Lucene search
K

16 matches found

OSV
OSV
added last week5 views

CVE-2026-50007 Actual: Shared users can perform owner-only file management actions

Actual is an open-source personal finance application. Prior to 26.7.0, a missing authorization issue allows a shared user with useraccess on a budget file to perform owner-only file management actions. A non-owner shared user can call file-management endpoints intended for higher-privilege users...

7.2CVSS5.9AI score0.00246EPSS
Exploits0References7
CVE
CVE
added last week10 views

CVE-2026-50007

The CVE affects the open-source personal finance app “Actual.” Before version 26.7.0, a missing authorization flaw allows a non-owner shared user (with user_access on a budget file) to perform file-management actions that should be owner- or admin-only. Specifically, endpoints such as /delete-use...

7.2CVSS5.9AI score0.00246EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/04/07 2:51 p.m.20 views

CVE-2026-35488 Tandoor Recipes — CustomIsShared permits DELETE/PUT on RecipeBook by shared (read-only) users

Tandoor Recipes is an application for managing recipes, planning meals, and building shopping lists. Prior to 2.6.4, RecipeBookViewSet and RecipeBookEntryViewSet use CustomIsShared as an alternative permission class, but CustomIsShared.hasobjectpermission returns True for all HTTP methods —...

8.1CVSS0.00378EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2026/01/09 11:14 a.m.5 views

CVE-2016-10801

cPanel before 58.0.4 has improper session handling for shared users SEC-139...

8.8CVSS6.9AI score0.0114EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2016-1837

Malware in sbrugna...

8.1CVSS8.2AI score0.01444EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2019-5619

Malware in sbrugna...

4.3CVSS4.8AI score0.00633EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/22 4:29 a.m.11 views

CVE-2019-14413

cPanel before 78.0.2 allows certain file-write operations as shared users during connection resets SEC-476...

4.3CVSS7AI score0.00633EPSS
Exploits0References1
The Hacker News
The Hacker News
added 2020/02/19 2:23 p.m.5 views

Ring Makes 2-Factor Authentication Mandatory Following Recent Hacks

Smart doorbells and cameras bring a great sense of security to your home, especially when you're away, but even a thought that someone could be spying on you through the same surveillance system would shiver up your spine. Following several recent reports of hackers gaining access to people's...

5.9AI score
Exploits0
OSV
OSV
added 2019/08/07 1:15 p.m.3 views

CVE-2016-10801

cPanel before 58.0.4 has improper session handling for shared users SEC-139...

8.8CVSS5.8AI score0.0114EPSS
Exploits0References1
NVD
NVD
added 2019/08/07 1:15 p.m.18 views

CVE-2016-10801

cPanel before 58.0.4 has improper session handling for shared users SEC-139...

8.8CVSS8.8AI score0.0114EPSS
Exploits0References1
OSV
OSV
added 2019/08/01 4:15 p.m.5 views

CVE-2016-10843

cPanel before 11.54.0.4 allows code execution in the context of shared users via JSON-API SEC-76...

8.1CVSS6.1AI score0.01444EPSS
Exploits0References1
Prion
Prion
added 2019/08/01 4:15 p.m.15 views

Code injection

cPanel before 11.54.0.4 allows code execution in the context of shared users via JSON-API SEC-76...

5.5CVSS7.7AI score0.01444EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2019/07/30 3:15 p.m.26 views

CVE-2019-14413

cPanel before 78.0.2 allows certain file-write operations as shared users during connection resets SEC-476...

4.3CVSS4.7AI score0.00633EPSS
Exploits0References1
OSV
OSV
added 2019/07/30 3:15 p.m.3 views

CVE-2019-14413

cPanel before 78.0.2 allows certain file-write operations as shared users during connection resets SEC-476...

4.3CVSS5.8AI score0.00633EPSS
Exploits0References1
CVE
CVE
added 2019/07/30 2:19 p.m.47 views

CVE-2019-14413

CVE-2019-14413 affects cPanel prior to 78.0.2, where an input validation/permissions issue allows certain file-write operations as a shared user during connection resets (SEC-476). Documented by multiple sources (NVD, Red Hat, CNVD, CVE lists) confirms the vulnerability in the cPanel web-based pl...

4.3CVSS4.7AI score0.00633EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2019/07/30 2:19 p.m.28 views

CVE-2019-14413

cPanel before 78.0.2 allows certain file-write operations as shared users during connection resets SEC-476...

4.7AI score0.00633EPSS
Exploits0References1
Rows per page
Query Builder