ELADMIN 安全漏洞

ELADMIN is a backend management system developed by elunez’s individual developer. Versions of ELADMIN 2.7 and earlier contained security vulnerabilities. These vulnerabilities stemmed from a vulnerability allowing arbitrary user password resets, which could lead to password resets at any user...

CVE-2020-10088

GitLab 12.5 through 12.8.1 has Insecure Permissions. Depending on particular group settings, it was possible for invited groups to be given the incorrect permission level...

BIT-MOODLE-2025-62395 Moodle: external cohort search service leaks system cohort data

A flaw in the cohort search web service allowed users with permissions in lower contexts to access cohort information from the system context, revealing restricted administrative data...

EUVD-2016-9249

Malware in sbrugna...

EUVD-2016-9317

Malware in sbrugna...

EUVD-2016-9254

Malware in sbrugna...

EUVD-2017-0886

Malware in sbrugna...

EUVD-2022-5623

Malicious code in bioql PyPI...

Matrix Rust SDK 安全漏洞

Matrix Rust SDK is an open source Rust-based Matrix client server development toolkit from The Matrix.org Foundation. A security vulnerability exists in versions of the Matrix Rust SDK prior to 0.14.1, which stems from a potential panic that could be triggered when dealing with permission levels ...

Linux Distros Unpatched Vulnerability : CVE-2017-0334

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An information disclosure vulnerability in the NVIDIA GPU driver could enable a local malicious application to access data outside of its permission levels. Thi...

CVE-2025-41365 Code injection vulnerability in IDF and ZLF

Code injection vulnerability in IDF v0.10.0-0C03-03 and ZLF v0.10.0-0C03-04. This vulnerability allows an attacker to store malicious payload in software that will run in the victim's browser. Exploiting this vulnerability requires authenticating to the device and executing certain commands that...

CVE-2020-11975

Apache Unomi allows conditions to use OGNL scripting which offers the possibility to call static Java classes from the JDK that could execute code with the permission level of the running Java process...

CVE-2023-27294

Improper neutralization of input during web page generation allows an authenticated attacker with access to a restricted account to submit malicious Javascript as the description for a calendar event, which would then be executed in other users' browsers if they browse to that event. This could...

CVE-2023-27294

Improper neutralization of input during web page generation allows an authenticated attacker with access to a restricted account to submit malicious Javascript as the description for a calendar event, which would then be executed in other users' browsers if they browse to that event. This could...

Huawei Data Communication: Configuring Secure User Authentication Modes and Permission Levels

Configure user rights in the user-interface VTY view. In password authentication mode, this permission is the actual login permission. In AAA authentication mode, this parameter takes effect if no user rights are configured on the AAA server. Configuring password authentication on the VTY is...

Information disclosure

An information disclosure vulnerability in Bluetooth component could enable a local malicious application to access data outside of its permission levels. This issue is rated as High because it is a general bypass for operating system protections that isolate application data from other...

CVE-2017-0647

An information disclosure vulnerability in libziparchive could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it could be used to access sensitive data without permission. Product: Android. Versions: 5.0.2, 5.1.1, 6.0,...

Information disclosure

An information disclosure vulnerability in the Synaptics touchscreen driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Low because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10,...

Information disclosure

An information disclosure vulnerability in the kernel ION subsystem could enable a local malicious application to access data outside of its permission levels. This issue is rated as Low because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.18. Android...

CVE-2017-0651

An information disclosure vulnerability in the kernel ION subsystem could enable a local malicious application to access data outside of its permission levels. This issue is rated as Low because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.18. Android...