Incorrect Authorization

Overview Affected versions of this package are vulnerable to Incorrect Authorization. An attacker can gain unauthorized access to restricted organization or application editing interfaces by manipulating URLs after authentication. Remediation Upgrade github.com/casdoor/casdoor/controllers to...

Incorrect Authorization

Overview Affected versions of this package are vulnerable to Incorrect Authorization. An attacker can gain unauthorized access to restricted organization or application editing interfaces by manipulating URLs after authentication. Remediation Upgrade github.com/casdoor/casdoor/authz to version...

VulnCheck KEV: CVE-2025-25231

Omnissa Workspace ONE UEM contains a Secondary Context Path Traversal Vulnerability. A malicious actor may be able to gain access to sensitive information by sending crafted GET requests read-only to restricted API endpoints...

SUSE CVE-2013-0198

Dnsmasq before 2.66test2, when used with certain libvirt configurations, replies to queries from prohibited interfaces, which allows remote attackers to cause a denial of service traffic amplification via spoofed TCP based DNS queries. NOTE: this vulnerability exists because of an incomplete fix...

CVE-2019-3949

Arlo Basestation firmware 1.12.0.127940 and prior firmware contain a networking misconfiguration that allows access to restricted network interfaces. This could allow an attacker to upload or download arbitrary files and possibly execute malicious code on the device...

libvirt+dnsmasq: DNS configured to answer DNS queries from non-virtual networks

Dnsmasq before 2.63test1, when used with certain libvirt configurations, replies to requests from prohibited interfaces, which allows remote attackers to cause a denial of service traffic amplification via a spoofed DNS query...