1672 matches found
PT-2026-51473
Name of the Vulnerable Software and Affected Versions OpenSSH affected versions not specified Description A flaw in OpenSSH allows a local unprivileged attacker on a Linux client host to hijack client-side X11 forwarding connections. This occurs when X11 forwarding is enabled and a local...
EUVD-2026-37929
setupBpmLogs follows symlink for bpm.log open and chown — container-to-host privilege escalation via /etc/shadow. A compromised process inside a bpm container can cause root to chown an arbitrary host file to vcap and append bpm JSON log lines to it. The chown alone lets the attacker take ownersh...
openssl: AES-OCB IV Ignored on EVP_Cipher() Path
A flaw was found in OpenSSL. Applications that use the AES-OCB encryption method with a specific one-shot interface EVPCipher will have their provided Initialization Vector IV silently discarded. This leads to the same internal cryptographic value being used repeatedly, which compromises the...
ROS-20260610-73-0014
The vulnerability of the IndexedDB component in browsers such as Mozilla Firefox, Firefox ESR, and the email client Thunderbird is related to the exposure of information. Exploiting this vulnerability can allow an attacker to compromise the confidentiality and accessibility of protected informati...
ROS-20260609-73-0001
The vulnerability of the IndexedDB component in browsers such as Mozilla Firefox, Firefox ESR, and the email client Thunderbird is related to the exposure of information. Exploiting this vulnerability can allow an attacker to compromise the confidentiality and accessibility of protected informati...
Admidio has IDOR in `documents-files.php` `mode=move_save` that lets any folder-uploader exfiltrate files from private folders
Summary modules/documents-files.php gates state-changing modes by checking that the actor has hasUploadRight on the URL parameter folderuuid. The movesave handler then operates on a separate URL parameter fileuuid and calls File::moveToFolder$destFolderUUID. File::moveToFolder checks the upload...
PT-2026-45041
Summary modules/documents-files.php gates state-changing modes by checking that the actor has hasUploadRight on the URL parameter folder uuid. The move save handler then operates on a separate URL parameter file uuid and calls File::moveToFolder$destFolderUUID. File::moveToFolder checks the uploa...
CVE-2026-40848
An low privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the tag view due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality...
CVE-2026-40848 Authenticated SQLi in tag view
An low privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the tag view due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality...
CVE-2026-40848 Authenticated SQLi in tag view
An low privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the tag view due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality...
CVE-2026-40842
The CVE-2026-40842 entry describes an unauthenticated SQL Injection in the getWidgetTags function, exploitable by a low-privilege remote attacker. The vulnerability arises from improper neutralization of certain elements in a SQL SELECT command, leading to a total loss of confidentiality. Related...
CVE-2026-40840 Authenticated SQLi in VerifyCreateLicences function
An low privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the VerifyCreateLicences function due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality...
CVE-2026-40831 Authenticated SQLi in Easy View
An low privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the Easy View due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality...
EUVD-2026-32130
A high privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the dsgvocontracts view due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality...
CVE-2026-40818 Unauthenticated SQLi in _mb24confi_getDevice function function
An unauthenticated remote attacker can exploit an unauthenticated SQL Injection vulnerability in the mb24configetDevice function due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality...
CVE-2026-40818
An unauthenticated SQL Injection exists in the _mb24confi_getDevice function due to improper neutralization of special elements in a SQL SELECT command. This vulnerability allows remote attackers to access confidential data, as indicated by a HIGH impact on confidentiality. The CVE entries do not...
MB Connect Line mbCONNECT24和MB Connect Line mymbCONNECT24 SQL注入漏洞
MB Connect Line mbCONNECT24 and MB Connect Line mymb CONNECT24 are products of the German company MB Connect Line. MB Connect Line mbCONNECT24 is a remote service portal. This product supports features such as remote access, data recording, and alerts. MB Connect Line mymb CONNECT24 is an interna...
PT-2026-43555
An unauthenticated remote attacker can exploit an unauthenticated SQL Injection vulnerability in the mb24api getUserAccount function due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality...
CVE-2026-7310
A heap-based buffer overflow vulnerability exists in XML parser functionality in the HiDraw. An authenticated malicious user with local access can exploit this vulnerability using a specially crafted XML file which may lead to memory corruption and potential arbitrary code execution. Successful...
Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15
A division-by-zero error on some AMD processors may potentially return speculative data, resulting in a loss of confidentiality...