14 matches found
CVE-2026-33996
creationtimestamp| type| source ---|---|--- 2026-03-28 02:20:34+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mi3l3mreog2i...
CVE-2026-33996
LibJWT (C, the JSON Web Token library) versions prior to 3.3.0 are affected by a NULL value handling bug in JWK parsing for RSA-PSS. In 3.0.0–3.2.x, the parser could misinterpret integers where strings were expected, potentially enabling malformed JWKs to affect parsing. The issue was fixed in 3....
CVE-2022-33996
Incorrect permission management in Devolutions Server before 2022.2 allows a new user with a preexisting username to inherit the permissions of that previous user...
CVE-2023-33996
creationtimestamp| type| source ---|---|--- 2024-12-13 16:59:24+00:00| seen| https://infosec.exchange/users/cve/statuses/113646578178688022...
CVE-2023-33996 WordPress Spam protection, AntiSpam, FireWall by CleanTalk plugin <= 6.10 - Broken Access Control vulnerability
Missing Authorization vulnerability in CleanTalk Inc Spam protection, AntiSpam, FireWall by CleanTalk cleantalk-spam-protect allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Spam protection, AntiSpam, FireWall by CleanTalk: from n/a through = 6.10...
CVE-2024-33996
Incorrect validation of allowed event types in a calendar web service made it possible for some users to create events with types/audiences they did not have permission to publish to...
CVE-2024-33996 moodle: broken access control when setting calendar event type
Incorrect validation of allowed event types in a calendar web service made it possible for some users to create events with types/audiences they did not have permission to publish to...
CVE-2024-33996 moodle: broken access control when setting calendar event type
Incorrect validation of allowed event types in a calendar web service made it possible for some users to create events with types/audiences they did not have permission to publish to...
CVE-2024-33996
CVE-2024-33996 relates to Moodle: the vulnerability stems from incorrect validation of allowed event types in the calendar web service. This weak validation can allow some users to create events with types or audiences they do not have permission to publish to, constituting a permission/ access-c...
CVE-2022-33996
creationtimestamp| type| source ---|---|--- 2022-07-07 16:15:27+00:00| seen| https://t.me/cibsecurity/45737...
CVE-2022-33996
Incorrect permission management in Devolutions Server before 2022.2 allows a new user with a preexisting username to inherit the permissions of that previous user...
CVE-2022-33996
Incorrect permission management in Devolutions Server before 2022.2 allows a new user with a preexisting username to inherit the permissions of that previous user...
CVE-2022-33996
Incorrect permission management in Devolutions Server before 2022.2 allows a new user with a preexisting username to inherit the permissions of that previous user...
CVE-2022-33996
CVE-2022-33996 affects Devolutions Server older than 2022.2. The issue is incorrect permission management where a new user with a preexisting username inherits the permissions of the previous user. Documented impact includes potential confidentiality, integrity, and availability concerns, with CV...