2 matches found
Improper Authorization
Overview potsky/pimp-my-log is a Log viewer for your web server. Affected versions of this package are vulnerable to Improper Authorization via the Account Creation Endpoint. An attacker can gain unauthorized administrative access and execute arbitrary JavaScript by exploiting the unsanitized...
CVE-2025-3831
CVE-2025-3831 affects Check Point Harmony SASE agent. The root cause was a shared SFTP key embedded in the software with read/list permissions, granting broader access than intended to log files uploaded during troubleshooting. This could allow unauthorized parties to access logs (potentially inc...