CVE-2025-63783

A Broken Object Level Authorization BOLA vulnerability was discovered in the tRPC project mutation APIs update, delete, add/remove tag of the Onlook web application 0.2.32. The vulnerability exists because the API fails to verify the ownership or membership of the currently authenticated user for...

EUVD-2019-2220

Malware in sbrugna...

The vulnerability of the PCMan FTP Server relates to the occurrence of operations beyond the buffer boundaries in memory. This allows attackers to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the PCMan FTP Server relates to the execution of operations beyond the buffer boundaries during the processing of the mget parameter. Exploiting this vulnerability allows a remote attacker to compromise the confidentiality, integrity, and accessibility of the protected...

The vulnerability of the UpdateOpcSettings method in the software for managing and monitoring removed objects in telemetry and telemechanics systems, allowing a perpetrator to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the UpdateOpcSettings method in the software for managing and monitoring removed objects in telemetry and telemechanics systems, such as the TeleControl Server Basic, is related to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allo...

PT-2023-6779 · Аврора · Аврора

Name of the Vulnerable Software and Affected Versions: Аврора affected versions not specified Description: The issue is related to a flaw in the notification mechanism of the Аврора operating system, specifically concerning insufficient permission control for applications sending notifications...

The vulnerability of the cbstream.sys component of the Carbon Black monitoring system allows a perpetrator to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the cbstream.sys component of the Carbon Black monitoring system is related to deficiencies in access control. Exploiting this vulnerability allows a malicious actor to compromise the confidentiality, integrity, and accessibility of the protected information by interacting wi...

The vulnerability of the system call in the TrustZone of the Android CAF-release operating system allows a perpetrator to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the TrustZone system call in the Android CAF-release operating system arises from the execution of operations outside the buffer in memory. Exploiting this vulnerability allows a malicious actor to compromise the confidentiality, integrity, and accessibility of the protected...

Vulnerabilities in the Debian GNU/Linux operating system that allow a malicious individual to compromise the confidentiality, integrity, and accessibility of protected information

The multiple vulnerabilities in the linux-headers-2.6.18-5-sparc64 package of the Debian GNU/Linux operating system may lead to breaches of confidentiality, integrity, and accessibility of protected information...

Vulnerabilities in the Debian GNU/Linux operating system that allow a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information

The multiple vulnerabilities in the gitk package of the Debian GNU/Linux operating system may lead to breaches of the confidentiality, integrity, and accessibility of protected information. These vulnerabilities can be exploited remotely...

Vulnerabilities in the OpenSUSE operating system that allow malicious actors to compromise the confidentiality, integrity, and accessibility of protected information

The multiple vulnerabilities in the ndiswrapper-kmp-xenpae package of the OpenSUSE operating system can lead to breaches of confidentiality, integrity, and accessibility of protected information. These vulnerabilities can be exploited remotely...

Vulnerabilities of the Red Hat Enterprise Linux operating system that allow malicious actors to compromise the confidentiality, integrity, and accessibility of protected information

The multiple vulnerabilities in the abrt-desktop-2.0.8 package of the Red Hat Enterprise Linux operating system can lead to violations of confidentiality, integrity, and accessibility of protected information. These vulnerabilities can be exploited locally...