BIT-AUTHENTIK-2023-26481 Insufficient user check in FlowTokens by Email stage

authentik is an open-source Identity Provider. Due to an insufficient access check, a recovery flow link that is created by an admin or sent via email by an admin can be used to set the password for any arbitrary user. This attack is only possible if a recovery flow exists, which has both an...

EUVD-2020-5577

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2020-13317

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8, and 13.3.4. An insufficient check in the GraphQL api allowed a maintainer to delete a...

Apple macOS Sequoia has an unspecified vulnerability (CNVD-2025-18409)

Apple macOS Sequoia is an operating system from the American company Apple Apple. A security vulnerability exists in Apple macOS Sequoia, which stems from an insufficient check, and can be exploited by an attacker to cause a process memory leak when processing malicious images...

Fedora: Security Advisory (FEDORA-2025-66ebd291f8)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2020-8180

A too lax check in Nextcloud Talk 6.0.4, 7.0.2 and 8.0.7 allowed a code injection when a not correctly sanitized talk command was added by an administrator...

Apple macOS 安全漏洞

Apple macOS is a suite of specialized operating systems developed for Mac computers by Apple USA. A security vulnerability exists in Apple macOS that stems from an insufficient check that could cause an application to bypass ASLR...

Fedora: Security Advisory (FEDORA-2025-016ed44ddc)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2023-44374

A vulnerability has been identified in RUGGEDCOM RM1224 LTE4G EU 6GK6108-4AM00-2BA2 All versions V8.0, RUGGEDCOM RM1224 LTE4G NAM 6GK6108-4AM00-2DA2 All versions V8.0, SCALANCE M804PB 6GK5804-0AP00-2AA2 All versions V8.0, SCALANCE M812-1 ADSL-Router 6GK5812-1AA00-2AA2 All versions V8.0, SCALANCE...

Withdrawal requests do not check if the amount of unlockable CVX is sufficient for withdrawals

Lines of code Vulnerability details Bug Description In AfEth.sol, whenever a user calls requestWithdraw to queue a withdrawal, the time that they can withdraw is determined by withdrawTime: AfEth.solL175-L176 function requestWithdrawuint256 amount external virtual uint256 withdrawTimeBefore =...

Design/Logic Flaw

Insufficient check of preconditions could lead to Denial of Service conditions when calling commands on the Tbase server of B&R APROL versions R 4.2-07...

CVE-2022-43763

CVE-2022-43763 affects B&R APROL prior to R 4.2-07. The vulnerability is an insufficient check of preconditions in the Tbase server that can lead to a Denial of Service when commands are called. Affected component: Tbase server within APROL; affected versions: APROL

CVE-2022-31803

In CODESYS Gateway Server V2 an insufficient check for the activity of TCP client connections allows an unauthenticated attacker to consume all available TCP connections and prevent legitimate users or clients from establishing a new connection to the CODESYS Gateway Server V2. Existing connectio...

Input validation

In CODESYS Gateway Server V2 an insufficient check for the activity of TCP client connections allows an unauthenticated attacker to consume all available TCP connections and prevent legitimate users or clients from establishing a new connection to the CODESYS Gateway Server V2. Existing connectio...

getCurrentPrice will be return a higher value than expected due to insufficient check in isTimeValid

Lines of code Vulnerability details The Boolean value will always return true if start price is zero. The condition will be sufficiently fulfilled since a time will be set in the future but no time is set in the past or at current time: sumCurrentPrices uses the returned value of getCurrentPrice...

CVE-2021-26368

Insufficient check of the process type in Trusted OS TOS may allow an attacker with privileges to enable a lesser privileged process to unmap memory owned by a higher privileged process resulting in a denial of service...

CVE-2021-26368

Insufficient check of the process type in Trusted OS TOS may allow an attacker with privileges to enable a lesser privileged process to unmap memory owned by a higher privileged process resulting in a denial of service...

CVE-2021-26368

CVE-2021-26368 is an AMD firmware/Trusted OS issue where insufficient process-type checking can allow a less-privileged process to unmap memory owned by a higher-privileged process, causing denial of service. The AMD advisory (AMD-SB-1027) and related CVE table map this to multiple AMD Ryzen plat...

Insufficient check on updateVestedTokens function

Handle rfa Vulnerability details Impact This function can be used by the beneficiary to update their vested token, however the function is callable by anyone, there is no check if the msg.sender/caller is the correct beneficiary, the only check is , but this check is user controllable, therefore...

JetBrains IntelliJ IDEA Local Code Execution Vulnerability

Jetbrains JetBrains IntelliJ IDEA is a Czech JetBrains integrated development environment for the Java language . A local code execution vulnerability exists in JetBrains IntelliJ IDEA versions prior to 2020.3.3. The vulnerability stems from an insufficient check when the VCS fetches the project...