EUVD-2026-10449

SAP Solution Tools Plug-In ST-PI contains a function module that does not perform the necessary authorization checks for authenticated users, allowing system information to be disclosed. This vulnerability has a low impact on confidentiality and does not affect integrity or availability...

CVE-2025-71242

SPIP before 4.3.6, 4.2.17, and 4.1.20 allows unauthorized content disclosure in the private area. The application does not properly check authorization when displaying content of articles and sections rubriques in AJAX-loaded fragments, allowing an authenticated attacker to access restricted...

EUVD-2018-2979

Malware in sbrugna...

EUVD-2014-2550

Malware in sbrugna...

EUVD-2025-20349

Malicious code in bioql PyPI...

EUVD-2025-22264

Malicious code in bioql PyPI...

CVE-2024-5705

The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check. This allows attackers to bypass intended access restrictions. CWE-863 Hitachi Vantara Pentaho Business Analytics Server versions before 10.2.0...

CVE-2024-5705

Hitachi Vantara Pentaho Business Analytics Server is affected by CVE-2024-5705 due to incorrect authorization checks. Affected versions include Hitachi Vantara Pentaho BA Server prior to 10.2.0.0 and 9.3.0.9, including 8.3.x, where modules are enabled by default that allow execution of system-lev...

CVE-2024-34029 AD/LDAP Group Members Leak

Mattermost versions 9.5.x /channels//link endpoint which allows a user to learn the members of an AD/LDAP group that is linked to a team by adding the group to a channel, even if the user has no access to the team...