Operation on a Resource after Expiration or Release

Overview Affected versions of this package are vulnerable to Operation on a Resource after Expiration or Release due to the failure to enforce the PostEditTimeLimit in the post patch and update API endpoints. An attacker can alter file attachments, properties, and pin status of posts after the...

IBM Aspera Security Bypass Vulnerability (CNVD-2024-38533)

IBM Aspera is a set of fast file transfer and streaming solutions built on the IBM FASP protocol from International Business Machines IBM. A security bypass vulnerability exists in IBM Aspera versions 5.0.0 through 5.0.9, which can be exploited by an attacker to bypass intended access restriction...

IBM Aspera Security Bypass Vulnerability

IBM Aspera is a set of fast file transfer and streaming solutions built on the IBM FASP protocol from International Business Machines IBM. A security bypass vulnerability exists in IBM Aspera versions 5.0.0 through 5.0.9, which can be exploited by an attacker to bypass intended access restriction...

CVE-2023-29018 OpenFeature Operator vulnerable to Cluster-level Privilege Escalation

The OpenFeature Operator allows users to expose feature flags to applications. Assuming the pre-existence of a vulnerability that allows for arbitrary code execution, an attacker could leverage the lax permissions configured on open-feature-operator-controller-manager to escalate the privileges o...

Open-Xchange App Suite 7.8.2 Cross Site Scripting

Product: OX App Suite Vendor: OX Software GmbH Internal reference: 46484 Bug ID Vulnerability type: Cross Site Scripting CWE-80 Vulnerable version: 7.8.2 and earlier Vulnerable component: frontend Report confidence: Confirmed Solution status: Fixed by Vendor Fixed version: 7.6.2-rev46, 7.6.3-rev1...