Lucene search
K

35 matches found

Vulnrichment
Vulnrichment
added 2026/04/09 9:26 p.m.5 views

CVE-2026-35617 OpenClaw < 2026.3.25 - Authorization Bypass via Group Policy Rebinding with Mutable Space displayName

OpenClaw before 2026.3.25 contains an authorization bypass vulnerability in Google Chat group policy enforcement that relies on mutable space display names. Attackers can rebind group policies by changing or colliding space display names to gain unauthorized access to protected resources...

4.2CVSS5.8AI score0.00236EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/04/09 12:0 a.m.5 views

PT-2026-31756

OpenClaw before 2026.3.25 contains an authorization bypass vulnerability in Google Chat group policy enforcement that relies on mutable space display names. Attackers can rebind group policies by changing or colliding space display names to gain unauthorized access to protected resources...

4.2CVSS5.9AI score0.00236EPSS
Exploits0References5
NVD
NVD
added 2025/11/25 1:15 a.m.5 views

CVE-2025-64761

OpenBao is an open source identity-based secrets management system. Prior to version 2.4.4, a privileged operator could use the identity group subsystem to add a root policy to a group identity group, escalating their or another user's permissions in the system. Specifically this is an issue when...

7.5CVSS0.00315EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2002-0441

Malware in sbrugna...

7.5CVSS6.4AI score0.12021EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2019-7628

Malware in sbrugna...

8.2CVSS8.1AI score0.00261EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2005-0546

Malware in sbrugna...

7.2CVSS6.4AI score0.01818EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2005-3172

Malware in sbrugna...

4.6CVSS6.4AI score0.01297EPSS
Exploits0References3
OSV
OSV
added 2025/05/29 7:25 p.m.7 views

CVE-2025-47288 Discourse Policy plugin private group members visible

Discourse Policy plugin gives the ability to confirm users have seen or done something. Prior to version 0.1.1, if there was a policy posted to a public topic that was tied to a private group then the group members could be shown to non-group members. This issue has been patched in version 0.1.1....

3.5CVSS6.6AI score0.00217EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/05/29 12:0 a.m.4 views

Discourse Policy 信息泄露漏洞

Discourse Policy is an open source plugin for Discourse that confirms that a user has seen or done something by alerting them. An information disclosure vulnerability exists in versions prior to Discourse Policy 0.1.1 that stems from not properly handling private group policies, which could lead ...

3.5CVSS5.9AI score0.00217EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/02/05 4:57 p.m.10 views

CVE-2019-17201

FastTrack Admin By Request 6.1.0.0 supports group policies that are supposed to allow only a select range of users to elevate to Administrator privilege at will. When a user requests elevation using the AdminByRequest.exe interface, the interface communicates with the underlying service...

9CVSS6.8AI score0.00311EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 4:56 p.m.17 views

CVE-2019-17202

FastTrack Admin By Request 6.1.0.0 supports group policies that are supposed to allow only a select range of users to elevate to Administrator privilege at will. If a user does not have direct access to the elevation feature through group policies, they are prompted to enter a PIN code in a...

8.2CVSS7AI score0.00261EPSS
Exploits0References1
Securelist
Securelist
added 2025/01/31 10:0 a.m.10 views

One policy to rule them all

Windows group policies are a powerful management tool that allows administrators to define and control user and computer settings within a domain environment in a centralized manner. While group policies offer functionality and utility, they are unfortunately a prime target for attackers. In...

7AI score
Exploits0
Citrix
Citrix
added 2024/05/10 12:0 a.m.8 views

Policy data may be lost when a CVAD site is upgraded from an older version to 2311 or 2402

Citrix group policies may fail to appear in Studio post upgrade to CVAD Versions 2311 or 2402, and on Citrix DaaS. VDAs that expect the missing policies to be applied may behave differently...

7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2024/04/09 7:21 p.m.30 views

Active Nitrogen campaign delivered via malicious ads for PuTTY, FileZilla

In the past couple of weeks, we have observed an ongoing campaign targeting system administrators with fraudulent ads for popular system utilities. The malicious ads are displayed as sponsored results on Googles search engine page and localized to North America. Victims are tricked into downloadi...

7AI score
Exploits0
Citrix
Citrix
added 2023/08/11 12:0 a.m.12 views

Some GPO's fail to apply when elastic layering is enabled

With Elastic Layering Apps Only enabled, gpupdate /force may report an error while applying some group policies...

7.1AI score
Exploits0
Citrix
Citrix
added 2023/07/20 12:0 a.m.11 views

How to restrict connections from clients\endpoints with specific versions of Citrix Workspace app

This article describes how to control connections to published applications or published desktops from specific versions of Citrix Workspace app for Windows. In the steps below, configure local group policies using the Windows Group Policy Object administrative template for Citrix Workspace app...

6.9AI score
Exploits0
Malwarebytes
Malwarebytes
added 2022/01/26 1:47 p.m.22 views

Windows Update has changed over the years. Here are 25 group policies to avoid

Microsoft has published a list of 25 group policies that administrators should not use in Windows 10 and Windows 11 as they do not provide optimal behavior or cause unexpected results. Since November 2015 when Windows 10 was first introduced, there have been many changes and some of them have...

1.4AI score
Exploits0
Kitploit
Kitploit
added 2021/02/06 11:30 a.m.143 views

GPOZaurr - Group Policy Eater Is A PowerShell Module That Aims To Gather Information About Group Policies

Group Policy Eater is a PowerShell module that aims to gather information about Group Policies but also allows fixing issues that you may find in them. Installing GPOZaurr requires RSAT installed to provide results. If you don't have them you can install them as below. Keep in mind it also instal...

7.1AI score
Exploits0References3
NVD
NVD
added 2020/01/23 3:15 p.m.30 views

CVE-2019-17202

FastTrack Admin By Request 6.1.0.0 supports group policies that are supposed to allow only a select range of users to elevate to Administrator privilege at will. If a user does not have direct access to the elevation feature through group policies, they are prompted to enter a PIN code in a...

8.2CVSS7.9AI score0.00261EPSS
Exploits0References2
NVD
NVD
added 2020/01/23 3:15 p.m.17 views

CVE-2019-17201

FastTrack Admin By Request 6.1.0.0 supports group policies that are supposed to allow only a select range of users to elevate to Administrator privilege at will. When a user requests elevation using the AdminByRequest.exe interface, the interface communicates with the underlying service...

9CVSS7.9AI score0.00311EPSS
Exploits0References2
Rows per page
Query Builder