GHSA-H336-2WXM-PR6Q OpenViking contains a missing authorization vulnerability in the task polling endpoints

OpenViking versions prior to 0.3.3 contain a missing authorization vulnerability in the task polling endpoints that allows unauthorized attackers to enumerate or retrieve background task metadata created by other users. Attackers can access the /api/v1/tasks and /api/v1/tasks/taskid routes withou...

OpenViking 安全漏洞

OpenViking is an open-source artificial intelligence agent-based context database developed by Volcengine. Versions of OpenViking prior to 0.3.3 contained security vulnerabilities. These vulnerabilities stemmed from lack of authorization, which could allow unauthorized attackers to enumerate or...

Huawei HarmonyOS Type Check Not Strict Vulnerability

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. Huawei HarmonyOS suffers from a type-checking laxity vulnerability, which stems from a type-checking laxity in the background task service module. An attacke...

Huawei HarmonyOS 安全漏洞

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. Huawei HarmonyOS suffers from a type-checking laxity vulnerability, which stems from a type-checking laxity in the background task service module. An attacke...

OpenHarmony 安全漏洞

OpenHarmony is a kind of Hongmeng operating system open source project of China OpenAtom Foundation OpenAtom Foundation Foundation. A security vulnerability exists in OpenHarmony version v4.0.0 and prior versions, which stems from a background task management privilege bypass vulnerability...

CVE-2024-21816 Background task manager has an improper preservation of permissions vulnerability

in OpenHarmony v4.0.0 and prior versions allow a local attacker cause information leak through improper preservation of permissions...

PT-2023-25261 · Google · Android

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue is related to an unsafe PendingIntent in the createQuickShareAction of SaveImageInBackgroundTask.java. This could lead to a background activit...

macOS Ventura Background Task Flaws Can Be Exploited for Malware

By Habiba Rashid Renowned Mac security researcher Patrick Wardle recently unveiled potential weaknesses within Apples macOS Ventura, shedding light on vulnerabilities… This is a post from HackRead.com Read the original post: macOS Ventura Background Task Flaws Can Be Exploited for Malware...

An Apple Malware-Flagging Tool Is ‘Trivially’ Easy to Bypass

The macOS Background Task Manager tool is supposed to spot potentially malicious software on your machine. But a researcher says it has troubling flaws...

XXL-JOB 操作系统命令注入漏洞

XXL-JOB is a distributed task scheduling platform based on java language from XU Xueli XXL-JOB community. XXL-JOB version 2.2.0 suffers from an operating system command injection vulnerability, which stems from a command execution vulnerability in a background task...