1799 matches found
Oracle Linux 8 : thunderbird (ELSA-2026-9345)
The remote Oracle Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2026-9345 advisory. 140.9.1-1.0.1 - Fix prefs for new nss Orabug: 37079820 - Add Oracle prefs file 140.9.1 - Add OpenELA debranding 140.9.1-1 - Update to 140.9.1 ESR Tenab...
thunderbird security update
140.9.1-1.0.1 - Add Oracle prefs 140.9.1-1 - Update to 140.9.1 ESR...
Understanding Password Preferences, Memorability, and Security through a Human-Centered Lens
Passwords remain the primary authentication method, yet user-created passwords are often the weakest due to the security-usability trade-off. Although AI-based password generators are emerging, little is known about their effectiveness and user perceptions. This eye-tracking study examined how...
CVE-2026-40486
Kimai is an open-source time tracking application. In versions 2.52.0 and below, the User Preferences API endpoint PATCH /api/users/id/preferences applies submitted preference values without checking the isEnabled flag on preference objects. Although the hourlyrate and internalrate fields are...
CVE-2026-40486
Kimai is an open-source time tracking application. In versions 2.52.0 and below, the User Preferences API endpoint PATCH /api/users/id/preferences applies submitted preference values without checking the isEnabled flag on preference objects. Although the hourlyrate and internalrate fields are...
CVE-2026-40486 Kimai's User Preferences API allows standard users to modify restricted attributes: hourly_rate, internal_rate
Kimai is an open-source time tracking application. In versions 2.52.0 and below, the User Preferences API endpoint PATCH /api/users/id/preferences applies submitted preference values without checking the isEnabled flag on preference objects. Although the hourlyrate and internalrate fields are...
CVE-2026-40486 Kimai's User Preferences API allows standard users to modify restricted attributes: hourly_rate, internal_rate
Kimai is an open-source time tracking application. In versions 2.52.0 and below, the User Preferences API endpoint PATCH /api/users/id/preferences applies submitted preference values without checking the isEnabled flag on preference objects. Although the hourlyrate and internalrate fields are...
CVE-2026-40486
Kimai is an open-source time tracking application. In versions 2.52.0 and below, the User Preferences API endpoint PATCH /api/users/id/preferences applies submitted preference values without checking the isEnabled flag on preference objects. Although the hourlyrate and internalrate fields are...
CVE-2026-40486
Kimai CVE-2026-40486 affects the User Preferences API. In versions
kimai 安全漏洞
Kimai is a web-based, multi-user time tracking application developed by Kimai’s individual developer. Versions of Kimai 2.52.0 and earlier contained security vulnerabilities. These vulnerabilities stemmed from the lack of checks on the isEnabled flag in the user preference settings API endpoint,...
Oracle Linux 9 : thunderbird (ELSA-2026-8459)
The remote Oracle Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2026-8459 advisory. 140.9.1-1.0.1 - Fix prefs for new nss Orabug: 37079813 - Add Oracle prefs 140.9.1 - Add OpenELA debranding 140.9.1-1 - Update to 140.9.1 ESR Tenable ha...
thunderbird security update
140.9.1-1.0.1 - Fix prefs for new nss Orabug: 37079813 - Add Oracle prefs 140.9.1 - Add OpenELA debranding 140.9.1-1 - Update to 140.9.1 ESR...
GHSA-QH43-XRJM-4GGP Kimai's User Preferences API allows standard users to modify restricted attributes: hourly_rate, internal_rate
Summary A Mass Assignment / Broken Object Property Level Authorization BOPA vulnerability in the User Preferences API allows any authenticated user even those with the lowest privileges to arbitrarily modify restricted financial attributes on their profile, specifically their hourlyrate and...
Kimai's User Preferences API allows standard users to modify restricted attributes: hourly_rate, internal_rate
Summary A Mass Assignment / Broken Object Property Level Authorization BOPA vulnerability in the User Preferences API allows any authenticated user even those with the lowest privileges to arbitrarily modify restricted financial attributes on their profile, specifically their hourlyrate and...
PT-2026-33218
Summary A Mass Assignment / Broken Object Property Level Authorization BOPA vulnerability in the User Preferences API allows any authenticated user even those with the lowest privileges to arbitrarily modify restricted financial attributes on their profile, specifically their hourly rate and...
firefox security update
140.9.1-1.0.1 - Fix firefox-oracle-default-prefs.js for new nss Orabug: 37079789 140.9.1 - Add debranding patches Mustafa Gezen - Add OpenELA default preferences Louis Abel 140.9.1-1 - Update to 140.9.1 ESR...
Oracle Linux 8 : firefox (ELSA-2026-8052)
The remote Oracle Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2026-8052 advisory. 140.9.1-1.0.1 - Fix firefox-oracle-default-prefs.js for new nss Orabug: 37079789 140.9.1 - Add debranding patches Mustafa Gezen - Add OpenELA default...
CVE-2019-25695
A flaw was found in R. This local buffer overflow vulnerability allows a local attacker to execute arbitrary code. By injecting malicious input into the GUI Preferences language field, an attacker can trigger the overflow, leading to the execution of arbitrary commands...
Oracle Linux 9 : firefox (ELSA-2026-7671)
The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-7671 advisory. 140.9.1-1.0.1 - Fix firefox-oracle-default-prefs.js for new nss Orabug: 37079773 - Add firefox-oracle-default-prefs.js and remove the corresponding Red...
firefox security update
140.9.1-1.0.1 - Fix firefox-oracle-default-prefs.js for new nss Orabug: 37079773 - Add firefox-oracle-default-prefs.js and remove the corresponding Red Hat file 140.9.1 - Add debranding patches Mustafa Gezen - Add OpenELA default preferences Louis Abel 140.9.1-1 - Update to 140.9.1 ESR...