PT-2026-34183

HKUDS OpenHarness prior to PR 147 remediation contains an insecure default configuration vulnerability where remote channels inherit allow from = "" permitting arbitrary remote senders to pass admission checks. Attackers who can reach the configured channel can bypass access controls and reach...

CVE-2025-24787

CVE-2025-24787 affects WhoDB, where unsafe construction of database connection URIs (string concatenation) can inject parameters into the URI. Attackers can leverage the go-sql-driver/mysql parameter allowAllFiles to trigger LOAD DATA LOCAL INFILE, enabling local-file disclosure on the host runni...

CVE-2025-24787 Parameter injection in DB connection URIs leading to local file inclusion in WhoDB

WhoDB is an open source database management tool. In affected versions the application is vulnerable to parameter injection in database connection strings, which allows an attacker to read local files on the machine the application is running on. The application uses string concatenation to build...

PT-2025-5857

Name of the Vulnerable Software and Affected Versions WhoDB versions prior to 0.45.0 Description The application is vulnerable to parameter injection in database connection strings, allowing an attacker to read local files on the machine the application is running on. This is due to the use of...

OAuthenticator Security Vulnerability

OAuthenticator is an OAuth token library for the JupyerHub login handler. A security vulnerability exists in OAuthenticator version 16.3.0 and earlier, which stems from the fact that the allowall configuration item took precedence over the identityprovider configuration item starting in JupyterHu...

SUSE CVE-2024-34346

Deno is a JavaScript, TypeScript, and WebAssembly runtime with secure defaults. The Deno sandbox may be unexpectedly weakened by allowing file read/write access to privileged files in various locations on Unix and Windows platforms. For example, reading /proc/self/environ may provide access...

CVE-2024-34346 Deno contains a permission escalation via open of privileged files with missing `--deny` flag

Deno is a JavaScript, TypeScript, and WebAssembly runtime with secure defaults. The Deno sandbox may be unexpectedly weakened by allowing file read/write access to privileged files in various locations on Unix and Windows platforms. For example, reading /proc/self/environ may provide access...

CVE-2023-30851

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. This issue only impacts users who have a HTTP policy that applies to multiple toEndpoints AND have an allow-all rule in place that affects only one of those endpoints. In such cases, a wildcard rule will be...

CVE-2023-30851 Potential HTTP policy bypass when using header rules in Cilium

Cilium is a networking, observability, and security solution with an eBPF-based dataplane. This issue only impacts users who have a HTTP policy that applies to multiple toEndpoints AND have an allow-all rule in place that affects only one of those endpoints. In such cases, a wildcard rule will be...

K04280042: BIG-IP ASM vulnerability CVE-2019-6650

Security Advisory Description F5 BIG-IP ASM may expose sensitive information and allow the system configuration to be modified when using non-default settings. CVE-2019-6650 Impact The vulnerability is only present on multi-bladed systems VIPRION with BIG-IP ASM provisioned, on the following...

proftpd IP address access control list breakage

Jindrich Makovicka reports a regression in proftpd's handling of IP address access control lists IP ACLs. Due to this regression, some IP ACLs are treated as allow all''...