Lucene search
K

88 matches found

CVE
CVE
added 4 days ago8 views

CVE-2026-14340

GitHub Enterprise Server (GitHub ES) suffers an incorrect authorization vulnerability (CVE-2026-14340) where a user-to-server token scoped to a GitHub App installation could perform write operations on public repositories outside the token’s scope. The root cause is an authorization check that on...

5.3CVSS5.8AI score0.00284EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/06/23 12:0 a.m.8 views

PT-2026-51628

Name of the Vulnerable Software and Affected Versions Gogs affected versions not specified Description Gogs contains an authorization bypass in its Git Smart HTTP handler for repository RPCs. The system determines the authorization policy based on the client-supplied service query parameter rathe...

7.1CVSS6AI score0.00427EPSS
Exploits0References9
NVD
NVD
added 2026/05/21 6:16 p.m.11 views

CVE-2026-48243

Open ISES Tickets before 3.44.2 embeds a hardcoded WhitePages reverse-phone API key in wp1.php that is committed to the public source repository. Any actor with read access to the source tree can extract the key and use it to make third-party API calls billed to or rate-limited against the origin...

6.9CVSS0.00224EPSS
Exploits0References3
NVD
NVD
added 2026/05/21 6:16 p.m.17 views

CVE-2026-48244

Open ISES Tickets before 3.44.2 embeds a hardcoded Google Maps API key in settings.inc.php that is committed to the public source repository. The key can be extracted by anyone with read access to the source and used to make Google Maps Platform requests billed against the original owner's Google...

6.9CVSS0.00224EPSS
Exploits0References3
NVD
NVD
added 2026/05/21 6:16 p.m.44 views

CVE-2026-48242

Open ISES Tickets before 3.44.2 contains hardcoded MySQL database connection credentials host, username, password, database name in importmdb.php. The credentials are embedded in source code committed to the public repository, allowing any reader of the source to obtain valid configuration values...

9.2CVSS0.00297EPSS
Exploits0References3
NVD
NVD
added 2026/05/21 6:16 p.m.17 views

CVE-2026-48245

Open ISES Tickets before 3.44.2 embeds a hardcoded Google Maps API key in tables.php that is committed to the public source repository. The key can be extracted by anyone with read access to the source and used to make Google Maps Platform requests billed against the original owner's Google Cloud...

6.9CVSS0.00224EPSS
Exploits0References3
CVE
CVE
added 2026/05/21 5:11 p.m.17 views

CVE-2026-48245

Open ISES Tickets before 3.44.2 contain a hardcoded Google Maps API key in tables.php that was committed to a public repository. The key can be read by anyone with repository access and used to incur Google Maps Platform charges on the owner’s Google Cloud project. Public remediation is available...

6.9CVSS5.8AI score0.00224EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/05/21 5:11 p.m.7 views

CVE-2026-48245

Open ISES Tickets before 3.44.2 embeds a hardcoded Google Maps API key in tables.php that is committed to the public source repository. The key can be extracted by anyone with read access to the source and used to make Google Maps Platform requests billed against the original owner's Google Cloud...

6.9CVSS5.8AI score0.00224EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/05/21 5:11 p.m.12 views

CVE-2026-48245 Open ISES Tickets < 3.44.2 Hardcoded Google Maps API Key in tables.php

Open ISES Tickets before 3.44.2 embeds a hardcoded Google Maps API key in tables.php that is committed to the public source repository. The key can be extracted by anyone with read access to the source and used to make Google Maps Platform requests billed against the original owner's Google Cloud...

6.9CVSS5.8AI score0.00224EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/05/21 5:11 p.m.42 views

CVE-2026-48245 Open ISES Tickets < 3.44.2 Hardcoded Google Maps API Key in tables.php

Open ISES Tickets before 3.44.2 embeds a hardcoded Google Maps API key in tables.php that is committed to the public source repository. The key can be extracted by anyone with read access to the source and used to make Google Maps Platform requests billed against the original owner's Google Cloud...

