45 matches found
Google Pixel 安全漏洞
The Google Pixel is a smartphone produced by Google Inc. The Google Pixel has a security vulnerability, which stems from memory corruption in the usimSendMCCMNCIndMsg function, leading to out-of-bounds writes and potentially allowing for elevation of physical permissions...
CVE-2025-14604
IBM Storage Scale IBM S through rage Scale 5.2.3.0 - 5.2.3.5, and IBM S through rage Scale 6.0.0.0 - 6.0.0.1 could allow a local user to unintentionally trigger additional permissions for resources in a way that allows that resource to be executed by unintended actors...
CVE-2026-27112
Kargo manages and automates the promotion of software artifacts. From 1.7.0 to before v1.7.8, v1.8.11, and v1.9.3, the batch resource creation endpoints of both Kargo's legacy gRPC API and newer REST API accept multi-document YAML payloads. Specially crafted payloads can manifest a bug present in...
Apache NiFi 安全漏洞
Apache NiFi is a data processing and distribution system developed by the Apache Foundation in the United States. This system is primarily used for data routing, transformation, and intermediate logic within the system. There are security vulnerabilities in Apache NiFi versions 1.1.0 to 2.7.2...
immich security vulnerability
immich is a high-performance, open-source self-hosted solution for managing photos and videos. Versions of immich prior to 2.5.0 contained security vulnerabilities. These vulnerabilities stemmed from the fact that API keys could elevate their own permissions by calling the update endpoint, allowi...
EUVD-2025-202594
Form.io is a combined Form and API platform for Serverless applications. Versions 3.5.6 and below and 4.0.0-rc.1 through 4.4.2 contain a flaw in path handling which could allow an attacker to access protected API endpoints by sending a crafted request path. An unauthenticated or unauthorized...
CVE-2025-53939
Kiteworks is a private data network PDN. Prior to version 9.1.0, improper input validation when managing roles of a shared folder could lead to unexpectedly elevate another user's permissions on the share. This issue has been patched in version 9.1.0...
CVE-2025-53939 Kiteworks Core is vulnerable to Improper Input Validation
Kiteworks is a private data network PDN. Prior to version 9.1.0, improper input validation when managing roles of a shared folder could lead to unexpectedly elevate another user's permissions on the share. This issue has been patched in version 9.1.0...
CVE-2025-53939 Kiteworks Core is vulnerable to Improper Input Validation
Kiteworks is a private data network PDN. Prior to version 9.1.0, improper input validation when managing roles of a shared folder could lead to unexpectedly elevate another user's permissions on the share. This issue has been patched in version 9.1.0...
CVE-2025-53939
Kiteworks Core (PDN) prior to version 9.1.0 contains an input validation flaw when managing roles on a shared folder, which could allow elevation of another user’s permissions on that share. The issue is fixed in version 9.1.0. Exploitation details are not provided in the available documents.
CVE-2025-53939 Kiteworks Core is vulnerable to Improper Input Validation
Kiteworks is a private data network PDN. Prior to version 9.1.0, improper input validation when managing roles of a shared folder could lead to unexpectedly elevate another user's permissions on the share. This issue has been patched in version 9.1.0...
PT-2025-48362
Kiteworks is a private data network PDN. Prior to version 9.1.0, improper input validation when managing roles of a shared folder could lead to unexpectedly elevate another user's permissions on the share. This issue has been patched in version 9.1.0...
EUVD-2019-0877
Malware in sbrugna...
EUVD-2018-2580
Malware in sbrugna...
EUVD-2019-17021
Malware in sbrugna...
EUVD-2021-20864
Malware in sbrugna...
EUVD-2021-22581
Malware in sbrugna...
EUVD-2019-7569
Malware in sbrugna...
EUVD-2022-32150
Malicious code in bioql PyPI...
EUVD-2023-12960
Malicious code in bioql PyPI...