CVE-2026-47189 Quest Bot: AutoMod removal can delete rules from another guild by global rule ID

Quest Bot is an opensource modern Discord Bot built for moderation, utilities and support. Prior to version 1.0.5, the AutoMod remove flow looks up and deletes rules by global database ID without verifying that the rule belongs to the guild where the command is executed. A user can learn a victim...

BIT-CEPH-2021-20288

An authentication flaw was found in ceph in versions before 14.2.20. When the monitor handles CEPHXGETAUTHSESSIONKEY requests, it doesn't sanitize otherkeys, allowing key reuse. An attacker who can request a globalid can exploit the ability of any user to request a globalid previously associated...

EUVD-2020-26665

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2021-20288

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An authentication flaw was found in ceph in versions before 14.2.20. When the monitor handles CEPHXGETAUTHSESSIONKEY requests, it doesn't sanitize otherkeys,...

OESA-2022-1715 ceph security update

Ceph is a massively scalable, open-source, distributed storage system that runs on commodity hardware and delivers object, block and file system storage. Security Fixes: An authentication flaw was found in ceph in versions before 14.2.20. When the monitor handles CEPHXGETAUTHSESSIONKEY requests, ...

ceph: Unauthorized global_id reuse in cephx

An authentication flaw was found in ceph. When the monitor handles CEPHXGETAUTHSESSIONKEY requests, it doesn't sanitize otherkeys, allowing key reuse. An attacker who can request a globalid can exploit the ability of any user to request a globalid previously associated with another user, as ceph...

ceph: Unauthorized global_id reuse in cephx

An authentication flaw was found in ceph. When the monitor handles CEPHXGETAUTHSESSIONKEY requests, it doesn't sanitize otherkeys, allowing key reuse. An attacker who can request a globalid can exploit the ability of any user to request a globalid previously associated with another user, as ceph...

DEBIAN-CVE-2021-20288

An authentication flaw was found in ceph in versions before 14.2.20. When the monitor handles CEPHXGETAUTHSESSIONKEY requests, it doesn't sanitize otherkeys, allowing key reuse. An attacker who can request a globalid can exploit the ability of any user to request a globalid previously associated...

UBUNTU-CVE-2021-20288

An authentication flaw was found in ceph in versions before 14.2.20. When the monitor handles CEPHXGETAUTHSESSIONKEY requests, it doesn't sanitize otherkeys, allowing key reuse. An attacker who can request a globalid can exploit the ability of any user to request a globalid previously associated...

DEBIAN-CVE-2018-16476

A Broken Access Control vulnerability in Active Job versions = 4.2.0 allows an attacker to craft user input which can cause Active Job to deserialize it using GlobalId and give them access to information that they should not have. This vulnerability has been fixed in versions 4.2.11, 5.0.7.1,...