18 matches found
EUVD-2020-29096
Malware in sbrugna...
EUVD-2021-2577
Malware in sbrugna...
EUVD-2021-23710
Malware in sbrugna...
EUVD-2023-2892
Malicious code in bioql PyPI...
EUVD-2025-31325
Malicious code in bioql PyPI...
CVE-2025-10871
An issue has been discovered in GitLab EE affecting all versions from 16.6 before 18.2.7, 18.3 before 18.3.3, and 18.4 before 18.4.1. Project Maintainers can exploit a vulnerability where they can assign custom roles to users with permissions exceeding their own, effectively granting themselves...
CVE-2025-10871
An issue has been discovered in GitLab EE affecting all versions from 16.6 before 18.2.7, 18.3 before 18.3.3, and 18.4 before 18.4.1. Project Maintainers can exploit a vulnerability where they can assign custom roles to users with permissions exceeding their own, effectively granting themselves...
CVE-2025-10871
Removed by vendor...
CVE-2025-10871 Missing Authorization in GitLab
An issue has been discovered in GitLab EE affecting all versions from 16.6 before 18.2.7, 18.3 before 18.3.3, and 18.4 before 18.4.1. Project Maintainers can exploit a vulnerability where they can assign custom roles to users with permissions exceeding their own, effectively granting themselves...
CVE-2021-37134
Location-related APIs exists a Race Condition vulnerability.Successful exploitation of this vulnerability may use Higher Permissions for invoking the interface of location-related components...
CVE-2021-37134
Location-related APIs exists a Race Condition vulnerability.Successful exploitation of this vulnerability may use Higher Permissions for invoking the interface of location-related components...
CVE-2021-37134
Location-related APIs exists a Race Condition vulnerability.Successful exploitation of this vulnerability may use Higher Permissions for invoking the interface of location-related components...
Race condition
Location-related APIs exists a Race Condition vulnerability.Successful exploitation of this vulnerability may use Higher Permissions for invoking the interface of location-related components...
CVE-2021-37134
Location-related APIs exists a Race Condition vulnerability.Successful exploitation of this vulnerability may use Higher Permissions for invoking the interface of location-related components...
CVE-2021-37134
CVE-2021-37134 affects HarmonyOS where a race condition in location-related APIs could allow a process to invoke interfaces with higher permissions. The available descriptions identify the vulnerability as a race condition in location components, enabling elevated access, but do not provide produ...
Nextcloud Server < 17.0.8, 18.x < 18.0.7, 19.0.0 Privilege Escalation Vulnerability (NC-SA-2020-029)
Nextcloud Server is prone to a privilege escalation vulnerability. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Design/Logic Flaw
An issue was discovered in Joomla! Core before 3.8.8. Inadequate checks allowed users to modify the access levels of user groups with higher permissions...
[20180501] - Core - ACL violation in access levels
Inadequate checks allowed users to modify the access levels of user groups with higher permissions...