EUVD-2026-11206

Argo Workflows: WorkflowTemplate Security Bypass via podSpecPatch in Strict/Secure Reference Mode...

GHSA-C2FF-88X2-X9PG JWT Algorithm Confusion

Summary The fast-jwt library does not properly prevent JWT algorithm confusion for all public key types. Details The 'publicKeyPemMatcher' in 'fast-jwt/src/crypto.js' does not properly match all common PEM formats for public keys. To exploit this vulnerability, an attacker needs to craft a...

CVE-2023-21244

In visitUris of Notification.java, there is a possible bypass of user profile boundaries due to a missing permission check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation...

CVE-2010-4664

In ConsoleKit before 0.4.2, an intended security policy restriction bypass was found. This flaw allows an authenticated system user to escalate their privileges by initiating a remote VNC session...

SendStudio 4.0.1 Cross Site Scripting and Security Bypass Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/37554/info SendStudio also called Email Marketer is prone to a cross-site scripting issue and a security-bypass issue. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecti...