CVE-2022-49221 drm/msm/dp: populate connector of struct dp_panel

In the Linux kernel, the following vulnerability has been resolved: drm/msm/dp: populate connector of struct dppanel DP CTS test case 4.2.2.6 has valid edid with bad checksum on purpose and expect DP source return correct checksum. During drm edid read, correct edid checksum is calculated and...

CVE-2022-49056

CVE-2022-49056 entry is rejected/not used per the Initial Description.

CVE-2022-49056

...

CVE-2024-45426

Incorrect ownership assignment in some Zoom Workplace Apps may allow a privileged user to conduct an information disclosure via network access...

CVE-2024-45426 Zoom Workplace Apps - Incorrect Ownership Assignment

Incorrect ownership assignment in some Zoom Workplace Apps may allow a privileged user to conduct an information disclosure via network access...

CVE-2024-45426

CVE-2024-45426 : Affected product is Zoom Workplace Apps. The root cause is an incorrect ownership assignment that can permit a privileged user to disclose information over the network. Reported impact is solely on confidentiality (high), with no integrity/availability effects per the sources. Th...

Zoom Workplace 安全漏洞

Zoom Workplace is a desktop application from Zoom USA. A security vulnerability exists in Zoom Workplace that stems from an improper assignment of ownership and could lead to information disclosure...

openSUSE Security Advisory (SUSE-SU-2024:2790-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

The vulnerability of the Linux operating system’s USB kernel component, which allows a hacker to cause a service failure

The vulnerability of the Linux operating system’s USB kernel component is related to the assignment of the NULL pointer. Exploiting this vulnerability can allow an attacker to cause a service failure...

PYSEC-2025-31

vyper is a Pythonic Smart Contract Language for the EVM. Vyper handles AugAssign statements by first caching the target location to avoid double evaluation. However, in the case when target is an access to a DynArray and the rhs modifies the array, the cached target will evaluate first, and the...

CVE-2024-56000

Incorrect Privilege Assignment vulnerability in SeventhQueen K Elements k-elements allows Privilege Escalation.This issue affects K Elements: from n/a through 5.4.0...

CVE-2025-0422 Authenticated Remote Code Execution via ScriptVar

An authenticated user in the "bestinformed Web" application can execute commands on the underlying server running the application. Remote Code Execution For this, the user must be able to create "ScriptVars" with the type „script" and preview them by, for example, creating a new "Info". By defaul...

WordPress plugin K Elements 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...

Duplicate Advisory: Keycloak allows Incorrect Assignment of an Organization to a User

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-gvgg-2r3r-53x7. This link is maintained to preserve external references. Original Description A flaw was found in the Keycloak organization feature, which allows the incorrect assignment of an organization to a...

CVE-2025-1391

A flaw was found in the Keycloak organization feature, which allows the incorrect assignment of an organization to a user if their username or email matches the organization’s domain pattern. This issue occurs at the mapper level, leading to misrepresentation in tokens. If an application relies o...

CVE-2025-1391

CVE-2025-1391 : The issue is an improper authorization in the Keycloak organization mapper, where a user can be misrepresented as belonging to an organization in tokens if their username or email matches the organization’s domain pattern. The flaw is confined to token claims and does not imply tr...

CVE-2025-1391

A flaw was found in the Keycloak organization feature, which allows the incorrect assignment of an organization to a user if their username or email matches the organization’s domain pattern. This issue occurs at the mapper level, leading to misrepresentation in tokens. If an application relies o...

Keycloak 访问控制错误漏洞

Keycloak is an open source identity and access management solution from Keycloak Open Source. Keycloak suffers from an access control error vulnerability that stems from a user-organization domain pattern mismatch in the organization function. An attacker exploiting this vulnerability could be...

The vulnerability of FortiOS operating systems, related to incorrect privilege assignment, allows attackers to elevate their privileges.

The vulnerability of FortiOS operating systems is related to the improper assignment of privileges. Exploiting this vulnerability can allow a malicious actor to enhance their privileges remotely...

Advisory ROSA-SA-2025-2696

Software: systemd 239 OS: ROSA Virtualization 3.0 packageevrstring: systemd-239-78.0.1 CVE-ID: CVE-2019-3843 BDU-ID: 2022-00318 CVE-Crit: MEDIUM. CVE-DESC.: A vulnerability in the systemd service initialization and management subsystem is related to improper privilege assignment. Exploitation of...