Lucene search
K

4 matches found

CVE
CVE
added 2026/06/24 8:32 p.m.12 views

CVE-2026-52812

CVE-2026-52812 affects Gogs (open source self-hosted Git service) prior to 0.14.3. The vulnerability stems from a dedupe path in LFS storage: when an OID file already exists on disk, serveUpload bypasses hash verification and inserts a new per-repo binding (repo_id, oid) without confirming that t...

7.1CVSS5.9AI score0.00236EPSS
Exploits0References4
NVD
NVD
added 2026/06/20 4:17 p.m.13 views

CVE-2026-56319

Capgo before 12.128.2 contains an information disclosure vulnerability in the GET /statistics/app/:appid endpoint that allows app-limited API keys to distinguish existing sibling app IDs through differential error responses. Attackers can enumerate real app IDs outside their allowed scope by...

5.3CVSS0.00187EPSS
Exploits0References2
NVD
NVD
added 2026/06/15 8:16 p.m.10 views

CVE-2026-50875

Incorrect access control in the /form/webhooks/webhook endpoint of Deck9 Input v2.0.1 allows authenticated attackers to arbitrarily modify or delete another tenant's webhook via a crafted request...

8.1CVSS0.00282EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2014/04/01 12:0 a.m.5 views

PT-2014-3453

Name of the Vulnerable Software and Affected Versions OpenStack Neutron versions 2012.2 through 2013.2.2 Description The issue allows remote authenticated users to plug ports into the routers of arbitrary tenants via the device id in a port-create command, due to the l3-agent not checking the...

2.1CVSS6.1AI score0.01433EPSS
Exploits0References20
Rows per page
Query Builder