Lucene search
K

137 matches found

EUVD
EUVD
added 4 days ago6 views

EUVD-2026-42005

Broken object-level access controls and the use of a deterministic pattern during random ID generation in MicroRealEstate allows attackers to access documents uploaded by landlords or tenants without authorization. This issue affects MicroRealEstate: through 1.0.0-alpha3...

7.1CVSS6AI score0.00215EPSS
Exploits0References2
Cvelist
Cvelist
added 4 days ago30 views

CVE-2026-57869

Broken object-level access controls and the use of a deterministic pattern during random ID generation in MicroRealEstate allows attackers to access documents uploaded by landlords or tenants without authorization. This issue affects MicroRealEstate: through 1.0.0-alpha3...

7.1CVSS0.00215EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 4 days ago5 views

CVE-2026-57869

Broken object-level access controls and the use of a deterministic pattern during random ID generation in MicroRealEstate allows attackers to access documents uploaded by landlords or tenants without authorization. This issue affects MicroRealEstate: through 1.0.0-alpha3...

7.1CVSS6AI score0.00215EPSS
Exploits0References3
NVD
NVD
added 2026/06/28 12:17 p.m.9 views

CVE-2026-13490

A security vulnerability has been detected in glpi-project glpi 11.0.5/11.0.6/11.0.7. This affects the function Document::canViewFile of the file front/document.send.php of the component Document Handler. Such manipulation of the argument docid leads to authorization bypass. The attack can be...

6.3CVSS0.00309EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/06/05 7:20 p.m.12 views

CVE-2026-41649

Outline is a service that allows for collaborative documentation. The shares.create API endpoint starting in version 0.86.0 and prior to version 1.7.0 has an insecure direct object reference.. When both collectionId and documentId are provided in the request, the authorization logic only checks...

7.7CVSS5.5AI score0.00293EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:16 p.m.10 views

CVE-2026-42889

Relay adds real-time collaboration to Obsidian. Relay Server versions 0.9.0 through 0.9.6 contain an authentication bypass in the multi-document WebSocket endpoints. When authentication is configured, WebSocket connections without a token query parameter were incorrectly treated as having full...

9.1CVSS5.5AI score0.00366EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/14 3:31 p.m.9 views

CVE-2026-42593

Gotenberg is a Docker-powered stateless API for PDF files. Prior to 8.32.0, pdfengines/merge, pdfengines/split, libreoffice/convert, chromium/convert/url, chromium/convert/html, and chromium/convert/markdown accept stampSource=pdf + stampExpression=/path and watermarkSource=pdf +...

5.3CVSS5.8AI score0.00311EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichment
added 2026/05/12 7:30 p.m.12 views

CVE-2026-42889 Relay Server WebSocket authentication bypass when token is omitted

Relay adds real-time collaboration to Obsidian. Relay Server versions 0.9.0 through 0.9.6 contain an authentication bypass in the multi-document WebSocket endpoints. When authentication is configured, WebSocket connections without a token query parameter were incorrectly treated as having full...

9.1CVSS5.8AI score0.00366EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/04/28 8:11 p.m.3 views

CVE-2026-41649

Outline is a service that allows for collaborative documentation. The shares.create API endpoint starting in version 0.86.0 and prior to version 1.7.0 has an insecure direct object reference.. When both collectionId and documentId are provided in the request, the authorization logic only checks...

7.7CVSS5.3AI score0.00293EPSS
Exploits1References4Affected Software1
EUVD
EUVD
added 2026/04/28 8:11 p.m.12 views

EUVD-2026-26144

Outline is a service that allows for collaborative documentation. The shares.create API endpoint starting in version 0.86.0 and prior to version 1.7.0 has an insecure direct object reference.. When both collectionId and documentId are provided in the request, the authorization logic only checks...

7.7CVSS5.3AI score0.00293EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2026/04/28 12:0 a.m.8 views

PT-2026-35821

Name of the Vulnerable Software and Affected Versions Outline versions 0.86.0 through 1.6.9 Description An insecure direct object reference exists in the 'shares.create' API endpoint. When both collectionId and documentId are provided in a request, the authorization logic verifies access to the...

7.7CVSS5.8AI score0.00293EPSS
Exploits1References7
CVE
CVE
added 2026/04/08 6:23 p.m.11 views

CVE-2026-35165

CVE-2026-35165 affects LORIS (Longitudinal Online Research and Imaging System). From 21.0.0 up to just before 27.0.3 and 28.0.1, the document_repository frontend enforced access controls while the backend endpoint failed to verify permissions, allowing a user to potentially download a file they s...

6.5CVSS5.9AI score0.00165EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 2026/03/31 8:31 p.m.6 views

EUVD-2026-17622

Admidio is an open-source user management solution. From version 5.0.0 to before version 5.0.8, Admidio relies on admmyfiles/.htaccess to deny direct HTTP access to uploaded documents. The Docker image ships with AllowOverride None in the Apache configuration, which causes Apache to silently igno...

7.5CVSS5.7AI score0.00575EPSS
Exploits1References2
Cvelist
Cvelist
added 2026/03/31 8:31 p.m.28 views

CVE-2026-34381 Admidio: Unauthenticated Access to Role-Restricted documents via neutralized .htaccess

Admidio is an open-source user management solution. From version 5.0.0 to before version 5.0.8, Admidio relies on admmyfiles/.htaccess to deny direct HTTP access to uploaded documents. The Docker image ships with AllowOverride None in the Apache configuration, which causes Apache to silently igno...

7.5CVSS0.00575EPSS
Exploits1References2
EUVD
EUVD
added 2026/03/31 8:27 p.m.21 views

EUVD-2026-17636

PdfDing is a selfhosted PDF manager, viewer and editor offering a seamless user experience on multiple devices. Prior to version 1.7.1, checksharedaccessallowed validates only session existence — it does not check SharedPdf.inactive expiration / max views or SharedPdf.deleted. The Serve and...

6.5CVSS5.8AI score0.00295EPSS
Exploits1References3
Packet Storm News
Packet Storm News
added 2026/03/06 12:0 a.m.39 views

Improved Leakage Abuse Attacks in Searchable Symmetric Encryption with EBPF Monitoring

Searchable Symmetric Encryption SSE allows users to search over encrypted data stored on untrusted servers, like cloud providers. While SSE hides the content of queries and documents, it still leaks patterns, such as how often a query is made. These leakages have been shown to enable leakage abus...

5.8AI score
Exploits0
NVD
NVD
added 2026/02/25 7:43 p.m.11 views

CVE-2026-25929

OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0, the document controller’s patientpicture context serves the patient’s photo by document ID or patient ID without verifying that the current user is authorized to access...

6.5CVSS0.0026EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2026/02/25 6:46 p.m.5 views

CVE-2026-25929 OpenEMR Patient Picture Context Allows Arbitrary Patient Photo Retrieval

OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0, the document controller’s patientpicture context serves the patient’s photo by document ID or patient ID without verifying that the current user is authorized to access...

6.5CVSS5.5AI score0.0026EPSS
Exploits1References2
CVE
CVE
added 2026/02/25 6:43 p.m.15 views

CVE-2026-25927

OpenEMR before 8.0.0 exposes a DICOM viewer state API (upload/state save-load) that accepts a document ID (doc_id) without verifying ownership of the patient/encounter. An authenticated user can read or modify DICOM viewer state (e.g., annotations, view settings) by enumerating document IDs, lead...

7.1CVSS5.5AI score0.00204EPSS
Exploits1References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/02/25 6:22 p.m.4 views

CVE-2026-25164

OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0, the REST API route table in apis/routes/restroutesstandard.inc.php does not call RestConfig::requestauthorizationcheck for the document and insurance routes. Other...

8.1CVSS5.8AI score0.0026EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder