Astra Linux - уязвимость в subversion

The Subversion’s modauthzsvn module will crash if the server uses in-repository authz rules with the AuthzSVNReposRelativeAccessFile option, and a client sends a request for a non-existent repository URL. This can cause disruptions for users of the service. This issue has been fixed in...

Exploit for CVE-2026-33186

CVE-2026-33186 gRPC-Go RBAC Authorization Policy Bypass via M...

CVE-2026-33186

gRPC-Go is the Go language implementation of gRPC. Versions prior to 1.79.3 have an authorization bypass resulting from improper input validation of the HTTP/2 :path pseudo-header. The gRPC-Go server was too lenient in its routing logic, accepting requests where the :path omitted the mandatory...

com.expediagroup.apiary:apiary-ranger-metastore-plugin (>=7.2.1 <=8.1.15), com.witboost.provisioning:scala-mesh-ranger_2.13 (=1.0.0) +67 more potentially affected by CVE-2025-59059 via org.apache.ranger:ranger-plugins-common (>=0.6.0 <=2.7.0)

org.apache.ranger:ranger-plugins-common MAVEN version =0.6.0, =7.2.1, =0.8.44-4, =0.18.0, =466, =0.6.0-incubating, =0.8.0-incubating, =1.6.0-incubating, =1.6.0-incubating, =0.3.0, =0.3.0, =1.1.0, =1.1.0, =2.0.0, =1.3.0, =2.0.0 and more Source cves: CVE-2025-59059 Source advisory:...

MiracleLinux 7 : pki-core-10.5.1-13.1.el7 (AXSA:2018-3231:02)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2018-3231:02 advisory. pki-core: Mishandled ACL configuration in AAclAuthz.java reverses rules that allow and deny access CVE-2018-1080 Tenable has extracted the preceding...

CVE-2021-41135

The Cosmos-SDK is a framework for building blockchain applications in Golang. Affected versions of the SDK were vulnerable to a consensus halt due to non-deterministic behaviour in a ValidateBasic method in the x/authz module. The MsgGrant of the x/authz module contains a Grant field which includ...

EUVD-2021-2140

Malware in sbrugna...

EUVD-2018-8241

Malware in sbrugna...

airflow-add-ons (>=0.2.7 <=0.2.15), airflow-aws-shared-secrets (>=0.0.1 <=0.0.5) +101 more potentially affected by CVE-2025-5279 via redshift-connector (>=2.0.888 <=2.1.2)

redshift-connector PYPI version =2.0.888, =0.2.7, =0.0.1, =0.1.0, =0.1.0, =0.1.0, =0.0.3, =0.1.0, =3.1.0rc1, =1.0.0, =0.1.1, =2.0.0, =3.0.0rc2 and more Source cves: CVE-2025-5279 Source advisory: OSV:GHSA-R244-WG5G-6W2R...

Malicious code in auth0-authz (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e5de2600b08c1473abec0bac3c49bbcd4fa9626350cd3eb9c2d325cda30b0381 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2025-3818 Malicious code in auth0-authz (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e5de2600b08c1473abec0bac3c49bbcd4fa9626350cd3eb9c2d325cda30b0381 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Security Bulletin: IBM Instana Observability is vulnerable to AuthZ Plugin Bypass and Privilege Escalation

Summary Vulnerability in Docker Engine that could allow attackers to bypass authorization plugins AuthZ was remediated in IBM Observability with Instana Build 279. CVE-2024-41110 Vulnerability Details CVEID:CVE-2024-41110 DESCRIPTION: Moby is an open-source project created by Docker for software...

Malicious code in id-assert-authz-grant-client (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 17fc73e5465b1055fbe2c1e33fd53d7b12d3ba44276ed9b4bdd77537d89dba51 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

ROS-20241121-04

Vulnerability of authorization plugins AuthZ of the software for automating deployment and management of applications in containerized environments Docker Engine is related to flaws in the AuthZ plugin. application management in containerization-enabled environments Docker Engine is related to...

EulerOS 2.0 SP11 : docker-engine (EulerOS-SA-2024-2551)

According to the versions of the docker-engine packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Moby is an open-source project created by Docker for software containerization. A security vulnerability has been detected in certain...

Huawei EulerOS: Security Advisory for docker-engine (EulerOS-SA-2024-2385)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP9 : docker-engine (EulerOS-SA-2024-2385)

According to the versions of the docker-engine packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Moby is an open source container framework that is a key component of Docker Engine, Docker Desktop, and other distributions of container...

EulerOS 2.0 SP10 : docker-engine (EulerOS-SA-2024-2434)

According to the versions of the docker-engine packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Moby is an open source container framework that is a key component of Docker Engine, Docker Desktop, and other distributions of container...

Huawei EulerOS: Security Advisory for docker-engine (EulerOS-SA-2024-2434)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP9 : docker-engine (EulerOS-SA-2024-2360)

According to the versions of the docker-engine packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : Moby is an open source container framework that is a key component of Docker Engine, Docker Desktop, and other distributions of container...