Access Control Bypass

Overview flowise is a Flowiseai Server Affected versions of this package are vulnerable to Access Control Bypass via the via POST /api/v1/account/login and POST /api/v1/account/invite endpoints. An attacker can gain access to arbitrary bcrypt password hash, tempToken, and tokenExpiry, including...

ovn: OVN: Information disclosure via crafted DHCPv6 packets

A flaw was found in OVN Open Virtual Network. A remote attacker, by sending crafted DHCPv6 Dynamic Host Configuration Protocol for IPv6 SOLICIT packets with an inflated Client ID length, could cause the ovn-controller to read beyond the bounds of a packet. This out-of-bounds read can lead to the...

CVE-2026-35367

The nohup utility in uutils coreutils creates its default output file, nohup.out, without specifying explicit restricted permissions. This causes the file to inherit umask-based permissions, typically resulting in a world-readable file 0644. In multi-user environments, this allows any user on the...

ChurchCRM 安全漏洞

ChurchCRM is an open-source CRM system developed for churches. Versions of ChurchCRM prior to 7.1.0 contained security vulnerabilities. These vulnerabilities stemmed from authentication bypasses in the API middleware, allowing unverified attackers to access all protected API endpoints...

Nhost 安全漏洞

Nhost is an open-source backend service platform developed by Nhost. Versions of Nhost prior to 1.41.0 contained security vulnerabilities. These vulnerabilities stemmed from the Nhost CLI MCP server, which, when explicitly configured to listen on network ports, did not apply inbound authenticatio...

IX-Ray Engine 安全漏洞

IX-Ray Engine is a modern game engine open-source by the IX-Ray Team. Versions of IX-Ray Engine prior to 1.3 contained security vulnerabilities, which were caused by exposing sensitive information to unauthorized participants...

Splunk Enterprise 信息泄露漏洞

Splunk Enterprise is a data collection and analysis software developed by the American company Splunk. Versions of Splunk Enterprise prior to 10.2.0, 10.0.3 prior to version 10.0.3, 9.4.9 prior to version 9.3.10, as well as versions of Splunk Cloud Platform prior to 10.2.2510.5, 10.1.2507.16 prio...

Acronis Cyber Protect 安全漏洞

Acronis Cyber Protect is an enterprise-oriented network protection solution developed by the Swiss company Acronis. It combines features such as backup, anti-malware, network security, and endpoint management e.g., vulnerability assessment, URL filtering, patch management, etc.. Previous versions...

PT-2026-22072

Name of the Vulnerable Software and Affected Versions Bitnami Sealed Secrets affected versions not specified Description Bitnami Sealed Secrets is susceptible to a scope-widening attack during the secret rotation process via the /v1/rotate API endpoint. The rotation handler uses untrusted data fr...

Apple多款产品 安全漏洞

Apple iOS is an operating system developed for mobile devices.Apple macOS is a specialized operating system developed for Mac computers.Apple iPadOS is an operating system for iPad tablets. An information disclosure vulnerability exists in multiple Apple products. The vulnerability is caused due ...

Unintended Proxy or Intermediary ('Confused Deputy')

Overview Affected versions of this package are vulnerable to Unintended Proxy or Intermediary 'Confused Deputy' due to the unsafe usage of Kubernetes ExternalName type with Ingress controller. An attacker can gain unauthorized access to internal services, leveraging the controller's network...

CVE-2022-50932

Kyocera Command Center RX ECOSYS M2035dn contains a directory traversal vulnerability that allows unauthenticated attackers to read sensitive system files by manipulating file paths under the /js/ path. Attackers can exploit the issue by sending requests like /js/../../../../.../etc/passwd%00.jpg...

EUVD-2025-202451

Jenkins Redpen - Pipeline Reporter for Jira Plugin has a path traversal vulnerability...

CVE-2025-67643

Jenkins Redpen - Pipeline Reporter for Jira Plugin 1.054.v7b9517b6b202 and earlier does not correctly perform path validation of the workspace directory while uploading artifacts to Jira, allowing attackers with Item/Configure permission to retrieve files present on the Jenkins controller workspa...

CVE-2025-65900

Kalmia CMS version 0.2.0 contains an Incorrect Access Control vulnerability in the /kal-api/auth/users API endpoint. Due to insufficient permission validation and excessive data exposure in the backend, an authenticated user with basic read permissions can retrieve sensitive information for all...

KVM: VMX: Do _all_ initialization before exposing /dev/kvm to userspace

...

PT-2025-44995

Name of the Vulnerable Software and Affected Versions CanalDenuncia.app affected versions not specified Description A lack of authorization exists in CanalDenuncia.app, potentially allowing an attacker to access other users' information. This is achieved by sending a POST request through the id...

CVE-2025-22177

Jira Align is vulnerable to an authorization issue. A low-privilege user can access unexpected endpoints that disclose a small amount of sensitive information. For example, a low-level user was able to view other team overviews...

Vasion Print Virtual Appliance Host 安全漏洞

Vasion Print Virtual Appliance Host is a print management software from Vasion USA. A security vulnerability exists in Vasion Print Virtual Appliance Host versions prior to 22.0.1026 that originates from an unauthenticated REST API endpoint exposing configuration files and plaintext passwords,...

CVE-2025-43788

The organization selector in Liferay Portal 7.4.0 through 7.4.3.124, and Liferay DXP 2024.Q1.1 through 2024.Q1.12 and 7.4 update 81 through update 85 does not check user permission, which allows remote authenticated users to obtain a list of all organizations...