CVE-2025-14777 Keycloak: keycloak idor in realm client creating/deleting

A flaw was found in Keycloak. An IDOR Broken Access Control vulnerability exists in the admin API endpoints for authorization resource management, specifically in ResourceSetService and PermissionTicketService. The system checks authorization against the resourceServer client ID provided in the A...

ALSA-2024:3661 Important: booth security update

The Booth cluster ticket manager is a component to bridge high availability clusters spanning multiple sites, in particular, to provide decision inputs to local Pacemaker cluster resource managers. It operates as a distributed consensus-based service, presumably on a separate physical network...

PT-2023-30149 · Sielco · Sielco Polyeco1000

Name of the Vulnerable Software and Affected Versions: Sielco PolyEco1000 affected versions not specified Description: The issue arises from an improper access control vulnerability. This occurs when the application provides direct access to objects based on user-supplied input, allowing attacker...

booth bug fix and enhancement update

An update is available for booth. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The Booth cluster ticket manager is a component to bridge high availability...