Lucene search
+L

5 matches found

RedHat Linux
RedHat Linux
added 2026/05/04 2:31 p.m.10 views

aap-controller: aap-gateway: Account hijacking and unauthorized access via unverified email linking

A flaw was found in the AAP gateway. The user auto-link strategy, introduced in AAP 2.6, automatically links an external Identity Provider IDP identity to an existing AAP user account based on email matching without verifying email ownership. This allows a remote attacker to potentially hijack a...

8.3CVSS5.8AI score0.00397EPSS
Exploits0References4
CVE
CVE
added 2026/04/08 6:26 p.m.20 views

CVE-2026-35400

LORIS (Longitudinal Online Research and Imaging System) is affected from 20.0.0 up to but not including 27.0.3 and 28.0.1 by a publication module flaw that trusts the baseURL submitted via a user’s POST request instead of the internal LORIS value. This could allow an attacker with publication-mod...

4.3CVSS6AI score0.00201EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2023/02/03 12:0 a.m.11 views

PT-2023-19947 · Nextcloud +1 · Nextcloud Enterprise Server +2

Name of the Vulnerable Software and Affected Versions: Nextcloud Server versions prior to 25.0.1 Nextcloud Server versions prior to 24.0.8 Nextcloud Server versions prior to 23.0.12 Nextcloud Enterprise Server versions prior to 25.0.1 Nextcloud Enterprise Server versions prior to 24.0.8 Nextcloud...

8.8CVSS6.1AI score0.01373EPSS
Exploits3References25
CNVD
CNVD
added 2020/09/01 12:0 a.m.4 views

OX App Suite Access Control Bypass Vulnerability

Open-Xchange OX App Suite is a modular platform designed for telcos, hosting companies and vendors to provide a wide range of cloud-based services. An access control bypass vulnerability exists in OX App Suite 7.10.3 and earlier versions. The vulnerability stems from an incorrect permission check...

4.3CVSS6.8AI score0.00623EPSS
Exploits1References1
Opera Security Advisories
Opera Security Advisories
added 2007/10/16 12:0 a.m.11 views

External news readers and e-mail clients can be used to execute arbitrary code – Opera Security Advisories

External news readers and e-mail clients can be used to execute arbitrary code – Opera Security Advisories OPCOM Team | October 16, 2007 External news readers and e-mail clients can be used to execute arbitrary code. Severity: Highly Severe Affected Versions All versions of Opera for Desktop prio...

6.2AI score
Exploits0References1
Rows per page
Query Builder