Lucene search
K

20 matches found

NVD
NVD
added 2026/04/08 7:25 p.m.7 views

CVE-2026-34722

Zammad is a web based open source helpdesk/customer support system. Prior to 7.0.1 and 6.5.4, the used endpoint for ticket creation was missing authorization if the related parameter for adding links is used. This vulnerability is fixed in 7.0.1 and 6.5.4...

6.9CVSS0.00167EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/04/08 6:14 p.m.20 views

CVE-2026-34723 Zammad has incorrect access control in getting_started_controller

Zammad is a web based open source helpdesk/customer support system. Prior to 7.0.1 and 6.5.4, unauthenticated remote attackers were able to access the getting started endpoint to get access to sensitive internal entity data, even after the system setup was completed. This vulnerability is fixed i...

8.7CVSS0.00443EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/04/08 6:0 p.m.17 views

CVE-2026-34248 Zammad has an information disclosure in ticket detail view of customers in shared organizations

Zammad is a web based open source helpdesk/customer support system. Prior to 7.0.1, customers in shared organizations means they can see each other's tickets could see fields which are not intended for customers - including fields not intended for them at all e.g. priority, custom ticket attribut...

2.1CVSS0.00193EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/01/20 12:0 a.m.8 views

Oracle Health Sciences Applications security vulnerabilities

Oracle Health Sciences Applications is a clinical research and development solution developed by Oracle Corporation for the healthcare industry in the United States. The version 7.0.1.0 of Oracle Life Sciences Central Coding in Oracle Health Sciences Applications contains a security vulnerability...

6.5CVSS7.1AI score0.00187EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/10/23 3:13 p.m.5 views

CVE-2025-62006

Missing Authorization vulnerability in VeronaLabs WP SMS wp-sms.This issue affects WP SMS: from n/a through = 7.0.1...

5.4CVSS7AI score0.00254EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/22 3:31 p.m.4 views

EUVD-2025-35395

Missing Authorization vulnerability in VeronaLabs WP SMS wp-sms.This issue affects WP SMS: from n/a through = 7.0.1...

6.5AI score0.00254EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/10/22 2:32 p.m.10 views

CVE-2025-62006 WordPress WP SMS plugin <= 7.0.1 - Broken Access Control vulnerability

Missing Authorization vulnerability in VeronaLabs WP SMS wp-sms.This issue affects WP SMS: from n/a through = 7.0.1...

5.4CVSS0.00254EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/10/16 1:28 p.m.6 views

WordPress WP SMS plugin <= 7.0.1 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Denver Jackson in WordPress Plugin WP SMS versions = 7.0.1...

5.4CVSS7AI score0.00254EPSS
Exploits0Affected Software1
CNNVD
CNNVD
added 2024/11/15 12:0 a.m.4 views

OpenEMR 跨站脚本漏洞

OpenEMR is an open source medical management system from the OpenEMR community. The system can be used for medical practice management, electronic medical records, prescription writing, and medical billing requests. A cross-site scripting vulnerability exists in OpenEMR version 7.0.1. The...

8.1CVSS7.7AI score0.00372EPSS
Exploits1References2
CNNVD
CNNVD
added 2024/08/06 12:0 a.m.4 views

FFmpeg 安全漏洞

FFmpeg is a complete solution for recording, converting and streaming audio and video from the FFmpeg team. A buffer overflow vulnerability exists in FFmpeg version 7.0.1 and earlier versions, which originates from the pnmdecodeframe function in library/libavcodec/pnmdec.c that fails to correctly...

8.8CVSS8AI score0.01084EPSS
Exploits0References8
CNNVD
CNNVD
added 2024/04/09 12:0 a.m.4 views

WordPress Plugin WordPress Infinite Scroll 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

4.9CVSS8.2AI score0.00833EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2023/05/28 4:15 a.m.2 views

CVE-2023-2949

Cross-site Scripting XSS - Reflected in GitHub repository openemr/openemr prior to 7.0.1...

8.3CVSS6.8AI score0.01472EPSS
Exploits1References4
ATTACKERKB
ATTACKERKB
added 2023/05/27 10:15 p.m.3 views

CVE-2023-2943

Code Injection in GitHub repository openemr/openemr prior to 7.0.1...

8.8CVSS6.3AI score0.0062EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2023/05/27 12:0 a.m.5 views

PT-2023-5359 · Openemr · Openemr

Name of the Vulnerable Software and Affected Versions: OpenEMR versions prior to 7.0.1 Description: The issue is related to improper access control in the OpenEMR software, which can be exploited by a remote attacker to view, modify, and delete protected information. Recommendations: For versions...

6.3CVSS6AI score0.00447EPSS
Exploits1References7
CNNVD
CNNVD
added 2023/05/12 12:0 a.m.4 views

OpenEMR 访问控制错误漏洞

OpenEMR is an open source medical management system from the OpenEMR community. The system can be used for medical practice management, electronic medical records, prescription writing and medical billing requests. An Access Control Error vulnerability exists in OpenEMR versions prior to 7.0.1,...

8.8CVSS6.7AI score0.0061EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2022/08/26 12:15 a.m.5 views

CVE-2022-30984

A buffer overflow vulnerability in the Rubrik Backup Service RBS Agent for Linux or Unix-based systems in Rubrik CDM 7.0.1, 7.0.1-p1, 7.0.1-p2 or 7.0.1-p3 before CDM 7.0.2-p2 could allow a local attacker to obtain root privileges by sending a crafted message to the RBS agent...

7.8CVSS7.3AI score0.00209EPSS
Exploits0References3
CNNVD
CNNVD
added 2021/05/11 12:0 a.m.7 views

Siemens Mendix 安全漏洞

Siemens Mendix is a low-code application development platform from Siemens. The platform provides application development, testing, deployment, and iteration. A security vulnerability exists in Siemens Mendix. The vulnerability stems from the system's use of XML file upload table mappings that...

4.3CVSS5.2AI score0.00721EPSS
Exploits0References5
OSV
OSV
added 2020/08/10 1:15 p.m.3 views

CVE-2020-4541

IBM Jazz Reporting Service 7.0 and 7.0.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 183039...

6.1CVSS5.4AI score
Exploits0References2
CNVD
CNVD
added 2020/02/27 12:0 a.m.3 views

IBM Security Identity Manager Trust Management Issues Vulnerability

IBM Security Identity Manager ISIM is a suite of identity management and governance solutions from IBM in the United States. The solution automates the creation, modification, re-authentication and termination of user privileges throughout the user lifecycle and supports policy-based password...

9.8CVSS6.8AI score0.0128EPSS
Exploits0References1
OSV
OSV
added 2018/07/13 5:29 p.m.5 views

CVE-2018-1255

RSA Identity Lifecycle and Governance versions 7.0.1, 7.0.2 and 7.1.0 contains a reflected cross-site scripting vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability by tricking a victim application user to supply malicious HTML or JavaScript code to a...

6.1CVSS5.8AI score0.01304EPSS
Exploits0References2
Rows per page
Query Builder