GHSA-54MC-GGHV-4CFJ SQLAdmin: Authorization Bypass on `ajax_lookup`

Impact The ajaxlookup endpoint in application.py bypasses the isaccessible access control check that all other endpoints enforce. If a developer restricts model access by overriding isaccessible, an authenticated user can still query that model's data through the ajaxlookup endpoint — silently...

PT-2026-30336

Name of the Vulnerable Software and Affected Versions AVideo versions 26.0 and prior Description The plugin/CloneSite/client.log.php endpoint serves the clone operation log file without authentication. Other endpoints in the CloneSite plugin directory enforce User::isAdmin. The log contains...

CVE-2026-33302

OpenEMR prior to version 8.0.0.2 contains an ACL logic bug in the zhAclCheck function: it only checks for any allowed entry and does not enforce explicit denies (allowed=0). This means a user or group marked as deny can still gain access if they are in a group with an allowed entry. The issue can...

UBUNTU-CVE-2023-54313

In the Linux kernel, the following vulnerability has been resolved: ovl: fix null pointer dereference in ovlgetaclrcu Following process: P1 P2 pathopenat linkpathwalk maylookup inodepermissionrcu ovlpermission aclpermissioncheck checkacl getcachedaclrcu ovlgetinodeacl realinode =...

EUVD-2025-30885

Malicious code in bioql PyPI...

CVE-2024-38292

In Extreme Networks XIQ-SE before 24.2.11, due to a missing access control check, a path traversal is possible, which may lead to privilege escalation...

GO-2024-2979 Cache driver GetBlob() allows read access to any blob without access control check in zotregistry.dev/zot

Cache driver GetBlob allows read access to any blob without access control check in zotregistry.dev/zot. NOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions. If this is causing false-positive reports from...

CVE-2021-39916

Lack of an access control check in the External Status Check feature allowed any authenticated user to retrieve the configuration of any External Status Check in GitLab EE starting from 14.1 before 14.3.6, all versions starting from 14.4 before 14.4.4, all versions starting from 14.5 before 14.5....

Authentication flaw

AVE DOMINAplus =1.10.x suffers from an authentication bypass vulnerability due to missing control check when directly calling the autologin GET parameter in changeparams.php script. Setting the autologin value to 1 allows an unauthenticated attacker to permanently disable the authentication...

CVE-2020-21991

AVE DOMINAplus =1.10.x suffers from an authentication bypass vulnerability due to missing control check when directly calling the autologin GET parameter in changeparams.php script. Setting the autologin value to 1 allows an unauthenticated attacker to permanently disable the authentication...

NewStart CGSL CORE 5.04 / MAIN 5.04 : kernel Multiple Vulnerabilities (NS-SA-2020-0041)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has kernel packages installed that are affected by multiple vulnerabilities: - In the Linux kernel before 4.1.4, a buffer overflow occurs when checking userspace params in drivers/media/dvb-frontends/cx24116.c. The maximum size...

Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2018-1232)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

AVE DOMINAplus 1.10.x - Authentication Bypass

AVE DOMINAplus 1.10.x - Authentication Bypass Exploit: AVE DOMINAplus 1.10.x - Authentication Bypass Date: 2019-12-30 Author: LiquidWorm Vendor: AVE S.p.A. Product web page: https://www.ave.it | https://www.domoticaplus.it Affected version: Web Server Code 53AB-WBS - 1.10.62 Advisory ID:...

AVE DOMINAplus 1.10.x Authentication Bypass

AVE DOMINAplus =1.10.x Authentication Bypass Exploit Vendor: AVE S.p.A. Product web page: https://www.ave.it | https://www.domoticaplus.it Affected version: Web Server Code 53AB-WBS - 1.10.62 Touch Screen Code TS01 - 1.0.65 Touch Screen Code TS03x-V | TS04X-V - 1.10.45a Touch Screen Code TS05 -...

Synaccess netBooter NP-02x / NP-08x 6.8 Authentication Bypass

Synaccess netBooter NP-02x/NP-08x 6.8 Authentication Bypass Vendor: Synaccess Networks Inc. Product web page: https://www.synaccess-net.com Affected version: NP-0201D ver 6.8C NP-02 ver 6.5C NP-02 ver 6.4BC NP-0801D ver 6.4A NP-08 ver 6.10 NP-02 ver 5.53BC Summary: netBooter NP-02B and NP-02BH...

Virtuozzo 7 : readykernel-patch (VZA-2018-038)

According to the version of the vzkernel package and the readykernel-patch installed, the Virtuozzo installation on the remote host is affected by the following vulnerabilities : - Linux kernel before version 4.16-rc7 is vulnerable to a null pointer dereference in dccpwritexmit function in...

Concrete CMS: 'cnvID' parameter vulnerable to Insecure Direct Object References

Installation Information === IIS 8, PHP 5.5, Concrete5 5.7.5.7 Default install Issue POC An unauthenticated user can enumerate comments from all blog posts by POSTing requests to /index.php/tools/required/conversations/viewajax with incremental 'cnvID' integers. 1. An example blog with permission...

CVE-2017-7589

In OpenIDM through 4.0.0 before 4.5.0, the info endpoint may leak sensitive information upon a request by the "anonymous" user, as demonstrated by responses with a 200 HTTP status code and a JSON object containing IP address strings. This is related to a missing access-control check in...

Design/Logic Flaw

In OpenIDM through 4.0.0 before 4.5.0, the info endpoint may leak sensitive information upon a request by the "anonymous" user, as demonstrated by responses with a 200 HTTP status code and a JSON object containing IP address strings. This is related to a missing access-control check in...

Debian Security Advisory DSA 3433-1 (samba - security update)

Several vulnerabilities have been discovered in Samba, a SMB/CIFS file, print, and login server for Unix. The Common Vulnerabilities and Exposures project identifies the following issues: CVE-2015-3223 Thilo Uttendorfer of Linux Information Systems AG discovered that a malicious request can cause...