EUVD-2025-23657

Malicious code in bioql PyPI...

CVE-2025-32430 XWiki Platform contains Reflected XSS vulnerability in two templates

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. In versions 4.2-milestone-3 through 16.4.7, 16.5.0-rc-1 through 16.10.5 and 17.0.0-rc-1 through 17.2.2, two templates contain reflected XSS vulnerabilities, allowing an attacker to execute...

Mattermost Security Vulnerabilities

Mattermost is an open source collaboration platform from Mattermost, Inc. in the United States. Mattermost suffers from a security vulnerability that stems from an inability to update permissions for the current session for a user who has just been downgraded to a guest, allowing the newly...

SUSE CVE-2017-11422

Statamic framework before 2.6.0 does not correctly check a session's permissions when the methods from a user's class are called. Problematic methods include reset password, create new account, create new role, etc...

ZKSecurity BIO 3.0.5.0_R Privilege Escalation Vulnerability

ADVISORY INFORMATION Product: ZKSecurity BIO Vendor: ZKTeco Version Affected: 3.0.5.0R CVE: CVE-2022-36634 Vulnerability: User privilege escalation CREDIT This vulnerability was discovered and researched by Caio Burgardt and Silton Santos. INTRODUCTION Based on the hybrid biometric technology and...

ZKSecurity BIO 3.0.5.0_R Privilege Escalation

ADVISORY INFORMATION Product: ZKSecurity BIO Vendor: ZKTeco Version Affected: 3.0.5.0R CVE: CVE-2022-36634 Vulnerability: User privilege escalation CREDIT This vulnerability was discovered and researched by Caio Burgardt and Silton Santos. INTRODUCTION Based on the hybrid biometric technology and...

CVE-2017-11422

Statamic framework before 2.6.0 does not correctly check a session's permissions when the methods from a user's class are called. Problematic methods include reset password, create new account, create new role, etc...

Default credentials

Statamic framework before 2.6.0 does not correctly check a session's permissions when the methods from a user's class are called. Problematic methods include reset password, create new account, create new role, etc...

CVE-2017-11422

Statamic framework before 2.6.0 does not correctly check a session's permissions when the methods from a user's class are called. Problematic methods include reset password, create new account, create new role, etc...

CVE-2017-11422

Statamic framework before 2.6.0 does not correctly check a session's permissions when the methods from a user's class are called. Problematic methods include reset password, create new account, create new role, etc...

CVE-2017-11422

CVE-2017-11422 affects Statamic framework prior to 2.6.0, where session permission checks are insufficient when methods from a user’s class are invoked (e.g., reset password, create account, create role). This can allow actions beyond intended privileges. The issue is fixed in 2.6.0; upgrade to t...

Fedora 7 : kdelibs-3.5.7-20.fc7 (2007-1699)

This update primarily addresses problems with URL spoofing and consolekit/session permissions. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possibl...