EUVD-2019-15089

Malware in sbrugna...

CVE-2025-53077

An execution after redirect in Samsung DMSData Management Server allows attackers to execute limited functions without permissions. An attacker could compromise the integrity of the platform by executing this vulnerability...

CVE-2023-25552

A CWE-862: Missing Authorization vulnerability exists that could allow viewing of unauthorized content, changes or deleting of content, or performing unauthorized functions when tampering the Device File Transfer settings on DCE endpoints. Affected products: StruxureWare Data Center Expert V7.9.2...

Alkacon OpenCMS Improper Access Control via system/workplace/views/admin/admin-main.jsp

system/workplace/views/admin/admin-main.jsp in Alkacon OpenCms before 6.2.2 does not restrict access to administrator functions, which allows remote authenticated users to 1 send broadcast messages to all users /workplace/broadcast, 2 list all users /accounts/users, 3 add webusers...

Unauthorized functions in Ladle.sol and PoolRouter.sol

Handle gpersoon Vulnerability details Impact Both Ladle.sol and PoolRouter.sol contain a function batch, which gives access to several internal functions. Some of those functions call functions in other contracts which have an "auth" access control mechanism. However several internal functions ca...

Improper access control

VMware VMware Fusion 11.x before 11.0.3 contains a security vulnerability due to certain unauthenticated APIs accessible through a web socket. An attacker may exploit this issue by tricking the host user to execute a JavaScript to perform unauthorized functions on the guest machine where VMware...

VMWare Fusion APIs available without auth via web socket (CVE-2019-5514)

VMware Fusion 11.x before 11.0.3 contains a security vulnerability due to certain unauthenticated APIs accessible through a web socket. An attacker may exploit this issue by tricking the host user to execute a JavaScript to perform unauthorized functions on the guest machine where VMware Tools is...

Ruby 1.9 - Safe Level Multiple Function Restriction Bypass

Ruby 1.9 - Safe Level Multiple Function Restriction Bypass source: https://www.securityfocus.com/bid/30644/info Ruby is prone to multiple vulnerabilities that can be leveraged to bypass security restrictions or cause a denial of service: - Multiple security-bypass vulnerabilities occur because of...

Ruby 1.9 - WEBrick::HTTP::DefaultFileHandler Crafted HTTP Request Denial of Service

Ruby 1.9 - WEBrick::HTTP::DefaultFileHandler Crafted HTTP Request Denial of Service source: https://www.securityfocus.com/bid/30644/info Ruby is prone to multiple vulnerabilities that can be leveraged to bypass security restrictions or cause a denial of service: - Multiple security-bypass...

Ruby 1.9 dl - Module DL.dlopen Arbitrary Library Access

source: https://www.securityfocus.com/bid/30644/info Ruby is prone to multiple vulnerabilities that can be leveraged to bypass security restrictions or cause a denial of service: - Multiple security-bypass vulnerabilities occur because of errors in the 'safe level' restriction implementation...