Nezha Monitoring: Nezha WebSocket server stream discloses cross-tenant server telemetry to authenticated members

Summary Any authenticated non-admin member can connect to the server-status WebSocket and receive telemetry for all servers, including servers owned by other users. The normal server list API filters objects by HasPermission, but the WebSocket stream treats the presence of any authenticated user ...

CVE-2026-9251

Missing authorization in the entry status management feature in Devolutions Server allows a non-administrator authenticated user to bypass the administrator-enforced Pending Approval flow and gain access to an entry's data via a crafted status change request. This issue affects : Devolutions Serv...

CVE-2026-28786

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to version 0.8.6, an unsanitized filename field in the speech-to-text transcription endpoint allows any authenticated non-admin user to trigger a FileNotFoundError whose message — including th...

CVE-2026-28786 Open WebUI vulnerable to Path Traversal in `POST /api/v1/audio/transcriptions`

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to version 0.8.6, an unsanitized filename field in the speech-to-text transcription endpoint allows any authenticated non-admin user to trigger a FileNotFoundError whose message — including th...

CVE-2026-33469 Authenticated Frigate users can read the full unredacted configuration via `/api/config/raw

Frigate is a network video recorder NVR with realtime local object detection for IP cameras. In version 0.17.0, an authenticated non-admin user can retrieve the full raw Frigate configuration through /api/config/raw. This exposes sensitive values that are intentionally redacted from /api/config,...

EUVD-2026-9437

A vulnerability in the CLI of Cisco Secure Firewall Adaptive Security Appliance ASA Software in multiple context mode could allow an authenticated, local attacker with administrative privileges in one context to copy files to or from another context, including configuration files. This...

CVE-2021-22035

VMware vRealize Log Insight 8.x prior to 8.6 contains a CSVComma Separated Value injection vulnerability in interactive analytics export function. An authenticated malicious actor with non-administrative privileges may be able to embed untrusted data prior to exporting a CSV sheet through Log...

EUVD-2022-37321

Malicious code in bioql PyPI...

EUVD-2025-27857

Malicious code in bioql PyPI...

CVE-2025-2180

An unsafe deserialization vulnerability in Palo Alto Networks Checkov by Prisma® Cloud allows an authenticated user to execute arbitrary code as a non administrative user by scanning a malicious terraform file when using Checkov in Prisma® Cloud. This issue impacts Checkov 3.0 versions earlier th...

CVE-2025-2180 Checkov by Prisma Cloud: Unsafe Deserialization of Terraform Files Allows Code Execution

An unsafe deserialization vulnerability in Palo Alto Networks Checkov by Prisma® Cloud allows an authenticated user to execute arbitrary code as a non administrative user by scanning a malicious terraform file when using Checkov in Prisma® Cloud. This issue impacts Checkov 3.0 versions earlier th...

CVE-2025-3773

A sensitive information exposure vulnerability in System Information Reporter SIR 1.0.3 and prior allows an authenticated non-admin local user to extract sensitive information stored in a registry backup folder...

PT-2024-6828 · Sap · Sap Shared Service Framework

Name of the Vulnerable Software and Affected Versions: SAP Shared Service Framework affected versions not specified Description: The issue is related to insufficient authorization procedures in the SAP Shared Service Framework, allowing a remote attacker to elevate their privileges. An...

PT-2023-4593 · Cisco · Cisco Nexus 3000 Series Switches +3

Name of the Vulnerable Software and Affected Versions: Cisco Nexus 3000 Series Switches and 9000 Series Switches in standalone NX-OS mode affected versions not specified Description: A vulnerability in the SFTP server implementation could allow an authenticated, remote attacker to download or...

CVE-2023-27897

In SAP CRM - versions 700, 701, 702, 712, 713, an attacker who is authenticated with a non-administrative role and a common remote execution authorization can use a vulnerable interface to execute an application function to perform actions which they would not normally be permitted to perform...

CVE-2022-34385

SupportAssist for Home PCs version 3.11.4 and prior and SupportAssist for Business PCs version 3.2.0 and prior contain cryptographic weakness vulnerability. An authenticated non-admin user could potentially exploit the issue and obtain sensitive information...

Session fixation

SupportAssist for Home PCs versions 3.11.4 and prior contain an insufficient session expiration Vulnerability. An authenticated non-admin user can be able to obtain the refresh token and that leads to reuse the access token and fetch sensitive information...

CVE-2022-34366

Dell SupportAssist for Home PCs version 3.11.2 and prior contain Overly Permissive Cross-domain Whitelist vulnerability. An authenticated non-admin user could potentially exploit the issue and obtain sensitive information...

CVE-2022-41264

Due to the unrestricted scope of the RFC function module, SAP BASIS - versions 731, 740, 750, 751, 752, 753, 754, 755, 756, 757, 789, 790, 791, allows an authenticated non-administrator attacker to access a system class and execute any of its public methods with parameters provided by the attacke...

SAP Basis 代码注入漏洞

SAP Basis is a content management system. SAP Basis suffers from a code injection vulnerability that stems from the unrestricted scope of its RFC function modules allowing an authenticated, non-administrator attacker to access a system class and execute any of its public methods using...