CVE-2025-61748

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Libraries. Supported versions that are affected are Oracle Java SE: 21.0.8 and 25; Oracle GraalVM for JDK: 21.0.8; Oracle GraalVM Enterprise Edition: 21.3.15...

CVE-2025-10611 Potential Broken Access Control in Multiple WSO2 Products via System REST APIs

Due to an insufficient access control implementation in multiple WSO2 Products, authentication and authorization checks for certain REST APIs can be bypassed, allowing them to be invoked without proper validation. Successful exploitation of this vulnerability could lead to a malicious actor gaini...

EUVD-2009-4015

Malware in sbrugna...

CVE-2019-3424

authentication issues vulnerability, which exists in V2.1.14 and below versions of C520V21 smart camera devices. An attacker can automatically obtain access to web services from the authorized browser of the same computer and perform operations...

CVE-2013-2934

Citrix CloudPortal Services Manager aka Cortex 10.0 before Cumulative Update 3 does not properly restrict access to web services, which has unspecified impact and attack vectors, a different vulnerability than other CVEs listed in CTX137162...

CVE-2024-32735

An issue regarding missing authentication for certain utilities exists in CyberPower PowerPanel Enterprise prior to v2.8.3. An unauthenticated remote attacker can access the PDNU REST APIs, which may result in compromise of the application...

PT-2023-2480 · Oracle · Oracle Weblogic Server

Name of the Vulnerable Software and Affected Versions: Oracle WebLogic Server versions 12.2.1.3.0 through 14.1.1.0.0 Description: The issue allows an unauthenticated attacker with network access via HTTP to compromise Oracle WebLogic Server. Successful attacks can result in the unauthorized abili...

zrok

zrok - Secure internet sharing made simple !zrok logodocs/...

Apache Pulsar manager 安全漏洞

Apache Pulsar is the Apache Foundation for cloud environments , set of messages , storage , lightweight functional computing as one of the distributed message flow platform . The software supports multi-tenancy, persistent storage, multi-machine room cross-region data replication, with strong...

CVE-2019-3424

authentication issues vulnerability, which exists in V2.1.14 and below versions of C520V21 smart camera devices. An attacker can automatically obtain access to web services from the authorized browser of the same computer and perform operations...

Lenovo Smart Assistant Android app privilege acquisition vulnerability

Lenovo Smart Assistant Android app is an Android-based application for controlling Lenovo Smart Assistant smart speakers from Lenovo China. A security vulnerability exists in the Lenovo Smart Assistant Android app versions prior to 12.1.82. An attacker can use this vulnerability to enter factory...

MGASA-2015-0032 Updated moodle package fixes security vulnerabilities

Updated moodle package fixes security vulnerabilities: In Moodle before 2.6.7, absence of a capability check in AJAX backend script in the LTI module could allow any enrolled user to search the list of registered tools CVE-2015-0211. In Moodle before 2.6.7, the course summary on course request...