6.9CVSS0.00224EPSS
Exploits0References3
EUVD
EUVD
added 2026/05/21 5:11 p.m.13 views

EUVD-2026-31328

Open ISES Tickets before 3.44.2 embeds a hardcoded Google Maps API key in tables.php that is committed to the public source repository. The key can be extracted by anyone with read access to the source and used to make Google Maps Platform requests billed against the original owner's Google Cloud...

6.9CVSS5.8AI score0.00224EPSS
Exploits0References3
EUVD
EUVD
added 2026/05/21 5:11 p.m.14 views

EUVD-2026-31323

Open ISES Tickets before 3.44.2 embeds a hardcoded Google Maps API key in settings.inc.php that is committed to the public source repository. The key can be extracted by anyone with read access to the source and used to make Google Maps Platform requests billed against the original owner's Google...

6.9CVSS5.8AI score0.00224EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/05/21 5:11 p.m.8 views

CVE-2026-48244

Open ISES Tickets before 3.44.2 embeds a hardcoded Google Maps API key in settings.inc.php that is committed to the public source repository. The key can be extracted by anyone with read access to the source and used to make Google Maps Platform requests billed against the original owner's Google...

6.9CVSS5.8AI score0.00224EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/05/21 5:11 p.m.38 views

CVE-2026-48244 Open ISES Tickets < 3.44.2 Hardcoded Google Maps API Key in settings.inc.php

Open ISES Tickets before 3.44.2 embeds a hardcoded Google Maps API key in settings.inc.php that is committed to the public source repository. The key can be extracted by anyone with read access to the source and used to make Google Maps Platform requests billed against the original owner's Google...

6.9CVSS0.00224EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/05/21 5:11 p.m.10 views

CVE-2026-48244 Open ISES Tickets < 3.44.2 Hardcoded Google Maps API Key in settings.inc.php

Open ISES Tickets before 3.44.2 embeds a hardcoded Google Maps API key in settings.inc.php that is committed to the public source repository. The key can be extracted by anyone with read access to the source and used to make Google Maps Platform requests billed against the original owner's Google...

6.9CVSS5.8AI score0.00224EPSS
Exploits0References3
CVE
CVE
added 2026/05/21 5:11 p.m.21 views

CVE-2026-48244

Open ISES Tickets before 3.44.2 contains a hardcoded Google Maps API key in settings.inc.php committed to public source. The API key can be extracted by anyone with read access and used to make Google Maps Platform requests, resulting in billed usage against the original owner’s Google Cloud proj...

6.9CVSS5.8AI score0.00224EPSS
Exploits0References3
CVE
CVE
added 2026/05/21 5:11 p.m.19 views

CVE-2026-48243

Open ISES Tickets before 3.44.2 embeds a hardcoded WhitePages reverse-phone API key in wp1.php that is committed to the public source repository. Any actor with read access to the source tree can extract the key and use it to make third‑party API calls billed to or rate‑limited against the origin...

6.9CVSS5.8AI score0.00224EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/05/21 5:11 p.m.9 views

CVE-2026-48243 Open ISES Tickets < 3.44.2 Hardcoded WhitePages API Key in wp1.php

Open ISES Tickets before 3.44.2 embeds a hardcoded WhitePages reverse-phone API key in wp1.php that is committed to the public source repository. Any actor with read access to the source tree can extract the key and use it to make third-party API calls billed to or rate-limited against the origin...

6.9CVSS5.8AI score0.00224EPSS
Exploits0References3
EUVD
EUVD
added 2026/05/21 5:11 p.m.13 views

EUVD-2026-31325

Open ISES Tickets before 3.44.2 embeds a hardcoded WhitePages reverse-phone API key in wp1.php that is committed to the public source repository. Any actor with read access to the source tree can extract the key and use it to make third-party API calls billed to or rate-limited against the origin...

6.9CVSS5.8AI score0.00224EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/05/21 5:11 p.m.8 views

CVE-2026-48243

Open ISES Tickets before 3.44.2 embeds a hardcoded WhitePages reverse-phone API key in wp1.php that is committed to the public source repository. Any actor with read access to the source tree can extract the key and use it to make third-party API calls billed to or rate-limited against the origin...

6.9CVSS5.8AI score0.00224EPSS
Exploits0References4
Rows per page
Query Builder