EUVD-2026-33904

An improper authorization vulnerability has been identified in Apache Kafka. The implementation of the CONSUMERGROUPDESCRIBE 69 API validates the DESCRIBE operation on the GROUP resource instead of the READ operation that documented in the official kafka documentation and the KIP-848. This...

EUVD-2014-8661

Malware in sbrugna...

CVE-2022-25318

An issue was discovered in Cerebrate through 1.4. An incorrect sharing group ACL allowed an unprivileged user to edit and modify sharing groups...

PT-2022-17206 · Cerebrate · Cerebrate

Name of the Vulnerable Software and Affected Versions: Cerebrate versions through 1.4 Description: An issue was discovered that allowed an unprivileged user to edit and modify sharing groups due to an incorrect sharing group ACL. Recommendations: For versions through 1.4, as a temporary workaroun...

CVE-2015-0610

Race condition in the object-group ACL feature in Cisco IOS 15.52T and earlier allows remote attackers to bypass intended access restrictions via crafted network traffic that triggers improper handling of the timing of process switching and Cisco Express Forwarding CEF switching, aka Bug ID...

CVE-2014-8831

securitytaskgate in Apple OS X before 10.10.2 allows attackers to read group-ACL-restricted keychain items of arbitrary apps via a crafted app with a signature from a 1 self-signed certificate or 2 Developer ID certificate...

CVE-2014-8831

CVE-2014-8831 affects Apple OS X prior to 10.10.2. The issue in security_taskgate allows reading group-ACL–restricted keychain items of arbitrary apps when a crafted app signs with a self-signed certificate or a Developer ID certificate. Impact is partial confidentiality. The vulnerability is add...

GLSA-200407-09 : MoinMoin: Group ACL bypass

The remote host is affected by the vulnerability described in GLSA-200407-09 MoinMoin: Group ACL bypass MoinMoin contains a bug in the code handling administrative group ACLs. A user created with the same name as an administrative group gains the privileges of the administrative group. Impact : I...

GLSA-200408-25 : MoinMoin: Group ACL bypass

The remote host is affected by the vulnerability described in GLSA-200408-25 MoinMoin: Group ACL bypass MoinMoin contains two unspecified bugs, one allowing anonymous users elevated access when not using ACLs, and the other in the ACL handling in the PageEditor. Impact : Restrictions on anonymous...

MoinMoin: Group ACL bypass

Background MoinMoin is a Python clone of WikiWiki, based on PikiPiki. Description MoinMoin contains a bug in the code handling administrative group ACLs. A user created with the same name as an administrative group gains the privileges of the administrative group. Impact If an administrative grou...