Security: metaredteam/external-disclosures
Security Advisories
View information about security vulnerabilities from this repository's maintainers.
-
RBAC Privilege Escalation via Opto22 Groov View APIGHSA-wvxp-wpwp-mmpw published
Nov 20, 2025 by ismai1337High -
Remote Code Execution via Opto22 Groov Manage REST APIGHSA-jq6g-ccmp-vccr published
Nov 20, 2025 by ismai1337Moderate -
Tenant Separation Bypass via Mantis Message Server APIGHSA-qqcp-xr8r-vqfw published
May 15, 2024 by mbhatt1Moderate -
Local File Inclusion via DelimitedFileConnector Cloud ConnectorGHSA-c7r3-6p5f-mj2c published
May 15, 2024 by mbhatt1Moderate -
Remote Code Execution via User Transform and IdentityProfile Preview APIsGHSA-7jwm-86gw-cm2w published
May 15, 2024 by mbhatt1Critical -
Android Zygote command injection allows code execution as any app via WRITE_SECURE_SETTINGS or Signed ConfigGHSA-x9q9-2r8c-hg2p published
Jun 3, 2024 by tchebbHigh -
Android packages.list newline injection allows run-as as any app from ADBGHSA-m7fh-f3w4-r6v2 published
Mar 4, 2024 by vladionescuHigh -
Multiple Android OEMs sign APEX modules with test keys, allowing full device takeover from ADB or privileged appsGHSA-wmcc-g67r-9962 published
Jan 30, 2024 by tchebbHigh -
SICAM A8000: RBAC Privilege Escalation via Path TraversalGHSA-vq5v-p23q-jfm5 published
Oct 10, 2023 by ryanehalHigh -
GCC's -fstack-protector fails to guard dynamic stack allocations on ARM64GHSA-x7ch-h5rf-w2mf published
Sep 12, 2023 by tchebbModerate