CVE-2024-56323

OpenFGA Open Authorization Engine (versions v1.3.8–v1.8.2; Helm openfga-0.1.38–0.2.19; docker 1.3.8–1.8.2) contains a critical authorization bypass vulnerability (CVE-2024-56323). Root cause: when a model uses conditions and contextual tuples are provided in Check or ListObjects calls, and OPENFG...

CVE-2024-56323 OpenFGA Authorization Bypass

OpenFGA is an authorization/permission engine. IN OpenFGA v1.3.8 to v1.8.2 Helm chart openfga-0.1.38 to openfga-0.2.19, docker v1.3.8 to v.1.8.2 are vulnerable to authorization bypass under the following conditions: 1. calling Check API or ListObjects with a model that uses conditions, and 2...

GHSA-32Q6-RR98-CJQV OpenFGA Authorization Bypass

Overview OpenFGA v1.3.8 to v1.8.2 Helm chart openfga-0.1.38 to openfga-0.2.19, docker v1.3.8 to v.1.8.2 are vulnerable to authorization bypass when certain Check and ListObject calls are executed. Am I Affected? You are affected by this authorization bypass vulnerability if you are using OpenFGA...

OpenFGA Authorization Bypass

Overview OpenFGA v1.3.8 to v1.8.2 Helm chart openfga-0.1.38 to openfga-0.2.19, docker v1.3.8 to v.1.8.2 are vulnerable to authorization bypass when certain Check and ListObject calls are executed. Am I Affected? You are affected by this authorization bypass vulnerability if you are using OpenFGA...

CVE-2025-21593

Summary (supported by provided documents): CVE-2025-21593 is an improper resource lifecycle control vulnerability in Juniper Junos OS and Junos OS Evolved dengan rpd, exploitable by an unauthenticated network attacker on devices with SRv6 enabled. The attacker can send malformed BGP UPDATE packet...

U.S. Dept Of Defense: ASP.NET Application Trace Enabled

The ASP.NET application trace feature was enabled on a public-facing URL, which exposed sensitive internal information, including Session ID values and the physical file paths of server-side resources. This vulnerability could have allowed attackers to gain unauthorized insights into the server...

PT-2025-1009 · Juniper Networks · Junos Evolved +1

Name of the Vulnerable Software and Affected Versions: Junos OS versions 21.2R3-S8 through 21.2R3-S9 Junos OS versions 21.4R3-S7 through 21.4R3-S9 Junos OS versions 22.2R3-S4 through 22.2R3-S5 Junos OS versions 22.3R3-S2 through 22.3R3-S4 Junos OS versions 22.4R3 through 22.4R3-S5 Junos OS versio...

OneDev Unauthenticated Arbitrary File Read

This module exploits an unauthenticated arbitrary file read vulnerability CVE-2024-45309, which affects OneDev versions use auxiliary/gather/onedevarbitraryfileread msf auxiliaryonedevarbitraryfileread show actions ...actions... msf auxiliaryonedevarbitraryfileread set ACTION msf...

CVE-2025-21611 tgstation-server's role authorization incorrectly OR'd with user's enabled status

tgstation-server is a production scale tool for BYOND server management. Prior to 6.12.3, roles used to authorize API methods were incorrectly OR'd instead of AND'ed with the role used to determine if a user was enabled. This allows enabled users access to most, but not all, authorized actions...

CVE-2025-21611

CVE-2025-21611 affects tgstation-server (BYOND server management). Before version 6.12.3, the authorization check for API methods used OR between the user-enabled status and the role, instead of AND. This error allowed enabled users to access most authorized actions regardless of their permission...

bind9: Preparing an NSEC3 closest encloser proof can exhaust CPU resources

A flaw was found in bind9. By flooding a DNSSEC resolver with responses coming from a DNSEC-signed zone using NSEC3, an attacker can lead the targeted resolver to a CPU exhaustion, further leading to a Denial of Service on the targeted host. This vulnerability applies only for systems where DNSSE...

bind9: KeyTrap - Extreme CPU consumption in DNSSEC validator

Processing specially crafted responses coming from DNSSEC-signed zones can lead to uncontrolled CPU usage, leading to a Denial of Service in the DNSSEC-validating resolver side. This vulnerability applies only for systems where DNSSEC validation is enabled...

USN-7181-1 salt vulnerability

It was discovered that Salt incorrectly handled web requests when the SSH client was enabled. An attacker could possibly use this issue to achieve remote code execution or obtain sensitive information...

PT-2025-4299 · Unknown · Tgstation-Server

Name of the Vulnerable Software and Affected Versions: tgstation-server versions prior to 6.12.3 Description: The issue concerns improper role authorization in tgstation-server, a production-scale tool for BYOND server management. Prior to version 6.12.3, roles used to authorize API methods were...

CVE-2024-11184

The CVE-2024-11184 issue affects the wp-enable-svg WordPress plugin, specifically versions 0.7 and earlier, where uploaded SVG files are not sanitized. The underlying vulnerability enables stored XSS, with exploitation possible by users with author-level access or higher, potentially delivering m...

PT-2025-39834

Name of the Vulnerable Software and Affected Versions VMware Aria Operations and VMware Tools versions prior to fixes available since October 2024 open-vm-tools versions prior to 2:11.3.0-2ubuntu0ubuntu20.04.8+esm1 VMware Cloud Foundation 4.x and 5.x, 9.xxx, 13.xxx vSphere Foundation 9.xxx, 13.xx...

PT-2025-36318

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel related to the 8250 serial driver. When the PSLVERR RESP EN parameter is set to 1, the device can generate an error response when attempting to read an...

GHSA-WGQQ-9QH8-WVQV OpenShift Hive RCE through AWS/Kubernetes client configuration leads to privilege escalation

A flaw was found in the Hive ClusterDeployments resource in OpenShift Dedicated. In certain conditions, this issue may allow a developer account on a Hive-enabled cluster to obtain cluster-admin privileges by executing arbitrary commands on the hive/hive-controllers pod...

CVE-2024-56620

In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: qcom: Only free platform MSIs when ESI is enabled Otherwise, it will result in a NULL pointer dereference as below: Unable to handle kernel NULL pointer dereference at virtual address 0000000000000008 Call trace:...

CVE-2024-56647

In the Linux kernel, the following vulnerability has been resolved: net: Fix icmp host relookup triggering iprtbug arp link failure may trigger iprtbug while xfrm enabled, call trace is: WARNING: CPU: 0 PID: 0 at net/ipv4/route.c:1241 iprtbug+0x14/0x20 Modules linked in: CPU: 0 UID: 0 PID: 0 Comm...