383 matches found
GHSA-7MP4-25J8-HP5Q Sylius has a Promotion Usage Limit Bypass via Race Condition
Impact A Time-of-Check To Time-of-Use TOCTOU race condition was discovered in the promotion usage limit enforcement. The same class of vulnerability affects three independent limits: 1. Promotion usage limit - the global used counter on Promotion entities 2. Coupon usage limit - the global used...
CVE-2026-31824
Sylius is an Open Source eCommerce Framework on Symfony. A Time-of-Check To Time-of-Use TOCTOU race condition was discovered in the promotion usage limit enforcement. The same class of vulnerability affects the promotion usage limit the global used counter on Promotion entities, coupon usage limi...
CVE-2026-31824
Sylius is an Open Source eCommerce Framework on Symfony. A Time-of-Check To Time-of-Use TOCTOU race condition was discovered in the promotion usage limit enforcement. The same class of vulnerability affects the promotion usage limit the global used counter on Promotion entities, coupon usage limi...
CVE-2026-31824 Sylius has a Promotion Usage Limit Bypass via Race Condition
Sylius is an Open Source eCommerce Framework on Symfony. A Time-of-Check To Time-of-Use TOCTOU race condition was discovered in the promotion usage limit enforcement. The same class of vulnerability affects the promotion usage limit the global used counter on Promotion entities, coupon usage limi...
CVE-2026-31824 Sylius has a Promotion Usage Limit Bypass via Race Condition
Sylius is an Open Source eCommerce Framework on Symfony. A Time-of-Check To Time-of-Use TOCTOU race condition was discovered in the promotion usage limit enforcement. The same class of vulnerability affects the promotion usage limit the global used counter on Promotion entities, coupon usage limi...
CVE-2026-31824 Sylius has a Promotion Usage Limit Bypass via Race Condition
Sylius is an Open Source eCommerce Framework on Symfony. A Time-of-Check To Time-of-Use TOCTOU race condition was discovered in the promotion usage limit enforcement. The same class of vulnerability affects the promotion usage limit the global used counter on Promotion entities, coupon usage limi...
CVE-2026-31824
Sylius (Open Source eCommerce Framework on Symfony) disclosure describes a TOCTOU race in promotion usage limits. The vulnerability affects the global used counters on Promotion entities, PromotionCoupon entities, and per-customer coupon redemption counts. The root cause is reading in-memory coun...
PT-2026-24478
Name of the Vulnerable Software and Affected Versions Sylius versions 1.9.12, 1.10.16, 1.11.17, 1.12.23, 1.13.15, 1.14.18, 2.0.16, 2.1.12, and 2.2.3 and above Description Sylius, an Open Source eCommerce Framework on Symfony, contains a Time-of-Check To Time-of-Use TOCTOU race condition in the...
EUVD-2026-10354
Budibase is a low code platform for creating internal tools, workflows, and admin panels. This issue is a combination of Vertical Privilege Escalation and IDOR Insecure Direct Object Reference due to missing server-side RBAC checks in the /api/global/users endpoints. A Creator-level user, who...
CVE-2026-27012
OpenSTAManager is an open source management software for technical assistance and invoicing. In 2.9.8 and earlier, a privilege escalation and authentication bypass vulnerability in OpenSTAManager allows any attacker to arbitrarily change a user's group idgruppo by directly calling...
OpenSTAManager affected by unauthenticated privilege escalation via modules/utenti/actions.php
Summary A privilege escalation and authentication bypass vulnerability in OpenSTAManager allows any attacker to arbitrarily change a user's group idgruppo by directly calling modules/utenti/actions.php. This can promote an existing account e.g. agent into the Amministratori group as well as demot...
CVE-2025-11252
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Signum Technology Promotion and Training Inc. Windesk.Fm allows SQL Injection.This issue affects windesk.Fm: through 27022026. NOTE: The vendor was contacted early about this disclosure but did not...
CVE-2026-28219
Discourse is an open source discussion platform. Prior to versions 2025.12.2, 2026.1.1, and 2026.2.0, an improper authorization check in the topic management logic allows authenticated users to modify privileged attributes of their topics. By manipulating specific parameters in a PUT or POST...
CVE-2025-11252
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Signum Technology Promotion and Training Inc. Windesk.Fm allows SQL Injection. This issue affects windesk.Fm: before v2.3.4. NOTE: The vendor patched the vulnerability after the CVE was published...
PT-2026-22336
Name of the Vulnerable Software and Affected Versions Signum Technology Promotion and Training Inc. Windesk.Fm versions through 27022026 Description An issue exists in Windesk.Fm that allows for SQL Injection. The issue is due to improper neutralization of special elements used in an SQL command...
GO-2026-4515 Kargo has Missing Authorization Vulnerabilities in Approval & Promotion REST API Endpoints in github.com/akuity/kargo
Kargo has Missing Authorization Vulnerabilities in Approval & Promotion REST API Endpoints in github.com/akuity/kargo...
CVE-2026-27111
Kargo manages and automates the promotion of software artifacts. From v1.9.0 to v1.9.2, Kargo's authorization model includes a promote verb -- a non-standard Kubernetes "dolphin verb" -- that gates the ability to advance Freight through a promotion pipeline. This verb exists to separate the abili...
CVE-2026-27111 Kargo has Missing Authorization Vulnerabilities in Approval & Promotion REST API Endpoints
Kargo manages and automates the promotion of software artifacts. From v1.9.0 to v1.9.2, Kargo's authorization model includes a promote verb -- a non-standard Kubernetes "dolphin verb" -- that gates the ability to advance Freight through a promotion pipeline. This verb exists to separate the abili...
CVE-2026-27111 Kargo has Missing Authorization Vulnerabilities in Approval & Promotion REST API Endpoints
Kargo manages and automates the promotion of software artifacts. From v1.9.0 to v1.9.2, Kargo's authorization model includes a promote verb -- a non-standard Kubernetes "dolphin verb" -- that gates the ability to advance Freight through a promotion pipeline. This verb exists to separate the abili...
CVE-2026-27111
The CVE-2026-27111 issue affects Kargo v1.9.0–v1.9.2, where the REST API endpoints (/v1beta1/projects/{project}/freight/{freight}/approve, /v1beta1/projects/{project}/stages/{stage}/promotions, and /v1beta1/projects/{project}/stages/{stage}/promotions/downstream) fail to enforce the non-standard ...