Incorrect Authorization

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Incorrect Authorization via the policy resolution process in the Google Chat and Zalouser extensions. An attacker can gain unauthorized interaction with bots by exploiting a flaw where...

EUVD-2021-14521

Malware in sbrugna...

EUVD-2017-1704

Malware in sbrugna...

CVE-2025-3462

ASUS DriverHub (pre‑1.0.6.0) contains an insufficient validation/origin-check vulnerability in HTTP handling that can let untrusted sources interact with driver features; some reports describe potential remote code execution via crafted HTTP requests and manipulated AsusSetup.ini during silent in...

CVE-2025-3462

"This issue is limited to motherboards and does not affect laptops, desktop computers, or other endpoints." An insufficient validation in ASUS DriverHub may allow unauthorized sources to interact with the software's features via crafted HTTP requests. Refer to the 'Security Update for ASUS...

CVE-2024-2013

CVE-2024-2013 describes an authentication bypass in the FOXMAN-UN/UNEM server and its APIGateway, enabling unauthenticated interaction with services and the post-authentication surface. The vulnerability is tracked in multiple feeds (NVD, Red Hat, CVE List, ICS advisories) with CVSS v3.1 metrics ...

Improper Access Control

Apache ActiveMQ is vulnerable to Improper Access Control. The vulnerability is due to a default configuration which does not secure the API web context, allowing unrestricted use of the Jolokia JMX REST API and the Message REST API. This vulnerability potentially enables anyone to interact with t...

CVE-2023-6951

A Use of Weak Credentials vulnerability affecting the Wi-Fi network generated by a set of DJI drones could allow a remote attacker to derive the WPA2 PSK key and authenticate without permission to the drone’s Wi- Fi network. This, in turn, allows the attacker to perform unauthorized interaction...

CVE-2023-6951

A Use of Weak Credentials vulnerability affecting the Wi-Fi network generated by a set of DJI drones could allow a remote attacker to derive the WPA2 PSK key and authenticate without permission to the drone’s Wi- Fi network. This, in turn, allows the attacker to perform unauthorized interaction...

CVE-2023-6951

A Use of Weak Credentials vulnerability affecting the Wi-Fi network generated by a set of DJI drones could allow a remote attacker to derive the WPA2 PSK key and authenticate without permission to the drone’s Wi- Fi network. This, in turn, allows the attacker to perform unauthorized interaction...

WordPress Plugin Security & Malware scan by CleanTalk Security Breach

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...

Improper access control

An improper Access Control vulnerability in Fortinet FortiPortal versions 4.0.0 and below allows an attacker to interact with unauthorized VDOMs or enumerate other ADOMs via another user's stolen session and CSRF tokens or the adomName parameter in the /fpc/sec/customer/policy/getAdomVersion...