OpenClaw's owner-only gateway tool access checks were incomplete in specific authenticated DM flows

Summary In authenticated non-owner DM sessions, a narrow tool-invocation path could reach broader-than-intended owner-only gateway actions. Impact This requires an authenticated non-owner sender in a DM session and a specific tool invocation path. No unauthenticated access is involved, and this...

EUVD-2023-58485

Malicious code in bioql PyPI...

OSI Stack Redesign for Quantum Networks: Requirements, Technologies, Challenges, and Future Directions

Quantum communication is poised to become a foundational element of next-generation networking, offering transformative capabilities in security, entanglement-based connectivity, and computational offloading. However, the classical OSI model-designed for deterministic and error-tolerant...

CVE-2023-6239

Under rare conditions, the effective permissions of an object might be incorrectly calculated if the object has a specific configuration of metadata-driven permissions in M-Files Server versions 23.9, 23.10, and 23.11 before 23.11.13168.7, potentially enabling unauthorized access to the object...

CVE-2023-6239

Under rare conditions, the effective permissions of an object might be incorrectly calculated if the object has a specific configuration of metadata-driven permissions in M-Files Server versions 23.9, 23.10, and 23.11 before 23.11.13168.7, potentially enabling unauthorized access to the object...

Design/Logic Flaw

Under rare conditions, the effective permissions of an object might be incorrectly calculated if the object has a specific configuration of metadata-driven permissions in M-Files Server versions 23.9, 23.10, and 23.11 before 23.11.13168.7, potentially enabling unauthorized access to the object...

CVE-2023-6239 Incorrect calculation of effective permissions

Under rare conditions, the effective permissions of an object might be incorrectly calculated if the object has a specific configuration of metadata-driven permissions in M-Files Server versions 23.9, 23.10, and 23.11 before 23.11.13168.7, potentially enabling unauthorized access to the object...

PT-2023-32573 · M Files · M-Files Server

Name of the Vulnerable Software and Affected Versions: M-Files Server versions 23.9 through 23.11 before 23.11.13168.7 Description: The issue arises under rare conditions when an object in M-Files Server has a specific configuration of metadata-driven permissions, potentially leading to incorrect...

M-Files Server Security Vulnerability

M-Files Server is a server for the M-Files system from M-Files, Inc. A security vulnerability exists in versions prior to M-Files Server 23.11.13168.7 that stems from an incorrectly computed valid privilege that may produce incorrect results if metadata-driven permissions are used in a particular...