8 matches found
CVE-2026-5936
An attacker can control a server-side HTTP request by supplying a crafted URL, causing the server to initiate requests to arbitrary destinations. This behavior may be exploited to probe internal network services, access otherwise unreachable endpoints e.g., cloud metadata services, or bypass...
Keycloak 安全漏洞
Keycloak is an open-source identity and access management solution developed by Keycloak. Keycloak has a security vulnerability, which stems from the IdentityBrokerService.performLogin endpoint allowing authentication with disabled identity providers, potentially leading to bypass of access...
CVE-2022-33925
Dell Wyse Management Suite 3.6.1 and below contains an Improper Access control vulnerability in UI. An remote authenticated attacker could potentially exploit this vulnerability by bypassing access controls in order to download reports containing sensitive information...
Improper access control
Dell Wyse Management Suite 3.6.1 and below contains an Improper Access control vulnerability in UI. An remote authenticated attacker could potentially exploit this vulnerability by bypassing access controls in order to download reports containing sensitive information...
CVE-2021-30605
Inappropriate implementation in the ChromeOS Readiness Tool installer on Windows prior to 1.0.2.0 loosens DCOM access rights on two objects allowing an attacker to potentially bypass discretionary access controls...
JasperReports - (Authenticated) File Read
JasperReports - Authenticated File Read TIBCO’s JasperReports string = wrapper.getParameterValues"page" To: getResource @ DirResourceSet.java:101 file = new File/home/rhino/jasperreports...mcat/webapps/jasperserver,"/WEB-INF/jsp/modules/administer/adminImport.jsp" Due to a lack of input validatio...
The vulnerability of the Flash Player software allows a malicious actor to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability in Adobe Flash Player allows attackers to circumvent access restrictions...
The vulnerability of the Android operating system allows attackers to circumvent existing access restrictions, breach data confidentiality, or cause service failures.
The vulnerability of the Android operating system is related to deficiencies in access control for certain functions. Exploiting this vulnerability allows a malicious actor to bypass existing access restrictions, compromise data confidentiality, or cause service failures through a specially creat...