20 matches found
CVE-2026-41670 Admidio: SAML Response Sent to Unvalidated Assertion Consumer Service URL from AuthnRequest
Admidio is an open-source user management solution. Prior to version 5.0.9, the SAML IdP implementation in Admidio's SSO module uses the AssertionConsumerServiceURL value directly from incoming SAML AuthnRequest messages as the destination for the SAML response, without validating it against the...
CVE-2026-36762
An issue in the fileEntityId parameter in the /a/file/upload endpoint of JeeSite v5.15.1 allows authenticated attackers with file upload permissions to execute a path traversal and write arbitrary files with whitelisted suffixes to arbitrary filesystem locations...
Open Redirect
Overview admidio/admidio is a free open source user management system for websites of organizations and groups. Affected versions of this package are vulnerable to Open Redirect in the handleSSORequest process. An attacker can obtain sensitive user identity attributes and impersonate users by...
media: uvcvideo: Mark invalid entities with id UVC_INVALID_ENTITY_ID
...
UBUNTU-CVE-2025-40016
In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Mark invalid entities with id UVCINVALIDENTITYID Per UVC 1.1+ specification 3.7.2, units and terminals must have a non-zero unique ID. Each Unit and Terminal within the video function is assigned a unique...
CVE-2025-40016
In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Mark invalid entities with id UVCINVALIDENTITYID Per UVC 1.1+ specification 3.7.2, units and terminals must have a non-zero unique ID. Each Unit and Terminal within the video function is assigned a unique...
CVE-2025-40016 media: uvcvideo: Mark invalid entities with id UVC_INVALID_ENTITY_ID
In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Mark invalid entities with id UVCINVALIDENTITYID Per UVC 1.1+ specification 3.7.2, units and terminals must have a non-zero unique ID. Each Unit and Terminal within the video function is assigned a unique...
CVE-2023-41336
ux-autocomplete is a JavaScript Autocomplete functionality for Symfony. Under certain circumstances, an attacker could successfully submit an entity id for an EntityType that is not part of the valid choices. The problem has been fixed in symfony/ux-autocomplete version 2.11.2...
CVE-2024-55470
Oqtane Framework 6.0.0 is vulnerable to Incorrect Access Control. By manipulating the entityid parameter, attackers can bypass passcode validation and successfully log into the application or access restricted data without proper authorization. The lack of server-side validation exacerbates the...
Code injection
ux-autocomplete is a JavaScript Autocomplete functionality for Symfony. Under certain circumstances, an attacker could successfully submit an entity id for an EntityType that is not part of the valid choices. The problem has been fixed in symfony/ux-autocomplete version 2.11.2...
CVE-2023-41336 Prevent injection of invalid entity ids for "autocomplete" fields in symfony ux-autocomplete
ux-autocomplete is a JavaScript Autocomplete functionality for Symfony. Under certain circumstances, an attacker could successfully submit an entity id for an EntityType that is not part of the valid choices. The problem has been fixed in symfony/ux-autocomplete version 2.11.2...
Prevent injection of invalid entity ids for "autocomplete" fields
Impact Under certain circumstances, an attacker could successfully submit an entity id for an EntityType that is not part of the valid choices. Affected applications are any that use: A custom querybuilder option to limit the valid results; AND An EntityType with 'autocomplete' = true or a custom...
PT-2023-27912 · Symfony · Symfony/Ux-Autocomplete
Name of the Vulnerable Software and Affected Versions: symfony/ux-autocomplete versions prior to 2.11.2 Description: The issue allows an attacker to submit an entity id for an EntityType that is not part of the valid choices under certain circumstances. This can occur in applications that use a...
Symfony UX Autocomplete Input Validation Error Vulnerability
Symfony UX Autocomplete is a Symfony open source JavaScript autocomplete feature for Symfony. An input validation error vulnerability exists in Symfony UX Autocomplete versions prior to 2.11.2. An attacker can exploit this vulnerability to successfully submit an invalid entity ID...
Authorization Bypass Through User-Controlled Key
Overview Affected versions of this package are vulnerable to Authorization Bypass Through User-Controlled Key via a crafted request sent to the /admin/users/userid/memberships/membershipid endpoint containing an additional membershipentityid parameter. This will allow an attacker to update the...
This Week in Spring - July 5th, 2022
Hi, Spring fans! Welcome to another installment of This Week in Spring! This weeks all sorts of weird for me. Its Tuesday! But here in the US we just celebrated the 4th of July, and I, like many Americans, took a long weekend. Took some time with the family to do a little road trip up north to...
Valve: RCE on CS:GO client using unsanitized entity ID in EntityMsg message
Title: RCE on CS:GO client using unsanitized entity ID in EntityMsg message Scope: csgo.exe Weakness: Out-of-bounds Read Severity: Critical 9.6 Link: https://hackerone.com/reports/584603 Date: 2019-05-19 17:49:21 +0000 By: @chaynik Details: Vulnerability ------------- CSVCMsgEntityMsg message is...
New Relic: Ability to view monitor names of other NR accounts through internal API (v3) via "monitor_id" parameter
NR Alerts gives you the granularity to set alert conditions on an alert policy depending on the conditions you specify at the https://alerts.newrelic.com/accounts/ACCOUNTNUMBER/policies/POLICYID/conditions/new URL. When you select an entity for the condition, the application does not check to...
CVE-2015-4375
The Chaos tool suite ctools module 7.x-1.x before 7.x-1.7 for Drupal allows remote attackers to obtain sensitive node titles via 1 an autocomplete search on custom entities without an access query tag or 2 leveraging knowledge of the ID of an entity...
CVE-2015-4375
The CVE-2015-4375 vulnerability affects the Chaos tool suite (ctools) module for Drupal (7.x-1.x prior to 7.x-1.7 and 6.x-1.x prior to 6.x-1.12). It enables remote attackers to obtain sensitive node titles via two attack paths: (1) an autocomplete search on custom entities without an access query...