Lucene search
K

33 matches found

EUVD
EUVD
added 2026/03/09 10:57 p.m.5 views

EUVD-2026-10433

OneUptime is a solution for monitoring and managing online services. Prior to 10.0.19, OneUptime's GitHub App callback trusts attacker-controlled state and installationid values and updates Project.gitHubAppInstallationId with isRoot: true without validating that the caller is authorized for the...

8.6CVSS5.8AI score0.00196EPSS
Exploits1References1
Snyk
Snyk
added 2026/03/09 5:29 p.m.4 views

Missing Authorization

Overview @oneuptime/common is a The OneUptime Common UI Library is a collection of shared components, utilities that are used across the OneUptime platform. It is designed to be easy to install and use, and to be extensible. This library is built with React and TypeScript. It includes c Affected...

10CVSS5.9AI score0.00196EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/09/03 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2025-53105

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GLPI, which stands for Gestionnaire Libre de Parc Informatique, is a Free Asset and IT Management Software package, that provides ITIL Service Desk features,...

7.5CVSS5AI score0.00332EPSS
Exploits0References2
NVD
NVD
added 2025/08/27 3:15 p.m.10 views

CVE-2025-53105

GLPI, which stands for Gestionnaire Libre de Parc Informatique, is a Free Asset and IT Management Software package, that provides ITIL Service Desk features, licenses tracking and software auditing. In versions 10.0.0 to before 10.0.19, a connected user without administration rights can change th...

7.5CVSS0.00332EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/08/27 2:40 p.m.1 views

CVE-2025-53105 GLPI permits unauthorized rules execution order

GLPI, which stands for Gestionnaire Libre de Parc Informatique, is a Free Asset and IT Management Software package, that provides ITIL Service Desk features, licenses tracking and software auditing. In versions 10.0.0 to before 10.0.19, a connected user without administration rights can change th...

7.5CVSS6.6AI score0.00332EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/08/27 2:40 p.m.9 views

CVE-2025-53105 GLPI permits unauthorized rules execution order

GLPI, which stands for Gestionnaire Libre de Parc Informatique, is a Free Asset and IT Management Software package, that provides ITIL Service Desk features, licenses tracking and software auditing. In versions 10.0.0 to before 10.0.19, a connected user without administration rights can change th...

7.5CVSS0.00332EPSS
Exploits0References2
CVE
CVE
added 2025/08/27 2:40 p.m.42 views

CVE-2025-53105

Technical details beyond what is in the initial document are not publicly available in the provided materials. Monitor for updates on affected versions (10.0.0–10.0.18) and patch 10.0.19.

7.5CVSS6.6AI score0.00332EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/08/27 12:0 a.m.13 views

GLPI 安全漏洞

GLPI is an open source IT and asset management software from GLPI Open Source. The software provides a full-featured IT resource management interface that you can use to build databases to fully manage IT computers, monitors, servers, printers, network devices, phones, and even toner and ink...

7.5CVSS4.8AI score0.00332EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/08/27 12:0 a.m.14 views

PT-2025-34874 · Glpi · Glpi

Name of the Vulnerable Software and Affected Versions: GLPI versions 10.0.0 through 10.0.18 Description: GLPI is a Free Asset and IT Management Software package that provides ITIL Service Desk features, licenses tracking and software auditing. A connected user without administration rights can...

7.5CVSS6.4AI score0.00332EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2025/08/19 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2025-53357

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GLPI, which stands for Gestionnaire Libre de Parc Informatique, is a Free Asset and IT Management Software package, that provides ITIL Service Desk features,...

5.4CVSS5AI score0.00176EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/19 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2025-53113

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GLPI, which stands for Gestionnaire Libre de Parc Informatique, is a Free Asset and IT Management Software package, that provides ITIL Service Desk features,...

2.7CVSS5.1AI score0.00228EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/19 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2025-53112

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GLPI is a Free Asset and IT Management Software package, that provides ITIL Service Desk features, licenses tracking and software auditing. In versions 9.1.0...

4.3CVSS4.9AI score0.00194EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/19 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2025-53111

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GLPI is a Free Asset and IT Management Software package. In versions 0.80 through 10.0.18, a lack of permission checks can result in unauthorized access to some...

6.5CVSS4.9AI score0.00256EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/19 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2025-52897

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GLPI is a Free Asset and IT Management Software package. In versions 9.1.0 through 10.0.18, an unauthenticated user can send a malicious link to attempt a...

6.5CVSS5AI score0.00214EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/19 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2025-53008

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GLPI stands for Gestionnaire Libre de Parc Informatique is a Free Asset and IT Management Software package, that provides ITIL Service Desk features, licenses...

6.5CVSS5AI score0.00256EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/08/02 8:23 p.m.4 views

CVE-2025-52897

GLPI is a Free Asset and IT Management Software package. In versions 9.1.0 through 10.0.18, an unauthenticated user can send a malicious link to attempt a phishing attack from the planning feature. This is fixed in version 10.0.19...

6.5CVSS6.3AI score0.00214EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/08/02 8:23 p.m.3 views

CVE-2025-53008

GLPI stands for Gestionnaire Libre de Parc Informatique is a Free Asset and IT Management Software package, that provides ITIL Service Desk features, licenses tracking and software auditing. In versions 9.3.1 through 10.0.19, a connected user can use a malicious payload to steal mail receiver...

6.5CVSS6.2AI score0.00256EPSS
Exploits0References1
OSV
OSV
added 2025/07/30 3:15 p.m.2 views

UBUNTU-CVE-2025-53112

GLPI is a Free Asset and IT Management Software package, that provides ITIL Service Desk features, licenses tracking and software auditing. In versions 9.1.0 through 10.0.18, a lack of permission checks can result in unauthorized removal of some specific resources. This is fixed in version 10.0.1...

4.3CVSS5.8AI score0.00194EPSS
Exploits0References3
OSV
OSV
added 2025/07/30 3:15 p.m.6 views

UBUNTU-CVE-2025-53111

GLPI is a Free Asset and IT Management Software package. In versions 0.80 through 10.0.18, a lack of permission checks can result in unauthorized access to some resources. This is fixed in version 10.0.19...

6.5CVSS5.8AI score0.00256EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/07/30 2:17 p.m.11 views

CVE-2025-53357 GLPI permits reservation modification by unauthorized users

GLPI, which stands for Gestionnaire Libre de Parc Informatique, is a Free Asset and IT Management Software package, that provides ITIL Service Desk features, licenses tracking and software auditing. In versions 0.78 through 10.0.18, a connected user can alter the reservations of another user. Thi...

5.4CVSS0.00176EPSS
Exploits0References1
Rows per page
Query Builder