CVE-2026-22814 Mass Assignment in AdonisJS Lucid Allows Overwriting Internal ORM State

@adonisjs/lucid is an SQL ORM for AdonisJS built on top of Knex. Prior to 21.8.2 and 22.0.0-next.6, there is a Mass Assignment vulnerability in AdonisJS Lucid which may allow a remote attacker who can influence data that is passed into Lucid model assignments to overwrite the internal ORM state...

EUVD-2023-1024

Malicious code in bioql PyPI...

Improper Access Control

ezsystems and ibexa/core are vulnerable to Improper Access Control. A remote attacker is able to bypass permissions and access unauthorized content due to faulty policy logic which doesn't limit the access to contents based on specific object state values...

Access control issue in ezsystems/ezpublish-kernel

Access control based on object state is mishandled. This is a policy you can use in your roles to limit access to content based on specific object state values. Due to a flawed earlier update, these limitations were ineffective in releases made since February 16th 2022. They would grant access to...

GHSA-H5V2-WRHP-5V35 Access control issue in ezsystems/ezpublish-kernel

Access control based on object state is mishandled. This is a policy you can use in your roles to limit access to content based on specific object state values. Due to a flawed earlier update, these limitations were ineffective in releases made since February 16th 2022. They would grant access to...

CVE-2022-48367

An issue was discovered in eZ Publish Ibexa Kernel before 7.5.28. Access control based on object state is mishandled...

CVE-2022-48367

An issue was discovered in eZ Publish Ibexa Kernel before 7.5.28. Access control based on object state is mishandled...

Design/Logic Flaw

An issue was discovered in eZ Publish Ibexa Kernel before 7.5.28. Access control based on object state is mishandled...

CVE-2022-48367

An issue was discovered in eZ Publish Ibexa Kernel before 7.5.28. Access control based on object state is mishandled...

SUSE CVE-2015-0820

Mozilla Firefox before 36.0 does not properly restrict transitions of JavaScript objects from a non-extensible state to an extensible state, which allows remote attackers to bypass a Caja Compiler sandbox protection mechanism or a Secure EcmaScript sandbox protection mechanism via a crafted web...

Object state limitation has no effect

Object state limitation is a policy you can use in your roles to limit access to content based on specific object state values. Due to a flawed earlier update, these limitations were ineffective in releases made since February 16th 2022. They would grant access to the given content regardless of...

GHSA-W8QP-HMH5-4V9V Object state limitation has no effect

Object state limitation is a policy you can use in your roles to limit access to content based on specific object state values. Due to a flawed earlier update, these limitations were ineffective in releases made since February 16th 2022. They would grant access to the given content regardless of...

GHSA-GVJ8-4CJ4-H776 Object state limitation has no effect

Object state limitation is a policy you can use in your roles to limit access to content based on specific object state values. Due to a flawed earlier update, these limitations were ineffective in releases made since February 16th 2022. They would grant access to the given content regardless of...

Object state limitation has no effect

Object state limitation is a policy you can use in your roles to limit access to content based on specific object state values. Due to a flawed earlier update, these limitations were ineffective in releases made since February 16th 2022. They would grant access to the given content regardless of...

GHSA-5X4F-7XGQ-R42X Object state limitation has no effect

Object state limitation is a policy you can use in your roles to limit access to content based on specific object state values. Due to a flawed earlier update, these limitations were ineffective in releases made since February 16th 2022. They would grant access to the given content regardless of...

Object state limitation has no effect

Object state limitation is a policy you can use in your roles to limit access to content based on specific object state values. Due to a flawed earlier update, these limitations were ineffective in releases made since February 16th 2022. They would grant access to the given content regardless of...

PT-2023-15742

Name of the Vulnerable Software and Affected Versions eZ Publish Ibexa Kernel versions prior to 7.5.28 Description An issue was discovered where access control based on object state is mishandled. This issue affects a policy used in roles to limit access to content based on specific object state...

Mozilla: Script Execution during invalid object state

The Mozilla Foundation Security Advisory describes this flaw as: When a worker was shut down, it was possible to cause the script to run late in the lifecycle, at a point where it should not be possible...

Mozilla: Script Execution during invalid object state

The Mozilla Foundation Security Advisory describes this flaw as: When a worker was shut down, it was possible to cause the script to run late in the lifecycle, at a point where it should not be possible...

Mozilla: Script Execution during invalid object state

The Mozilla Foundation Security Advisory describes this flaw as: When a worker was shut down, it was possible to cause the script to run late in the lifecycle, at a point where it should not be possible...