11 matches found
CVE-2026-55515
CVE-2026-55515 affects Snipe-IT prior to version 8.6.2. The unaccepted-assets report delete endpoint erroneously authorizes on a global ID: it allows a reports user in one company to delete pending CheckoutAcceptance records for another company by calling CheckoutAcceptance::pending()->find($a...
CVE-2026-54329
Snipe-IT is an IT asset/license management system. Prior to 8.6.2, the Accessories API create path mass-assigns request parameters to the Accessory model while companyid is mass assignable, allowing a low-privileged authenticated user in one company to create accessory records under another compa...
CVE-2026-55472
Snipe-IT is an IT asset/license management system. Prior to 8.6.2, when Full Multiple Companies Support and scopelocationsfmcs are enabled, the API location creation endpoint detects an invalid parent-child company mismatch but does not return immediately, allowing creation of a child location...
CVE-2026-55472
Snipe-IT (IT asset/license management) prior to version 8.6.2 permits creating a child location under a parent from a different company when Full Multiple Companies Support and scope_locations_fmcs are enabled. The API location creation endpoint detects an invalid parent-child company mismatch bu...
CVE-2026-55516
CVE-2026-55516 affects Snipe-IT prior to 8.6.2. A PATCH/PUT to /api/v1/maintenances/{maintenance_id} first validates access to the maintenance and asset, then accepts attacker-controlled asset_id, allowing an authorized user to re-parent a maintenance record to an asset outside their company scop...
EUVD-2026-42982
Snipe-IT is an IT asset/license management system. Prior to 8.6.2, the Accessories API create path mass-assigns request parameters to the Accessory model while companyid is mass assignable, allowing a low-privileged authenticated user in one company to create accessory records under another compa...
PT-2026-51642
Name of the Vulnerable Software and Affected Versions Snipe-IT affected versions not specified Description An authorization bypass exists in the BulkAssetsController::update function. The system accepts the company id variable directly from user input without utilizing the standard company-scopin...
CVE-2026-27687
Due to missing authorization check in SAP S/4HANA HCM Portugal and SAP ERP HCM Portugal, a user with high privileges could access sensitive data belonging to another company. This vulnerability has a high impact on confidentiality and does not affect integrity and availability...
SAP S/4 HANA 安全漏洞
SAP S/4 HANA is an intelligent, integrated ERP software for large enterprises from SAP, a German company. A security vulnerability exists in SAP S/4 HANA Private Cloud that stems from a lack of authorization checks and could lead to cross-company code reading sensitive data and modifying document...
CVE-2021-44838
An issue was discovered in Delta RM 1.2. Using the /risque/risque/ajax-details endpoint, with a POST request indicating the risk to access with the id parameter, it is possible for users to access risks of other companies...
A case study in industry collaboration: Poisoned RDP vulnerability disclosure and response
Earlier this year, I reached out to Check Point researcher Eyal Itkin, who had published multiple flaws in several Remote Desktop Protocol RDP clients, including a vulnerability in mstsc.exe, the built-in RDP client application in Windows. While there were no active exploits detected in the wild,...