Incorrect Authorization

Overview Affected versions of this package are vulnerable to Incorrect Authorization due to a misconfigured NetworkPolicy. An attacker can gain unauthorized access to resources in other namespaces by exploiting the overly permissive network policy configuration. Workaround This vulnerability can ...

EUVD-2025-21563

Malicious code in bioql PyPI...

F5 BIG-IP APM 安全漏洞

F5 BIG-IP APM is a suite of access and security solutions from F5 USA. The product provides unified access to business-critical applications and networks. A security vulnerability exists in F5 BIG-IP APM that stems from configuring network access without properly handling specific traffic, which...

CVE-2025-49831

An attacker of Secrets Manager, Self-Hosted installations that route traffic from Secrets Manager to AWS through a misconfigured network device can reroute authentication requests to a malicious server under the attacker’s control. CyberArk believes there to be very few installations where this...

Server Side Request Forgery

miniflare is vulnerable to Server Side Request Forgery. The vulnerability is caused due to a configuration which listens to requests from external network interfaces . As a result of this configuration, an attacker can access local servers by sending specially crafted Websocket requests to the...

Google Android System Information Disclosure Vulnerability (CNVD-2019-31033)

Android is a Linux-based open source operating system from Google and the Open Handset Alliance OHA in the U.S. System is one of the system components. There is an information disclosure vulnerability in System in Android Q. The vulnerability arises from errors in the configuration of a networked...