition 1.10.2 and Nomad Enterprise 1.10.2, 1.9.10, and 1.8.14...
PT-2025-25213
Name of the Vulnerable Software and Affected Versions Hashicorp Nomad versions prior to 1.10.2 Hashicorp Nomad versions prior to 1.9.10 Hashicorp Nomad versions prior to 1.8.14 Description The issue is related to prefix-based ACL policy lookup in Nomad Community and Nomad Enterprise, which can le...
The vulnerability of the ACL Policy component of the Nomad application orchestrator allows a perpetrator to gain access to confidential information.
The vulnerability of the ACL Policy component of the Nomad application orchestrator is related to incorrect authorization. Exploiting this vulnerability may allow a malicious actor, operating remotely, to gain access to confidential information...