GHSA-3M2G-V7JF-7FXC Apache Superset Improper Authorization allows low-privileged users to bypass access controls

An Improper Authorization vulnerability exists in Apache Superset that allows a low-privileged user to bypass data access controls. When creating a dataset, Superset enforces permission checks to prevent users from querying unauthorized data. However, an authenticated attacker with permissions to...

Apache Superset 安全漏洞

Apache Superset is a data visualization and data exploration platform from the Apache USA Foundation. A security bypass vulnerability exists in Apache Superset, which can be exploited by an attacker to bypass data access controls...

EUVD-2006-6361

Malware in sbrugna...

EUVD-2009-1086

Malware in sbrugna...

EUVD-2009-2302

Malware in sbrugna...

EUVD-2025-6910

Malicious code in bioql PyPI...

CVE-2021-40005

The distributed data service component has a vulnerability in data access control. Successful exploitation of this vulnerability may affect data confidentiality...

CVE-2018-14861

Improper data access control in Odoo Community 10.0 and 11.0 and Odoo Enterprise 10.0 and 11.0 allows authenticated users to perform a CSV export of the secure hashed passwords of other users...

CVE-2025-24843 Dario Health USB-C Blood Glucose Monitoring System Starter Kit Android Application Storage of Sensitive Data in a Mechanism without Access Control

Insecure file retrieval process that facilitates potential for file manipulation to affect product stability and confidentiality, integrity, authenticity, and attestation of stored data...

CVE-2023-31073 WordPress Shortcode to display post and user data plugin <= 1.2.0 - Broken Access Control vulnerability

Missing Authorization vulnerability in Jose Vega Display custom fields in the frontend – Post and User Profile Fields shortcode-to-display-post-and-user-data allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Display custom fields in the frontend – Post and...

CVE-2017-9711 Permissions, Privileges, and Access Controls in Data

Certain unprivileged processes are able to perform IOCTL calls...

CVE-2023-29066

The FACSChorus software does not properly assign data access privileges for operating system user accounts. A non-administrative OS account can modify information stored in the local application data folders...

CVE-2023-1832 Improper authorization check in the server component

An improper access control flaw was found in Candlepin. An attacker can create data scoped under another customer/tenant, which can result in loss of confidentiality and availability for the affected customer/tenant...

Microsoft achieves first native Cloud Data Management Capabilities certification

Today, Microsoft announced the successful completion of the Cloud Data Management Capabilities CDMC 14 Key Controls and Automations certification, conducted by Accenture and Avanade, accelerating the industry’s move to the cloud. The 14 Key Controls and Automations are a part of the EDM Council’s...

CVE-2021-40005

The distributed data service component has a vulnerability in data access control. Successful exploitation of this vulnerability may affect data confidentiality...

CVE-2021-40005

The distributed data service component has a vulnerability in data access control. Successful exploitation of this vulnerability may affect data confidentiality...

Design/Logic Flaw

The distributed data service component has a vulnerability in data access control. Successful exploitation of this vulnerability may affect data confidentiality...

CVE-2021-40005

The distributed data service component has a vulnerability in data access control. Successful exploitation of this vulnerability may affect data confidentiality...

CVE-2021-40005

The CVE-2021-40005 entry concerns Huawei HarmonyOS Wearables: the distributed data service component has an improper access control vulnerability that can lead to data confidentiality loss. Public references list affected software as the distributed data service within HarmonyOS Wearables, with d...

PT-2022-11129 · Huawei · Harmonyos

Name of the Vulnerable Software and Affected Versions: Distributed data service affected versions not specified Description: The issue is related to a vulnerability in data access control within the distributed data service component. This could potentially impact data confidentiality if...