Lucene search
K

4 matches found

CVE
CVE
added 2026/06/22 9:4 p.m.8 views

CVE-2026-56311

Capgo (before 12.128.2) contains an authorization bypass in public.get_current_plan_max_org RPC that allows unauthenticated access to arbitrary organization plan limits. An attacker can call the RPC with any organization UUID using only the public Supabase key to disclose billing information (MAU...

6.9CVSS6AI score0.00265EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/05 12:0 a.m.21 views

PT-2026-46987

Name of the Vulnerable Software and Affected Versions Omni affected versions not specified Description A TOCTOU Time-of-Check to Time-of-Use race condition exists in the SAML.getSession function within internal/pkg/auth/interceptor/saml.go. The system checks the Used flag of a SAMLAssertion...

7CVSS5.8AI score0.00018EPSS
Exploits0References6
Snyk
Snyk
added 2024/01/09 6:28 p.m.2 views

Allocation of Resources Without Limits or Throttling

Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling by processing JSON Web Encryption JWE tokens with a high compression ratio. An attacker can cause excessive memory allocation and processing time during decompression, leading to a...

6.8CVSS6.5AI score0.02868EPSS
Exploits0References2
securityvulns
securityvulns
added 2001/02/10 12:0 a.m.37 views

Authentication By-Pass Vulnerability in OpenSSH-2.3.1 (devel snapshot)

Please, check http://www.openssh.com/security.html for a full summary of security related issues in OpenSSH. ---------------------------------------------------------------------------- OpenBSD Security Advisory February 8, 2001 Authentication By-Pass Vulnerability in OpenSSH-2.3.1...

0.6AI score
Exploits0
Rows per page
Query Builder