82 matches found
MINI-CG65-79G6-M98P
Bulletin has no description...
CVE-2026-44776 Kavita: IDOR in /api/Download/*
Kavita is a cross platform reading server. Prior to 0.9.0, the download, size-check, and chapter metadata endpoints do not enforce library-level authorization. A low-privileged user who knows or guesses a chapterId, volumeId, or seriesId belonging to a library they are not assigned to can downloa...
CVE-2026-42883
Audiobookshelf is a self-hosted audiobook and podcast server. Prior to 2.32.2, the GET /api/libraries/:id/download endpoint validates that the requesting user has access to the library specified in the URL path, but fetches downloadable items solely by attacker-provided IDs without constraining...
CVE-2026-42883
Audiobookshelf is a self-hosted audiobook and podcast server. Prior to 2.32.2, the GET /api/libraries/:id/download endpoint validates that the requesting user has access to the library specified in the URL path, but fetches downloadable items solely by attacker-provided IDs without constraining...
CVE-2026-42884 Audiobookshelf: Collection endpoints bypass library access controls exposing restricted library data
Audiobookshelf is a self-hosted audiobook and podcast server. Prior to 2.32.2, the GET /api/collections and GET /api/collections/:id endpoints return collections from all libraries without checking whether the requesting user has access to each collection's library. An authenticated user with...
EUVD-2026-29207
Audiobookshelf is a self-hosted audiobook and podcast server. Prior to 2.32.2, the GET /api/collections and GET /api/collections/:id endpoints return collections from all libraries without checking whether the requesting user has access to each collection's library. An authenticated user with...
CVE-2026-42884 Audiobookshelf: Collection endpoints bypass library access controls exposing restricted library data
Audiobookshelf is a self-hosted audiobook and podcast server. Prior to 2.32.2, the GET /api/collections and GET /api/collections/:id endpoints return collections from all libraries without checking whether the requesting user has access to each collection's library. An authenticated user with...
CVE-2026-42884
Summary: Audiobookshelf (self-hosted server) prior to version 2.32.2 exposes collection data across libraries. The GET /api/collections and GET /api/collections/:id endpoints do not verify the requester’s library access, enabling an authenticated user with access to any library to enumerate and r...
CVE-2026-42883
Audiobookshelf is a self-hosted audiobook and podcast server. Prior to 2.32.2, the GET /api/libraries/:id/download endpoint validates that the requesting user has access to the library specified in the URL path, but fetches downloadable items solely by attacker-provided IDs without constraining...
CVE-2026-42883 Audiobookshelf: Cross-library file exfiltration via unscoped bulk download endpoint
Audiobookshelf is a self-hosted audiobook and podcast server. Prior to 2.32.2, the GET /api/libraries/:id/download endpoint validates that the requesting user has access to the library specified in the URL path, but fetches downloadable items solely by attacker-provided IDs without constraining...
CVE-2026-42883
Summary of CVE-2026-42883 (Audiobookshelf) Affected product: Audiobookshelf (self-hosted audiobook/podcast server) prior to version 2.32.2. Vulnerability: The GET /api/libraries/:id/download endpoint validates that the requester has access to the library in the URL path, but it fetches downloadab...
EUVD-2026-29206
Audiobookshelf is a self-hosted audiobook and podcast server. Prior to 2.32.2, the GET /api/libraries/:id/download endpoint validates that the requesting user has access to the library specified in the URL path, but fetches downloadable items solely by attacker-provided IDs without constraining...
MINI-M4XR-9QHC-39G7
Bulletin has no description...
Audiobookshelf 安全漏洞
Audiobookshelf is an open-source, self-hosted server for audio books and podcasts. Versions of Audiobookshelf prior to 2.32.2 contained security vulnerabilities. These vulnerabilities stemmed from the lack of checks on user access permissions to libraries, allowing authenticated users to enumerat...
UBUNTU-CVE-2026-44029
An issue was discovered in Nix before 2.34.7. Writing to arbitrary files can occur via "nix-prefetch-url --unpack" or "nix store prefetch-file --unpack" directory traversal. The fixed versions are 2.34.7, 2.33.6, 2.32.8, 2.31.5, 2.30.5, 2.29.4, and 2.28.7 introduced in 2.24.7;...
UBUNTU-CVE-2026-41525
KDE Dolphin before 25.12.3 allows applications in a Flatpak or with AppArmor confinement to open folders outside of the application sandbox without additional scrutiny. Dolphin's implementation of the FileManager1 protocol allows the path given to be any type of file, including scripts or...
CVE-2026-41457
OwnTone Server versions 28.4 through 29.0 contain a SQL injection vulnerability in DAAP query and filter handling that allows attackers to inject arbitrary SQL expressions by supplying malicious values through the query= and filter= parameters for integer-mapped DAAP fields. Attackers can exploit...
CVE-2026-41457 OwnTone Server < 29.1 SQL Injection via query and filter Parameters
OwnTone Server versions 28.4 through 29.0 contain a SQL injection vulnerability in DAAP query and filter handling that allows attackers to inject arbitrary SQL expressions by supplying malicious values through the query= and filter= parameters for integer-mapped DAAP fields. Attackers can exploit...
PT-2026-34239
OwnTone Server versions 28.4 through 29.0 contain a SQL injection vulnerability in DAAP query and filter handling that allows attackers to inject arbitrary SQL expressions by supplying malicious values through the query= and filter= parameters for integer-mapped DAAP fields. Attackers can exploit...
[SECURITY] Fedora 42 Update: apt-3.1.15-2.fc42
This package provides commandline tools for searching and managing as well as querying information about packages as a low-level access to all features of the libapt-pkg library. These include: apt-get for retrieval of packages and information about them from authenticated sources and for...