GHSA-5WW9-JG6Q-38R7 File Browser: Cross-user unauthorized share-link deletion via unbounded prefix match in DeleteWithPathPrefix

Summary A low-privileged authenticated user of filebrowser with create + delete permissions in their own isolated scope can silently destroy share-link records belonging to any other user — including the administrator — by performing a legitimate DELETE on a file in their own directory whose...

CVE-2026-1346 Security Vulnerabilities have been found in IBM Verify Identity Access and IBM Security Verify Access

IBM Verify Identity Access Container 11.0 through 11.0.2 and IBM Security Verify Access Container 10.0 through 10.0.9.1 and IBM Verify Identity Access 11.0 through 11.0.2 and IBM Security Verify Access 10.0 through 10.0.9.1 could allow a locally authenticated user to escalate their privileges to...

ROS-20260317-73-0031

A vulnerability in the cloneprivatemnt function of the Linux kernel is related to insecure privilege management. Exploitation of the vulnerability allows an intruder to affect the integrity and availability of protected information...

CVE-2025-40571

A vulnerability has been identified in Mendix OIDC SSO Mendix 10.12 compatible All versions V4.0.1, Mendix OIDC SSO Mendix 9 compatible All versions V3.3.1, Mendix OIDC SSO V4.2 Mendix 10 compatible All versions V4.2.1, Mendix OIDC SSO V4.3 Mendix 10 compatible All versions. The Mendix OIDC SSO...

Exploit for CVE-2025-63955

CVE-2025-63955 – Cross-Site Request Forgery CSRF leading t...

CVE-2025-6894

CVE-2025-6894 is a documented API authorization flaw in Moxa network security appliances/routers that allows a low-privileged, authenticated user to execute an administrative ping, potentially enabling internal network reconnaissance and limited impact to device confidentiality/availability. Rela...

EUVD-2019-1130

Malware in sbrugna...

EUVD-2012-1977

Malware in sbrugna...

EUVD-2025-14675

Malicious code in bioql PyPI...

Security Bulletin: TOCTOU Race Condition in gosnowflake Logging Configuration Allows Local Privilege Misuse (Fixed in 1.13.3), affects watsonx.data

Summary gosnowflake is the Snowflake Golang driver. Versions starting from 1.7.0 to before 1.13.3, are vulnerable to a Time-of-Check to Time-of-Use TOCTOU race condition. When using the Easy Logging feature on Linux and macOS, the Driver reads logging configuration from a user-provided file. On...

The vulnerability of the Core component of the Oracle VM VirtualBox software allows a hacker to gain unauthorized access to protected information.

The vulnerability of the Core component of the Oracle VM VirtualBox software relates to insecure management of privileges. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

CVE-2025-40571

A vulnerability has been identified in Mendix OIDC SSO Mendix 10.12 compatible All versions V4.0.1, Mendix OIDC SSO Mendix 9 compatible All versions V3.3.1, Mendix OIDC SSO V4.2 Mendix 10 compatible All versions V4.2.1, Mendix OIDC SSO V4.3 Mendix 10 compatible All versions. The Mendix OIDC SSO...

CVE-2025-40571

A vulnerability has been identified in Mendix OIDC SSO Mendix 10.12 compatible All versions V4.0.1, Mendix OIDC SSO Mendix 9 compatible All versions V3.3.1, Mendix OIDC SSO V4.2 Mendix 10 compatible All versions V4.2.1, Mendix OIDC SSO V4.3 Mendix 10 compatible All versions. The Mendix OIDC SSO...

CVE-2025-40571

A vulnerability has been identified in Mendix OIDC SSO Mendix 10.12 compatible All versions V4.0.1, Mendix OIDC SSO Mendix 9 compatible All versions V3.3.1, Mendix OIDC SSO V4.2 Mendix 10 compatible All versions V4.2.1, Mendix OIDC SSO V4.3 Mendix 10 compatible All versions. The Mendix OIDC SSO...

CVE-2025-40571

A vulnerability has been identified in Mendix OIDC SSO Mendix 10.12 compatible All versions V4.0.1, Mendix OIDC SSO Mendix 9 compatible All versions V3.3.1, Mendix OIDC SSO V4.2 Mendix 10 compatible All versions V4.2.1, Mendix OIDC SSO V4.3 Mendix 10 compatible All versions. The Mendix OIDC SSO...

CVE-2025-40571

The CVE-2025-40571 affects the Mendix OIDC SSO module. In Mendix 10 compatible builds it affects all versions < 4.1.0; in Mendix 10.12 compatible builds it affects all versions < 4.0.1; in Mendix 9 compatible builds it affects all versions

PT-2025-20866 · Mendix · Mendix Oidc Sso

Name of the Vulnerable Software and Affected Versions: Mendix OIDC SSO Mendix 10 compatible versions prior to V4.0.0 Mendix OIDC SSO Mendix 9 compatible affected versions not specified Description: A vulnerability has been identified in the Mendix OIDC SSO module, which grants read and write acce...

Siemens Mendix OIDC SSO

SUMMARY The Mendix OIDC SSO module grants read and write access to all tokens exclusively to the Administrator role and could result in privilege misuse by an adversary modifying the module during Mendix development. Siemens has released a new version for Mendix OIDC SSO and recommends to update...

mysql: Privilege Misuse in MySQL Server Security Component

A flaw was found in MySQL Server component: Security: Privileges. This issue can allow unauthorized update, insert, or delete access to MySQL Server data and unauthorized read access to a subset of data via multiple protocols...

Intel 800 Series Ethernet Driver 安全漏洞

Intel 800 Series Ethernet Driver is a driver from Intel Corporation USA. A security vulnerability exists in Intel 800 Series Ethernet Driver versions prior to 1.15.4, which arises from the implementation of incorrectly assigned privileges that could allow an authenticated user to disclose...