EUVD-2025-25316

Malicious code in bioql PyPI...

CVE-2025-1139

IBM Edge Application Manager 4.5 could allow a local user to read or modify resources that they should not have authorization to access due to incorrect permission assignment...

CVE-2024-39954

CVE-2024-39954 refers to a Server-Side Request Forgery (SSRF) in the Apache EventMesh project, specifically in the eventmesh-runtime module’s WebhookUtil.java. The vulnerability affects the WebhookUtil.java functionality that could allow an attacker to read or modify internal resources on affecte...

CVE-2023-3622

Access Control Bypass Vulnerability in the SolarWinds Platform that allows an underprivileged user to read arbitrary resource...

CVE-2022-30572

The iWay Service Manager Console component of TIBCO Software Inc.'s TIBCO iWay Service Manager contains an easily exploitable Directory Traversal vulnerability that allows a low privileged attacker with network access to read arbitrary resources on the affected system. Affected releases are TIBCO...

Shopware 代码问题漏洞

Shopware is a suite of open source e-commerce software from the German company Shopware. A security vulnerability exists in Shopware that allows an attacker to abuse the Admin SDK functionality on the server to read or update internal resources...

IBM Security Guardium Resource Error Vulnerability

IBM Security Guardium is a suite of platforms from IBM in the United States that provide data protection capabilities. The platform includes features such as custom UI, report management and streamlined audit process building. A resource error vulnerability exists in IBM Security Guardium. An...

Downloads Resources over HTTP

Overview Affected versions of geoip-lite-country insecurely downloads resources over HTTP. In scenarios where an attacker has a privileged network position, they can modify or read such resources at will. While the exact severity of impact for a vulnerability like this is highly variable and...