4 matches found
CVE-2025-27213
An Improper Access Control could allow a malicious actor authenticated in the API of certain UniFi Connect devices to enable Android Debug Bridge ADB and make unsupported changes to the system. Affected Products: UniFi Connect EV Station Pro Version 1.5.18 and earlier UniFi Connect Display Versio...
VMware Patches Critical Vulnerability in Carbon Black App Control Product
VMware on Tuesday released patches to address a critical security vulnerability affecting its Carbon Black App Control product. Tracked as CVE-2023-20858 , the shortcoming carries a CVSS score of 9.1 out of a maximum of 10 and impacts App Control versions 8.7.x, 8.8.x, and 8.9.x. The virtualizati...
Growi vulnerable to improper access control
Overview GROWI provided by WESEEK, Inc. contains an improper access control vulnerability CWE-284. Kenta Yamamoto of Mitsui Bussan Secure Directions, Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership. Impact A us...
PT-2018-3480 · Google +2 · Go +2
Name of the Vulnerable Software and Affected Versions: Go versions prior to 1.10.6 Go versions 1.11.x prior to 1.11.3 Description: The crypto/x509 package of Go does not limit the amount of work performed for each chain verification, which might allow attackers to craft pathological inputs leadin...