PT-2026-37656

A vulnerability in the log file download functionality of Cisco Prime Infrastructure could allow an authenticated, remote attacker to download arbitrary log files from the server. This vulnerability is due to insufficient authorization checks on the download service API. An attacker could exploit...

EUVD-2026-22152

Due to missing authorization checks in the SAP S/4HANA frontend OData Service Manage Reference Structures, an attacker could update and delete child entities via exposed OData services without proper authorization. This vulnerability has a high impact on integrity, while confidentiality and...

cc.chensoul.nacos:nacos-distribution (=2.5.2), com.buession.security:buession-security-spring (>=3.0.0 <=3.0.1) +521 more potentially affected by CVE-2026-22732 via org.springframework.security:spring-security-web (>=5.8.0 <=5.8.16)

org.springframework.security:spring-security-web MAVEN version =5.8.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =5.12.0, =5.12.0, =1.48.0, =1.48.0, =1.48.0, =2.4.0, =2.4.0, =2.4.0, =4.5.0, =4.5.0, =4.5.1 and more Source cves: CVE-2026-22732 Source advisory: OSV:GHSA-MF92-479X-3373...

CVE-2023-43645

OpenFGA is an authorization/permission engine built for developers and inspired by Google Zanzibar. OpenFGA is vulnerable to a denial of service attack when certain Check calls are executed against authorization models that contain circular relationship definitions. When the call is made, it's...

EUVD-2022-46466

Malicious code in bioql PyPI...

Cisco Nexus Dashboard和Cisco Nexus Dashboard Fabric Controller 安全漏洞

Cisco Nexus Dashboard and Cisco Nexus Dashboard Fabric Controller are both products of Cisco, Inc.Cisco Nexus Dashboard is a single console. Cisco Nexus Dashboard is a single console that simplifies the operation and management of data center networks.Cisco Nexus Dashboard Fabric Controller is a...

Cisco Nexus Dashboard和Cisco Nexus Dashboard Fabric Controller 安全漏洞

Cisco Nexus Dashboard and Cisco Nexus Dashboard Fabric Controller are both products of Cisco, Inc.Cisco Nexus Dashboard is a single console. Cisco Nexus Dashboard is a single console that simplifies the operation and management of data center networks.Cisco Nexus Dashboard Fabric Controller is a...

Linux Distros Unpatched Vulnerability : CVE-2020-13284

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. API Authorization Using Outdated CI Job Token CVE-2020-13284 Note that Ness...

NCR Atleos Terminal Handler 安全漏洞

NCR Atleos Terminal Handler is an ATM enterprise software solution from NCR Atleos that reduces costs, improves business agility and increases your competitive advantage. A security vulnerability exists in NCR Atleos Terminal Handler version 1.5.1, which stems from improper authorization of SOAP...

CVE-2023-42541

Improper authorization in PushClientProvider of Samsung Push Service prior to version 3.4.10 allows attacker to access unique id...

Soffid Console 安全漏洞

Soffid Console is a console management software from the Spanish company Soffid. A security vulnerability exists in Soffid Console versions prior to 3.6.32, which stems from improper handling of pam service authorization...

AppHouseKitchen AlDente 安全漏洞

AppHouseKitchen AlDente is a battery charging restriction software from AppHouseKitchen. A security vulnerability exists in AppHouseKitchen AlDente version 1.29 and earlier, which stems from improper authorization of the XPC service and allows localhost attacks...

cc.chensoul.nacos:nacos-distribution (=2.5.2), cn.sparrowmini:sparrow-org-service (=0.0.1) +625 more potentially affected by CVE-2023-20862 via org.springframework.security:spring-security-core (>=5.8.0 <=5.8.2)

org.springframework.security:spring-security-core MAVEN version =5.8.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =5.12.0, =5.12.0, =1.48.0, =1.48.0, =1.48.0, =2.4.0, =2.4.0, =2.4.0, =2.6.0 and more Source cves: CVE-2023-20862 Source advisory: OSV:GHSA-X873-6RGC-94JC...

SDM600 安全漏洞

ABB SDM600 is a system data manager from ABB Switzerland. A security vulnerability exists in SDM600 versions prior to 1.2.23000.291, which stems from the presence of a service authorization validation vulnerability that can be exploited by an attacker to access sensitive data by reading directly...

PT-2021-4125 · Tor +4 · Tor +4

Name of the Vulnerable Software and Affected Versions: Tor versions prior to 0.4.6.5 Description: The issue is related to errors in authorization, allowing a remote attacker to cause a denial of service. An attacker can forge RELAY END or RELAY RESOLVED to bypass the intended access control for...

SALTO ProAccess SPACE 5.5 Traversal / File Write / XSS / Bypass

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Multiple Critical Vulnerabilities product: SALTO ProAccess SPACE vulnerable version: = v5.6 CVE number: CVE-2019-19457, CVE-2019-19458, CVE-2019-19459, CVE-2019-19460...

RedHat Update for polkit RHSA-2016:0189-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...