EUVD-2025-0111

Malicious code in bioql PyPI...

zot 安全漏洞

zot is an OCI image registry open-sourced by The zot Project. A security vulnerability exists in versions prior to zot 2.1.2, which stems from a conflict in the configuration file, where any authorized zot configuration that relies on group-based authorization does not honor group...

CVE-2021-21411

OAuth2-Proxy is an open source reverse proxy that provides authentication with Google, Github or other providers. The --gitlab-group flag for group-based authorization in the GitLab provider stopped working in the v7.0.0 release. Regardless of the flag settings, authorization wasn't restricted...

CVE-2021-21411

OAuth2-Proxy suffered a vulnerability where the --gitlab-group flag for GitLab-group-based authorization stopped working in v7.0.0. Regardless of the flag, authorization wasn’t restricted and an authenticated user’s groups were added to X-Forwarded-Groups upstream. A bug caused the user session’s...

Information Disclosure

Moodle is vulnerable to information disclosure. Authenticated attackers can read rating values to obtain sensitive information. This happens because it mishandles group-based authorization checks...

CVE-2015-5268

The rating component in Moodle through 2.6.11, 2.7.x before 2.7.10, 2.8.x before 2.8.8, and 2.9.x before 2.9.2 mishandles group-based authorization checks, which allows remote authenticated users to obtain sensitive information by reading a rating value...

CVE-2015-5268

The rating component in Moodle through 2.6.11, 2.7.x before 2.7.10, 2.8.x before 2.8.8, and 2.9.x before 2.9.2 mishandles group-based authorization checks, which allows remote authenticated users to obtain sensitive information by reading a rating value...