CVE-2026-5146

CVE-2026-5146 targets Devolutions Server. The issue is improper access control in the notification management endpoints, allowing an unauthenticated attacker to modify or delete arbitrary user notification records due to missing session validation. Affected versions range from Devolutions Server ...

CVE-2026-5146

Improper access control in the notification management endpoints in Devolutions Server allows an unauthenticated attacker to modify or delete arbitrary user notification records via missing session validation. This issue affects the following versions : Devolutions Server 2026.1.6.0 through...

Devolutions Server 安全漏洞

Devolutions Server is an application system developed by the Canadian company Devolutions. It provides a fully functional solution for shared accounts and password management. There is a security vulnerability in Devolutions Server, which stems from improper access control in the notification...

rustfs 安全漏洞

RustFS is a high-performance object storage system developed by RustFS. Versions of RustFS prior to 1.0.0-alpha.94 contained security vulnerabilities. These vulnerabilities stemmed from a lack of authorization checks for administrator operations at the event notification target management API...

EUVD-2019-18782

Malware in sbrugna...

EUVD-2025-21883

Malicious code in bioql PyPI...

CVE-2025-46732

OpenCTI is an open source platform for managing cyber threat intelligence knowledge and observables. Prior to version 6.6.6, an IDOR vulnerability in the GrapQL NotificationLineNotificationMarkReadMutation and NotificationLineNotificationDeleteMutation mutations of OpenCTI allows an authenticated...

CVE-2025-46732

OpenCTI prior to 6.6.6 is affected by an IDOR in GraphQL mutations NotificationLineNotificationMarkReadMutation and NotificationLineNotificationDeleteMutation. An authenticated user can read, modify, or delete another user’s notifications if they know the notification UUID; changing read status m...

CVE-2021-1021

In snoozeNotificationInt of NotificationManagerService.java, there is a possible way to disable notification for an arbitrary user due to improper input validation. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for...

CVE-2019-9407

In notification management of the service manager, there is a possible permissions bypass. This could lead to local escalation of privilege by preventing user notification, with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions:...

Stored XSS in Notification and Data Management

Description Please enter a description of the vulnerability. Proof of Concept 1. Go to a survey and to Settings = Notifications and data. 2. Turn off Inherit option for Send basic notification email to: or Send basic notification email to: 3. Enter the following payload: " and Save...

Connection Quality Indicator

Connection Quality Indicator Created: Feb 15, 2017 Updated: Oct 16, 2024 SHA 256 Checksum: c79d1dfdfe50b1386a334b4d78f78ced25eb61b8091a2bc8b33f9d9b9014dbd2 Please provide feedback or enhancement requests at https://forms.gle/TwWrKPT6J8u7GdKA6. Description The Connection Quality Indicator CQI is a...

CVE-2019-9407

In notification management of the service manager, there is a possible permissions bypass. This could lead to local escalation of privilege by preventing user notification, with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions:...

CVE-2019-9407

In notification management of the service manager, there is a possible permissions bypass. This could lead to local escalation of privilege by preventing user notification, with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions:...

CVE-2019-9407

In notification management of the service manager, there is a possible permissions bypass. This could lead to local escalation of privilege by preventing user notification, with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions:...

CVE-2019-9407

CVE-2019-9407 affects the Android 10 Framework (notification management) and enables a local elevation of privilege by bypassing notification permissions, allowing a user-impacting privilege gain without user interaction. The issue is categorized as EoP with high impact (confidentiality, integrit...

CVE-2018-9276

An issue was discovered in PRTG Network Monitor before 18.2.39. An attacker who has access to the PRTG System Administrator web console with administrative privileges can exploit an OS command injection vulnerability both on the server and on devices by sending malformed parameters in sensor or...

Design/Logic Flaw

core/emailapi.php in MantisBT before 1.2.12 does not properly manage the sending of e-mail notifications about restricted bugs, which might allow remote authenticated users to obtain sensitive information by adding a note to a bug before losing permission to view that bug...