Lucene search
+L

12 matches found

Vulnrichment
Vulnrichment
added 2025/11/19 5:26 p.m.6 views

CVE-2025-65034 Rallly Improper Authorization Allows Reopening of Any Finalized Poll via Public pollId

Rallly is an open-source scheduling and collaboration tool. Prior to version 4.5.4, an improper authorization vulnerability allows any authenticated user to reopen finalized polls belonging to other users by manipulating the pollId parameter. This can disrupt events managed by other users and...

8.1CVSS6.3AI score0.00296EPSS
Exploits1References2
OSV
OSV
added 2025/11/19 5:26 p.m.6 views

CVE-2025-65034 Rallly Improper Authorization Allows Reopening of Any Finalized Poll via Public pollId

Rallly is an open-source scheduling and collaboration tool. Prior to version 4.5.4, an improper authorization vulnerability allows any authenticated user to reopen finalized polls belonging to other users by manipulating the pollId parameter. This can disrupt events managed by other users and...

8.1CVSS6.6AI score0.00296EPSS
Exploits1References4
SUSE Linux
SUSE Linux
added 2025/10/14 3:17 p.m.5 views

Security update for chrony

This update for chrony fixes the following issues: Update to version 4.8: Add maxunreach option to limit selection of unreachable sources Add -u option to chronyc to drop root privileges default chronyc user is set by configure script Fix refclock extpps option to work on Linux = 6.15 Validate...

6.9AI score
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2021-31639

Malicious code in bioql PyPI...

4.3CVSS5AI score0.00581EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2025/05/22 5:24 p.m.5 views

CVE-2020-11250

Use after free due to race condition when reopening the device driver repeatedly in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure...

7CVSS6.7AI score0.00111EPSS
Exploits0References1
Code423n4
Code423n4
added 2023/12/21 12:0 a.m.10 views

reclaimLiquidity() Malicious borrowers can force LPs to be unable to retrieve Liquidity by closing and reopening the Position before it expires.

Lines of code Vulnerability details Vulnerability details If LP wants to retrieve the Liquidity that has been lent out, it can set a renewalCutoffTime through reclaimLiquidity. If the borrower does not voluntarily close, liquidatePosition can be used to forcibly close the position after the loan...

7AI score
Exploits0
NVD
NVD
added 2022/01/18 8:15 p.m.21 views

CVE-2021-44836

An issue was discovered in Delta RM 1.2. The /risque/risque/workflow/reset endpoint is lacking access controls, and it is possible for an unprivileged user to reopen a risk with a POST request, using the risqueID parameter to identify the risk to be re-opened...

4.3CVSS0.00581EPSS
Exploits1References2
CNNVD
CNNVD
added 2022/01/18 12:0 a.m.4 views

Delta RM 安全漏洞

Delta Rm is a simple and effective risk management from Delta Rm France. It is used to simplify risk management methods and save time. A security vulnerability exists in Delta RM 1.2 that stems from the lack of access control on an insecure workflow reset endpoint and the fact that an unauthorize...

4.3CVSS5.6AI score0.00581EPSS
Exploits1References3
CNVD
CNVD
added 2021/03/29 12:0 a.m.17 views

Linux kernel post-release reuse vulnerability (CNVD-2021-24270)

The Linux kernel is a computer operating system kernel written in C and assembly language, compliant with the POSIX standard, and distributed under the GNU General Public License. A post-release reuse vulnerability exists in drivers/vhost/vdpa.c in Linux kernel versions prior to 5.11.9. The...

7.8CVSS6.4AI score0.00318EPSS
Exploits0References1
OSV
OSV
added 2021/03/26 10:15 p.m.4 views

AZL-6548 CVE-2021-29266 affecting package kernel for versions less than 5.10.78.1-1

An issue was discovered in the Linux kernel before 5.11.9. drivers/vhost/vdpa.c has a use-after-free because v-configctx has an invalid value upon re-opening a character device, aka CID-f6bbf0010ba0...

7.8CVSS6.7AI score0.00318EPSS
Exploits0References1
The Hacker News
The Hacker News
added 2011/08/22 5:18 a.m.9 views

Phone Hacker Forced to Disclose name, Who Told Him to Hack !

Phone Hacker Forced to Disclose name, Who Told Him to Hack ! Court tells private investigator he must identify 'News of the World' executives who asked him to intercept voicemails. A private detective jailed for illegally intercepting voice-mail messages on behalf of a journalist at one of Rupert...

6.9AI score
Exploits0
securityvulns
securityvulns
added 2006/01/05 12:0 a.m.22 views

OpenBSD file reopening privilege escalation

No description provided...

2.2AI score
Exploits0References1Affected Software1
Rows per page
Query Builder