EUVD-2025-37318

When cache is enabled, some passdb/userdb drivers incorrectly cache all users with same cache key, causing wrong cached information to be used for these users. After cached login, all subsequent logins are for same user. Install fixed version or disable caching either globally or for the impacted...

IBM WebSphere Application Server Elevation of Privilege Vulnerability (CNVD-2018-26216)

IBM WebSphere Application Server WAS is an application server product developed and distributed by IBM in the U.S. It is a platform for Java EE and Web services applications, and is the foundation of the IBM WebSphere software platform. An elevation of privilege vulnerability exists in IBM WAS...

Drupal Core - Moderately Critical - Multiple Vulnerabilities - SA-CORE-2016-005

Description Inconsistent name for term access query Less critical - Drupal 7 and Drupal 8 Drupal provides a mechanism to alter database SELECT queries before they are executed. Contributed and custom modules may use this mechanism to restrict access to certain entities by implementing...

Debian DSA-3291-1 : drupal7 - security update

Several vulnerabilities were found in drupal7, a content management platform used to power websites. - CVE-2015-3231 Incorrect cache handling made private content viewed by 'user 1' exposed to other, non-privileged users. - CVE-2015-3232 A flaw in the Field UI module made it possible for attacker...

Design/Logic Flaw

The Kerberos credential renewal feature in Sun Solaris 8, 9, and 10, and OpenSolaris build snv01 through snv104, allows local users to cause a denial of service authentication failure via unspecified vectors related to incorrect cache file permissions, and lack of credential storage by the...