Google Android Illegal Authorization Vulnerability (CNVD-2025-0599078)

Google Android is a Linux-based open source operating system from Google. Google Android Illegal Authorization Vulnerability, the vulnerability stems from the removal of incorrect permission flags, resulting in a user's local privileges being elevated. An attacker can exploit the vulnerability fo...

Lunary Illegal Authorization Vulnerability

lunary is lunary open source a production toolkit for LLM . An illegal authorization vulnerability exists in lunary, which stems from the presence of an incorrect authorization vulnerability that allows an unprivileged user to regenerate a private key for an item to which they do not have access...

Google Android 安全漏洞

Google Android is a Linux-based open source operating system from Google. Google Android Illegal Authorization Vulnerability, the vulnerability stems from the removal of incorrect permission flags, resulting in a user's local privileges being elevated. An attacker can exploit the vulnerability fo...

Lunary 安全漏洞

lunary is lunary open source a production toolkit for LLM . An illegal authorization vulnerability exists in lunary, which stems from the presence of an incorrect authorization vulnerability that allows an unprivileged user to regenerate a private key for an item to which they do not have access...

Mattermost Illegal Authorization Vulnerability

Mattermost is an open source collaboration platform from Mattermost, Inc. in the United States. Mattermost suffers from an illegal authorization vulnerability that stems from the Jira plugin's inability to check the security level of incoming issues when processing subscriptions and to restrict...

Mattermost 安全漏洞

Mattermost is an open source collaboration platform from Mattermost, Inc. in the United States. Mattermost suffers from an illegal authorization vulnerability that stems from the Jira plugin's inability to check the security level of incoming issues when processing subscriptions and to restrict...

Couchbase Server 安全漏洞

Couchbase Server is a distributed open source NoSQL non-relational database from Couchbase, Inc. that primarily supports data querying, full-text search, and active global replication. versions of Couchbase Server prior to 7.1 contain an illegal authorization vulnerability that could be exploited...

Authentication flaw

ZTE MF971R product has a Referer authentication bypass vulnerability. Without CSRF verification, an attackercould use this vulnerability to perform illegal authorization operations by sending a request to the user to click...

CVE-2021-21745

ZTE MF971R product has a Referer authentication bypass vulnerability. Without CSRF verification, an attackercould use this vulnerability to perform illegal authorization operations by sending a request to the user to click...

Cross site request forgery (csrf)

Some ZTE products have CSRF vulnerability. Because some pages lack CSRF random value verification, attackers could perform illegal authorization operations by constructing messages.This affects: ZXHN H168N V3.5.0EG1T5TE, V2.5.5, ZXHN H108N V2.5.5BTMT1...

CVE-2021-21729

The CVE-2021-21729 entry describes a CSRF vulnerability in ZTE router models ZXHN H168N (V3.5.0_EG1T5_TE, V2.5.5) and ZXHN H108N (V2.5.5_BTMT1). Root cause: pages lack CSRF random value verification, enabling an attacker to perform unauthorized operations by crafting messages. Affected products a...