12 matches found
CVE-2025-65034 Rallly Improper Authorization Allows Reopening of Any Finalized Poll via Public pollId
Rallly is an open-source scheduling and collaboration tool. Prior to version 4.5.4, an improper authorization vulnerability allows any authenticated user to reopen finalized polls belonging to other users by manipulating the pollId parameter. This can disrupt events managed by other users and...
CVE-2025-65034 Rallly Improper Authorization Allows Reopening of Any Finalized Poll via Public pollId
Rallly is an open-source scheduling and collaboration tool. Prior to version 4.5.4, an improper authorization vulnerability allows any authenticated user to reopen finalized polls belonging to other users by manipulating the pollId parameter. This can disrupt events managed by other users and...
Security update for chrony
This update for chrony fixes the following issues: Update to version 4.8: Add maxunreach option to limit selection of unreachable sources Add -u option to chronyc to drop root privileges default chronyc user is set by configure script Fix refclock extpps option to work on Linux = 6.15 Validate...
EUVD-2021-31639
Malicious code in bioql PyPI...
CVE-2020-11250
Use after free due to race condition when reopening the device driver repeatedly in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure...
reclaimLiquidity() Malicious borrowers can force LPs to be unable to retrieve Liquidity by closing and reopening the Position before it expires.
Lines of code Vulnerability details Vulnerability details If LP wants to retrieve the Liquidity that has been lent out, it can set a renewalCutoffTime through reclaimLiquidity. If the borrower does not voluntarily close, liquidatePosition can be used to forcibly close the position after the loan...
CVE-2021-44836
An issue was discovered in Delta RM 1.2. The /risque/risque/workflow/reset endpoint is lacking access controls, and it is possible for an unprivileged user to reopen a risk with a POST request, using the risqueID parameter to identify the risk to be re-opened...
Delta RM 安全漏洞
Delta Rm is a simple and effective risk management from Delta Rm France. It is used to simplify risk management methods and save time. A security vulnerability exists in Delta RM 1.2 that stems from the lack of access control on an insecure workflow reset endpoint and the fact that an unauthorize...
Linux kernel post-release reuse vulnerability (CNVD-2021-24270)
The Linux kernel is a computer operating system kernel written in C and assembly language, compliant with the POSIX standard, and distributed under the GNU General Public License. A post-release reuse vulnerability exists in drivers/vhost/vdpa.c in Linux kernel versions prior to 5.11.9. The...
AZL-6548 CVE-2021-29266 affecting package kernel for versions less than 5.10.78.1-1
An issue was discovered in the Linux kernel before 5.11.9. drivers/vhost/vdpa.c has a use-after-free because v-configctx has an invalid value upon re-opening a character device, aka CID-f6bbf0010ba0...
Phone Hacker Forced to Disclose name, Who Told Him to Hack !
Phone Hacker Forced to Disclose name, Who Told Him to Hack ! Court tells private investigator he must identify 'News of the World' executives who asked him to intercept voicemails. A private detective jailed for illegally intercepting voice-mail messages on behalf of a journalist at one of Rupert...
OpenBSD file reopening privilege escalation
No description provided...