246 matches found
CVE-2025-65594
OpenSIS 9.2 and below is vulnerable to Incorrect Access Control in Student.php, which allows an authenticated low-privilege user to perform unauthorized database write operations relating to the data of other users...
EUVD-2025-93390
Adobe Pass versions 3.7.3 and earlier are affected by an Incorrect Authorization vulnerability. An attacker could leverage this vulnerability to bypass security measures and gain unauthorized read and write access. Exploitation of this issue requires user interaction in that a victim must install...
CVE-2025-61830
Adobe Pass (Android SDK) versions 3.7.3 and earlier are affected by an Incorrect Authorization vulnerability that allows bypass of security controls to read/write data. Exploitation requires user interaction (victim installs a malicious SDK). The issue is discussed across multiple advisories (CVE...
Race Condition Enabling Link Following
Overview Affected versions of this package are vulnerable to Race Condition Enabling Link Following due to insufficient checks when bind-mounting /dev/pts/$n to /dev/console inside the container. An attacker can gain unauthorized write access to sensitive files within the container environment by...
CVE-2025-11340
Removed by vendor...
GitLab Enterprise Edition 安全漏洞
GitLab Enterprise Edition EE is a content management system from GitLab, Inc. in the United States. A security vulnerability exists in GitLab Enterprise Edition EE versions 18.3 through 18.3.4 and 18.4 through 18.4.2, which stems from an incorrect GraphQL mutation range that could cause an...
EUVD-2004-1187
Malware in sbrugna...
EUVD-2025-27384
Malicious code in bioql PyPI...
EUVD-2025-11908
Malicious code in bioql PyPI...
EUVD-2025-24449
Malicious code in bioql PyPI...
EUVD-2025-27382
Malicious code in bioql PyPI...
EUVD-2021-9996
Malicious code in bioql PyPI...
Samba does not validate the Validated-DNS-Host-Name right for the dNSHostName attribute which could permit unprivileged users to write it.
...
CVE-2025-54250
Adobe Experience Manager versions 6.5.23.0 and earlier are affected by an Improper Input Validation vulnerability that could result in a Security feature bypass. A high-privileged attacker could leverage this vulnerability to bypass security measures and gain unauthorized write access...
CVE-2025-54251
Adobe Experience Manager versions 6.5.23.0 and earlier are affected by an XML Injection vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to manipulate XML queries and gain limited unauthorized write access...
Adobe Experience Manager Input Validation Error Vulnerability (CNVD-2025-21165)
Adobe Experience Manager is a content management solution from Adobe designed to help organizations efficiently create, manage and deliver cross-channel content while integrating business solutions to enhance the customer experience. An input validation error vulnerability exists in Adobe...
Adobe Experience ManagerXML Entity Injection Vulnerability
Adobe Experience Manager is a content management solution from Adobe designed to help organizations efficiently create, manage and deliver cross-channel content while integrating business solutions to enhance the customer experience. An XML entity injection vulnerability exists in Adobe Experienc...
CVE-2025-54251
Adobe Experience Manager versions 6.5.23.0 and earlier are affected by an XML Injection vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to manipulate XML queries and gain limited unauthorized write access...
CVE-2025-54251
Adobe Experience Manager versions 6.5.23.0 and earlier are affected by an XML Injection vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to manipulate XML queries and gain limited unauthorized write access...
CVE-2025-54250
Adobe Experience Manager versions 6.5.23.0 and earlier are affected by an Improper Input Validation vulnerability that could result in a Security feature bypass. A high-privileged attacker could leverage this vulnerability to bypass security measures and gain unauthorized write access...