EUVD-2021-10295

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2021-23186

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A sandboxing issue in Odoo Community 15.0 and earlier and Odoo Enterprise 15.0 and earlier allows authenticated administrators to access and modify database...

CVE-2021-23186

A sandboxing issue in Odoo Community 15.0 and earlier and Odoo Enterprise 15.0 and earlier allows authenticated administrators to access and modify database contents of other tenants, in a multi-tenant system...

Missing Authorization

odoo is vulnerable to Missing Authorization. The vulnerability exists due to the issue in the sandboxing, which allows an attacker to access and modify the database contents of other tenants in a multi-tenant system...

Design/Logic Flaw

A sandboxing issue in Odoo Community 15.0 and earlier and Odoo Enterprise 15.0 and earlier allows authenticated administrators to access and modify database contents of other tenants, in a multi-tenant system...

UBUNTU-CVE-2021-23186

A sandboxing issue in Odoo Community 15.0 and earlier and Odoo Enterprise 15.0 and earlier allows authenticated administrators to access and modify database contents of other tenants, in a multi-tenant system...

CVE-2021-23186

CVE-2021-23186 affects Odoo: sandboxing/ACL flaw in Odoo Community 15.0 and earlier and Odoo Enterprise 15.0 and earlier. Authenticated administrators can read/modify database contents of other tenants in a multi-tenant setup. Consequences align with elevated access to tenant data. Public technic...

Tenancy multi-tenant open redirect vulnerability

Tenancy multi-tenant is an open source multi-domain controller. Tenancy multi-tenant suffers from an open redirection vulnerability that can be exploited by an attacker to redirect a user's site to any other site using a specially crafted URL...

CVE-2020-15137

All versions of HoRNDIS are affected by an integer overflow in the RNDIS packet parsing routines. A malicious USB device can trigger disclosure of unrelated kernel memory to userspace applications on the host, or can cause the kernel to crash. Kernel memory disclosure is especially likely on 32-b...

CVE-2020-15137 Integer overflow in HoRNDIS

All versions of HoRNDIS are affected by an integer overflow in the RNDIS packet parsing routines. A malicious USB device can trigger disclosure of unrelated kernel memory to userspace applications on the host, or can cause the kernel to crash. Kernel memory disclosure is especially likely on 32-b...