OpenClaw 访问控制错误漏洞

OpenClaw is an intelligent artificial assistant open-sourced by OpenClaw. OpenClaw suffers from an access control error vulnerability. The vulnerability stems from a mismatch between rawCommand and command in the node host system.run handler, which can be exploited by an attacker to cause the...

Authorization Bypass

github.com/openfga/openfga is vulnerable to authorization bypass. The vulnerability is due to incorrect permission evaluation when usersets and type-bound public access overlap without proper tuple assignments, allowing attackers unauthorized resource access or actions...

Quarkus HTTP vulnerable to incorrect evaluation of permissions

A flaw was found in Quarkus where HTTP security policies are not sanitizing certain character permutations correctly when accepting requests, resulting in incorrect evaluation of permissions. This issue could allow an attacker to bypass the security policy altogether, resulting in unauthorized...

Microsoft ASP.NET Application Folder Information Disclosure Vulnerability

Description ASP.NET is prone to an information-disclosure vulnerability. This issue is due to a failure in the applications to properly validate user-supplied input. An attacker can exploit this issue to retrieve potentially sensitive information. Information retrieved may aid in further attacks...