4 matches found
EUVD-2025-36491
In the Linux kernel, the following vulnerability has been resolved: fbdev: simplefb: Fix use after free in simplefbdetachgenpds The pmdomain cleanup can not be devres managed as it uses struct simplefbpar which is allocated within struct fbinfo by framebufferalloc. This allocation is explicitly...
The vulnerability of the dsUnclaimHub command on the OvrC Pro cloud-based IT infrastructure management platform allows a hacker to gain unauthorized access to add or remove network devices.
The vulnerability of the dsUnclaimHub command on the OvrC Pro IT-infrastructure management cloud platform relates to the ability to send requests to the database without going through authentication procedures. Exploiting this vulnerability could allow a malicious actor to gain unauthorized acces...
Unauthorized Postings And Removals
keycloak-services is vulnerable to unauthorized postings and removals. Posting different credential IDs can be done by using the remove devices form, subsequently possibly to perform unauthorized removal of MFA devices of other users...
PT-2020-12283 · Red Hat · Keycloak
Name of the Vulnerable Software and Affected Versions: Keycloak versions 8.0.2 through 9.0.0 Description: A flaw was found where a malicious user can register as oneself and then use the "remove devices" form to post different credential IDs with the hope of removing MFA devices for other users...