5 matches found
Authorization Bypass Through User-Controlled Key
Overview Affected versions of this package are vulnerable to Authorization Bypass Through User-Controlled Key via a permissive API. An attacker can retrieve unauthorized workflow definitions by specifying their names through crafted API requests. Remediation Upgrade...
CVE-2019-15033
Pydio 6.0.8 allows Authenticated SSRF during a Remote Link Feature download. An attacker can specify an intranet address in the file parameter to index.php, when sending a file to a remote server, as demonstrated by the file=http%3A%2F%2F192.168.1.2 substring...
Linux kernel 资源管理错误漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel version 6.0.8, which stems from the presence of post-release reuse...
CVE-2019-19705
Realtek Audio Drivers for Windows, as used on the Lenovo ThinkPad X1 Carbon 20A7, 20A8, 20BS, and 20BT before 6.0.8882.1 and 20KH and 20KG before 6.0.8907.1 and on many other Lenovo and non-Lenovo products, mishandles DLL preloading...
Samsung Members 安全漏洞
Samsung Members is a community platform app from Samsung South Korea, Inc. An access control error vulnerability exists in versions prior to Samsung Members 13.6.08.5, which stems from a lack of proper access validation logic. A local attacker could exploit the vulnerability to execute the call...