7341 matches found
CVE-2025-55301
The Scratch Channel CVE-2025-55301 affects version 1 of The Scratch Channel (the news site) where localStorage can be manipulated via the browser DevTools to edit the account username locally. This is a client-side storage integrity issue occurring in version 1; it was addressed in version 1.1. T...
PT-2025-34671 · Unknown · Scratch Channel
Name of the Vulnerable Software and Affected Versions: The Scratch Channel version 1 The Scratch Channel version 1.1 Description: The application allows modification of the account's username locally by accessing local storage through the developer tools. Recommendations: Update to version 1.1...
Ex-Developer Jailed Four Years for Sabotaging Ohio Employer with Kill-Switch Malware
A 55-year-old Chinese national has been sentenced to four years in prison and three years of supervised release for sabotaging his former employer's network with custom malware and deploying a kill switch that locked out employees when his account was disabled. Davis Lu, 55, of Houston, Texas, wa...
Security Bulletin: Multiple vulnerabilities in IBM Semeru Runtime affect Rational Business Developer
Summary There are multiple vulnerabilities in IBM Semeru Runtime used by Rational Business Developer. Rational Business Developer has provided fixes for the applicable CVEs. These issues were disclosed as part of the IBM Semeru Runtime Quarterly CPU - Oct 2024 - Includes OpenJDK July 2024 CPU plu...
Security Bulletin: Multiple vulnerabilities in IBM Semeru Runtime affect Rational Business Developer
Summary There are multiple vulnerabilities in IBM Semeru Runtime used by Rational Business Developer. Rational Business Developer has provided fixes for the applicable CVEs. These issues were disclosed as part of the IBM Semeru Runtime Quarterly CPU - Apr 2025 - Includes OpenJDK April 2025 CPU pl...
PandoraNext-TokensTool 安全漏洞
PandoraNext-TokensTool is a management software for PandoraNext by Clivia Personal Developer! A security vulnerability exists in PandoraNext-TokensTool version 0.6.8 and earlier, which stems from the ability to bypass authentication to access the API...
CVE-2025-31714
In Developer Tools, there is a possible missing verification incorrect input. This could lead to local escalation of privilege with no additional execution privileges needed...
Open-Shop 安全漏洞
Open-Shop is a small program mall by a Chinese old-peanut individual developer. A security vulnerability exists in Open-Shop 1.0.0 and earlier versions, which stems from vulnerability to cross-site request forgery attacks that could lead to access to sensitive information...
Important: Red Hat Security Advisory: Red Hat Developer Hub 1.7.0 release.
Red Hat Developer Hub 1.7.0 has been released. Red Hat Developer Hub RHDH is Red Hat's enterprise-grade, self-managed, customizable developer portal based on Backstage.io. RHDH is supported on OpenShift and other major Kubernetes clusters AKS, EKS, GKE. The core features of RHDH include a single...
CVE-2025-5417
An insufficient access control vulnerability was found in the Red Hat Developer Hub rhdh/rhdh-hub-rhel9 container image. The Red Hat Developer Hub cluster admin/user, who has standard user access to the cluster, and the Red Hat Developer Hub namespace, can access the rhdh/rhdh-hub-rhel9 container...
CVE-2025-5417 Rhdh: red hat developer hub user permissions
An insufficient access control vulnerability was found in the Red Hat Developer Hub rhdh/rhdh-hub-rhel9 container image. The Red Hat Developer Hub cluster admin/user, who has standard user access to the cluster, and the Red Hat Developer Hub namespace, can access the rhdh/rhdh-hub-rhel9 container...
CVE-2025-5417
An insufficient access control vulnerability was found in the Red Hat Developer Hub rhdh/rhdh-hub-rhel9 container image. The Red Hat Developer Hub cluster admin/user, who has standard user access to the cluster, and the Red Hat Developer Hub namespace, can access the rhdh/rhdh-hub-rhel9 container...
PT-2025-33706 · Red Hat · Red Hat Developer Hub Rhdh/Rhdh-Hub-Rhel9
Name of the Vulnerable Software and Affected Versions: Red Hat Developer Hub rhdh/rhdh-hub-rhel9 container image affected versions not specified Description: An insufficient access control issue exists in the Red Hat Developer Hub rhdh/rhdh-hub-rhel9 container image. A cluster admin/user with...
HUSTOJ 安全漏洞
HUSTOJ is a popular OJ system by the individual developer Zhang Haobin zhblue in China. A security vulnerability exists in HUSTOJ version 2025-01-31, which stems from parameter injection and could lead to cross-site scripting attacks...
Red Hat Developer Hub 安全漏洞
Red Hat Developer Hub is an enterprise-grade, internal developer platform from Red Hat USA. A security vulnerability exists in Red Hat Developer Hub that stems from insufficient access control and could lead to a cluster administrator modifying the contents of a mirror...
CVE-2025-31714
In Developer Tools, there is a possible missing verification incorrect input. This could lead to local escalation of privilege with no additional execution privileges needed...
CVE-2025-31714
In Developer Tools, there is a possible missing verification incorrect input. This could lead to local escalation of privilege with no additional execution privileges needed...
CVE-2025-31714
CVE-2025-31714 concerns a missing input verification vulnerability in the Developer Tools component of UNISOC chipsets. The flaw enables local privilege escalation without requiring additional execution privileges. Connected sources corroborate the issue's nature (missing input validation) and lo...
PT-2025-33625 · Unknown · Developer Tools
Name of the Vulnerable Software and Affected Versions: Developer Tools affected versions not specified Description: A missing input verification flaw exists in Developer Tools. This issue could allow for local escalation of privilege without requiring additional execution privileges...
WordPress School Management Plugin <= 93.2.0 - Broken Access Control Vulnerability
Broken Access Control Vulnerability discovered by Nguyen Kim Sang in WordPress Plugin School Management versions = 93.2.0...