CVE-2026-2725

Incorrect authorization in the "submitted together" feature in Gerrit versions 2.12 and later allows an authenticated attacker with force push permissions on a secondary branch to bypass code review and forcefully submit code to restricted branches via a crafted submission matching the "topic" ta...

CVE-2026-2725

Incorrect authorization in the "submitted together" feature in Gerrit versions 2.12 and later allows an authenticated attacker with force push permissions on a secondary branch to bypass code review and forcefully submit code to restricted branches via a crafted submission matching the "topic" ta...

PT-2026-40576

Incorrect authorization in the "submitted together" feature in Gerrit versions 2.12 and later allows an authenticated attacker with force push permissions on a secondary branch to bypass code review and forcefully submit code to restricted branches via a crafted submission matching the "topic" ta...

EUVD-2005-0746

Malware in sbrugna...

EUVD-2024-46145

Malicious code in bioql PyPI...

EUVD-2021-9576

Malicious code in bioql PyPI...

CVE-2025-54997

OpenBao exists to provide a software solution to manage, store, and distribute sensitive data including secrets, certificates, and keys. In versions 2.3.1 and below, some OpenBao deployments intentionally limit privileged API operators from executing system code or making network connections...

CVE-2024-27933

Deno is a JavaScript, TypeScript, and WebAssembly runtime. In version 1.39.0, use of raw file descriptors in opnodeipcpipe leads to premature close of arbitrary file descriptors, allowing standard input to be re-opened as a different resource resulting in permission prompt bypass. Node childproce...

CVE-2025-32868

A vulnerability has been identified in TeleControl Server Basic All versions V3.1.2.2. The affected application is vulnerable to SQL injection through the internally used 'ExportCertificate' method. This could allow an authenticated remote attacker to bypass authorization controls, to read from a...

CVE-2025-32835

A vulnerability has been identified in TeleControl Server Basic All versions V3.1.2.2. The affected application is vulnerable to SQL injection through the internally used 'UpdateConnectionVariableArchivingBuffering' method. This could allow an authenticated remote attacker to bypass authorization...

Sandbox Bypass

Jinja is vulnerable to sandbox bypass. The vulnerability is due to an oversight in how the Jinja sandboxed environment interacts with the |attr filter, allowing attackers to execute arbitrary code execution ACE by bypassing the sandbox's attribute lookup...

CVE-2024-7345

CVE-2024-7345 involves a Local ABL Client bypassing PASOE security checks that can enable unauthorized code injection into OpenEdge Multi-Session Agents. Affected OpenEdge LTS platforms include versions up to 11.7.18 and 12.2.13 on all supported releases. Root cause: bypass of required PASOE secu...

Design/Logic Flaw

An issue in code signature validation was addressed with improved checks. This issue is fixed in macOS Big Sur 11.7, macOS Ventura 13, iOS 16, iOS 15.7 and iPadOS 15.7, macOS Monterey 12.6. An app may be able to bypass code signing checks...

Apple macOS 数据伪造问题漏洞

Apple macOS is a proprietary operating system developed by Apple Inc. for Mac computers. Apple macOS suffers from a data forgery vulnerability, which arises from an application that may be able to bypass code signature checks...

Design/Logic Flaw

An issue in code signature validation was addressed with improved checks. This issue is fixed in iOS 14.7, tvOS 14.7, watchOS 7.6. A malicious application may be able to bypass code signing checks...

PT-2021-20218 · Naver · Naver Toolbar

Name of the Vulnerable Software and Affected Versions: NAVER Toolbar versions prior to 4.0.30.323 Description: The issue allows remote attackers to execute arbitrary code via a crafted upgrade.xml file. Special characters in the filename parameter can bypass the code signing check function...

CVE-2020-3906

A logic issue was addressed with improved restrictions. This issue is fixed in macOS Catalina 10.15.4. A maliciously crafted application may be able to bypass code signing enforcement...

CVE-2020-3906

A logic issue was addressed with improved restrictions. This issue is fixed in macOS Catalina 10.15.4. A maliciously crafted application may be able to bypass code signing enforcement...

CVE-2018-13013

Improper check of unusual conditions when launching msiexec.exe in safensec.com SysWatch service in SAFE'N'SEC SoftControl/SafenSoft SysWatch, SoftControl/SafenSoft TPSecure, and SoftControl/SafenSoft Enterprise Suite before 4.4.9 allows the local attacker to bypass a code-signing protection...

CVE-2018-13013

Improper check of unusual conditions when launching msiexec.exe in safensec.com SysWatch service in SAFE'N'SEC SoftControl/SafenSoft SysWatch, SoftControl/SafenSoft TPSecure, and SoftControl/SafenSoft Enterprise Suite before 4.4.9 allows the local attacker to bypass a code-signing protection...